close
magnifying glass
Get Started
magnifying glass
chevron
Support Language
close
""
The AI Security Playbook
This playbook explores six core security challenges organizations face when adopting AI, along with proven, real-world strategies to address them.
chevron Get the eBook
Experience Netskope
Get Hands-on With the Netskope Platform
Here's your chance to experience the Netskope One single-cloud platform first-hand. Sign up for self-paced, hands-on labs, join us for monthly live product demos, take a free test drive of Netskope Private Access, or join us for a live, instructor-led workshops.
chevron Experience Netskope
A Leader in SSE. Now a Leader in Single-Vendor SASE.
Netskope is recognized as a Leader Furthest in Vision for both SSE and SASE Platforms
2X a Leader in the Gartner® Magic Quadrant for SASE Platforms
One unified platform built for your journey
chevron Get the report
""
Netskope One AI Security
Organizations need secure AI to move their business forward, but controls and guardrails must not require sacrifices in speed or user experience. Netskope can help you say yes to the AI advantage.
chevron Learn about Netskope One AI Security
""
Netskope One AI Security
Organizations need secure AI to move their business forward, but controls and guardrails must not require sacrifices in speed or user experience. Netskope can help you say yes to the AI advantage.
chevron Learn about Netskope One AI Security
Modern data loss prevention (DLP) for Dummies eBook
Modern Data Loss Prevention (DLP) for Dummies
Get tips and tricks for transitioning to a cloud-delivered DLP.
chevron Get the eBook
Modern SD-WAN for SASE Dummies Book
Modern SD-WAN for SASE Dummies
Stop playing catch up with your networking architecture
chevron Get the eBook
Understanding where the risk lies
Advanced Analytics transforms the way security operations teams apply data-driven insights to implement better policies. With Advanced Analytics, you can identify trends, zero in on areas of concern and use the data to take action.
chevron Get the brochure
2025-10-UZTNA-ebook
6 Reasons Universal ZTNA is a Smart Escape from VPN and NAC Chaos
Ditch the complexity of VPNs and NAC. Learn how Universal ZTNA secures every user and device with one consistent framework.
chevron Get the eBook
""
BDO Brings Together Networking and Security to Protect a Cloud-First, AI-Friendly Infrastructure
chevron Read the case study
Netskope GovCloud
Netskope achieves FedRAMP High Authorization
Choose Netskope GovCloud to accelerate your agency’s transformation.
chevron Learn about Netskope GovCloud
Netskope Technical Support
Netskope Technical Support
Our qualified support engineers are located worldwide and have diverse backgrounds in cloud security, networking, virtualization, content delivery, and software development, ensuring timely and quality technical assistance
chevron Technical Support
Netskope video
Netskope Training
Netskope training will help you become a cloud security expert. We are here to help you secure your digital transformation journey and make the most of your cloud, web, and private applications.
chevron Explore Netskope Training
""
Maximize your SASE ROI with Netskope Business Value Services
Start proving ROI. Netskope BVS is a complimentary consulting service that quantifies the financial and strategic impact of your SASE transformation.
chevron Request a consultation
Let's do great things together
""
Netskope’s partner-centric go-to-market strategy enables our partners to maximize their growth and profitability while transforming enterprise security.
chevron Netskope Partners

AI: 50% of Orgs Struggling to Comply with Data Protection Laws

Apr 01 2026
By Rich Beckett

The volume of data created and processed globally is ballooning, thanks in no small part to AI. And data handling and privacy legislation is growing in complexity. Combined, these factors make data governance an increasingly relevant, critical, and urgent requirement. Yet, thanks again to AI, the challenges of data governance have become more knotty than ever, and this urgent need is not being met.

Let’s start by defining our terms: Data governance is the framework for managing, protecting, and responsibly using data. It includes policies and processes to ensure data quality, security, and personal privacy, and is generally measured in compliance with legislation and regulation.

Now let’s recognise the scale of the AI data challenge: 73% of organizations report having deployed AI tools enterprise-wide, 96% use genAI apps, and 98% have users accessing applications that provide genAI-powered features (such as LinkedIn, Moveworks, or Lattice).  100 of AI models are built using data, ingesting and producing data. 

Today, half (50%) of organizations lack enforceable data protection policies for genAI apps. This simple insight into one dimension of responsible AI governance shows that even on a basic level, one in two organizations are unable to provably comply with the requirements of important data protection legislation such as GDPR. A reminder for anyone reading this who isn’t regularly kept up at night with this point: Fines for GDPR non-compliance can reach millions (or even billions) and the damage to brand trust can hurt more than the fine itself.  

Regulations, and penalties for non-compliance, provide the impetus to make the important updates to data governance processes, with focus required to gain visibility and control over the way AI changes their data interactions and use. 

Shadowy risks 

When AI systems scale, compliance concerns collide with security. More people adopting AI in their day-to-day work increases the risk of sensitive information being shared with public AI models. Customer records, proprietary IP, source code, and more are at risk. In fact, source code exposure is present in nearly 50% of AI-related policy violations, showing how easily assets can be compromised through seemingly minor actions, such as optimizing a piece of code in an LLM.

Shadow AI (the use of AI tools that are not officially managed by corporate oversight) is exacerbating the problem, leaving security teams with a data visibility gap. Nearly four in ten (39%) employees use free AI tools at work, according to IDC, with another 17% using AI tools they privately pay for, highlighting the prevalence of AI that isn’t centrally managed. 

The number of incidents of users sending sensitive data to AI apps has doubled in the past year, according to Netskope’s Cloud and Threat Report, with the average organization seeing 223 incidents per month. The urgency of the challenge is not being met with a similar urgency in constructing solutions. 68% of organizations rate their AI governance as only reactive or developing, and when looking into the capabilities of AI governance, the picture is even more stark: Just 7% have advanced governance over AI, with real-time enforcement capabilities.   

In fact, a third of organizations describe fragmented adoption, with multiple teams using AI independently with no shared framework, standards, or security policies. Their top regret? 38% wish they’d started governance before adoption scaled. AI is being deployed at scale but governed in draft.

Existing data governance protocols probably pre-date generative AI, and gaps can emerge if not updated. AI platforms often lack transparency around data storage and use, increasing exposure to regulatory and security risks, especially as shadow AI grows.

Where to focus governance efforts

The speed of AI tool adoption has left some organizations falling behind in policy creation and management. 31% of organizations rely on written policies and employee compliance as their primary enforcement method, basically an honor system, yet research from KPMG found that only half of U.S. workers believe their organizations even have policies for responsible AI use. It is clear that many employees are making their own decisions, either without, or without knowledge of, official guidance.

The best place to start is to establish clear, acceptable-use policies for AI and data. Set out what data can be used for AI training, which datasets are off-limits, what third-party AI tools are managed, and what approval processes apply.

Next, focus on gaining greater visibility over where data resides and how it interacts with AI to close compliance gaps. 

Say “yes” to secure innovation with AI

Granular policy enforcement should be the goal, rather than generalised blocking decisions because when security is seen to be overly draconian and obstructive users tend to find a way around it.  Focus on controlling what data is shared with AI, helping keep sensitive or regulated data secure. 

Look at AI governance as an integrated extension of existing data protection practices, extending existing zero trust principles and working to ensure you maintain a unified approach to your data security. This will avoid the duplication and administrative burdens of layering in point-products to address AI separately.  

Data risk in the AI era is multi-faceted, requiring total oversight of the data journey. Netskope discovers and classifies sensitive information across the entire lifecycle—from the ingestion phase for model training, to real-time prompts and responses. We provide deep visibility into shadow AI use and data flows, ensuring your organization only uses the data it needs. 

Crucially, we cover both pre- and post-production AI security, providing pre-deployment red teaming with automated adversarial simulations that harden private models against vulnerabilities before they go live. This ensures your intellectual property remains under your absolute control, compliant, and resilient against data exposure and model exploitation. 

AI must be secure, but protections must avoid hindering organizational speed and user experience. Netskope One AI Security provides a single solution to govern your AI ecosystem and protect your data, without trade-offs. It secures users and automated agents across public SaaS, private AI tools, and agentic workflows. Combining high-performance with context-aware zero trust controls, we enable organizations to move on from AI experimentation to unlock AI advantage.

Download our AI Security Playbook for a practical guide to securing AI end-to-end.

< Full Skope
Next Story >
< Back
Next >
author image
Rich Beckett
Rich Beckett is a Senior Product Marketing Manager at Netskope focused on lighting up the business value of SASE to customers across EMEA.
Rich Beckett is a Senior Product Marketing Manager at Netskope focused on lighting up the business value of SASE to customers across EMEA.
Read More
More Articles by Rich Beckett
Read full Bio
More articles

Related Articles

card shape
Full Skope

What changes when AI becomes part of regulated workflows?

By Rich Beckett
chevron Read the blog
card shape
Full Skope

AI and SaaS Will Make 2026 a Turning Point for Healthcare Security

By Damian Chung
chevron Read the blog
card shape
Full Skope

4 Security Considerations as AI Use Expands Across Teams

By Rich Beckett
chevron Read the blog
Show More
Connect with Netskope

Subscribe to the Netskope Blog

Sign up to receive a roundup of the latest Netskope content delivered directly in your inbox every month.
Subscribe now