AI in the Enterprise: 5 key findings of AI usage and threat trends

Artificial intelligence (AI) has rapidly shifted from buzz to business necessity over the past year—something Zscaler has seen firsthand while pioneering AI-powered solutions and tracking enterprise AI/ML activity in the world’s largest security cloud. Enterprises are increasingly adopting AI tools to enhance productivity, automate workflows, and accelerate decision-making. However, cybercriminals are leveraging the same technology to scale sophisticated attacks, from hyper-realistic deepfakes to advanced phishing schemes.

With AI fundamentally changing both how businesses operate and how cybercriminals attack, organizations must maintain a current and comprehensive understanding of the enterprise AI landscape. The just-released ThreatLabz 2025 AI Security Report examines the intersection of enterprise AI usage and security, drawing insights from 536.5 billion AI/ML transactions in the Zscaler Zero Trust Exchange.

The report reveals how enterprises worldwide and across industries are using and managing AI/ML tools, highlighting both their benefits and security concerns. It examines rising risks associated with AI, from cybercriminals weaponizing AI to the security implications of recent AI advancements like DeepSeek, while providing best practices for mitigating these risks.

5 key findings: AI usage and threat trends

The ThreatLabz research team analyzed activity from over 800 known AI/ML applications between February and December 2024. Here are the notable findings:

1. AI/ML usage surged exponentially: AI/ML transactions in the Zscaler cloud increased 36x (+3,464.6%) year-over-year, highlighting the explosive growth of enterprise AI adoption. The surge was fueled by ChatGPT, Microsoft Copilot, Grammarly, and other generative AI tools, which accounted for the majority of AI-related traffic from known applications.

Figure 1: Top AI applications by transaction volume

2. Enterprises blocked a large proportion of AI transactions: 59.9% of AI/ML transactions were blocked, signaling concerns over data security and the uncontrolled use of AI applications. As organizations work to establish AI governance frameworks, many are taking a cautious approach, restricting access to certain AI applications as they refine policies around data protection.

3. U.S. and India drive the most AI/ML traffic: The United States and India recorded the highest volume of AI/ML transactions in the Zscaler cloud, reflecting strong enterprise adoption and a growing focus on AI-driven innovation. Other top contributors include the United Kingdom, Germany, and Japan, each exhibiting different levels of AI/ML activity.

4. Finance & Insurance and Manufacturing dominate AI adoption: The Finance & Insurance (28.4%) and Manufacturing (21.6%) sectors generated the most AI/ML traffic. Following them, Technology, Healthcare, and Government are integrating AI at varying rates as they navigate the fine line between adoption and apprehension.

Figure 2: Industries driving the largest proportions of AI transactions

5. AI-driven cyber risks are escalating: Threat actors are leveraging AI to enhance phishing campaigns, automated attacks, and create realistic deepfake content. ThreatLabz researchers demonstrated how DeepSeek can be manipulated to quickly generate phishing pages that mimic trusted brands. Additionally, ThreatLabz uncovered a malware campaign in which attackers created a fake AI platform to exploit interest in AI and trick victims into downloading malicious software.

Securing AI and staving off AI threats with Zscaler

The ThreatLabz 2025 AI Security Report provides detailed guidance for enterprises looking to securely adopt AI while minimizing risks and stopping AI-powered cyberthreats.

Enterprises must rethink security strategies to account for new vulnerabilities, expanded attack surfaces, and AI-fueled cyberattacks. Traditional security approaches reliant on firewalls and VPNs are woefully insufficient against the speed and sophistication of AI-powered threats. Enterprises must adopt a zero trust approach, eliminating implicit trust, enforcing least-privilege access, and continuously verifying all AI interactions.

Zscaler’s zero trust architecture delivers Zero Trust Everywhere—securing user, workload, and IoT/OT communications—infused with comprehensive AI capabilities. Its AI models detect and disrupt advanced threats, blocking millions of attacks daily to enhance enterprise security outcomes and mitigate emerging risks.

The report details how to stop AI-powered threats with Zscaler, including:

• Zero trust architecture: Reduce the attack surface by hiding applications and IP addresses from attackers and enforcing least-privilege access.
• AI-powered cyberthreat protection: Detect and block AI-generated phishing campaigns, adversarial exploits, and AI-driven malware in real time.
• AI-powered data classification and DLP: Use AI-driven classification to detect and protect sensitive data across Zscaler’s Data Fabric.
• AI-powered app segmentation: Stop lateral movement within networks, ensuring attackers cannot easily escalate privileges or access critical systems.
• AI-powered breach prediction: Preempt potential breach scenarios using generative AI and multi-dimensional predictive models.
• Real-time AI insights: Employ predictive and generative AI for actionable insights that enhance security operations and digital performance.
• AI visibility: Get in-depth visibility into AI application trends and interactions through interactive dashboards.

Get the report

Download the ThreatLabz 2025 AI Security Report for additional data-driven insights and analysis of AI’s impact on cybersecurity, with expert guidance to help enterprises securely embrace AI and mitigate its risks.