India’s rapid adoption of enterprise artificial intelligence (AI) and machine learning (ML) tools is fueling serious data security concerns, according to the latest Zscaler ThreatLabz 2026 AI Security Report. The study analysed nearly one trillion AI/ML transactions tracked through Zscaler’s Zero Trust Exchange in 2025 and found that India emerged as the second-largest source of enterprise AI traffic globally, with over 82.3 billion transactions — up more than 300 % year-on-year. This massive growth reflects widespread AI usage across sectors but also highlights how quickly data exposure risks are rising alongside adoption.
One of the key issues the report flagged is data leakage tied to mainstream AI tools. As enterprises increasingly interact with services like ChatGPT and coding assistants such as Codeium, security systems have recorded a growing number of Data Loss Prevention (DLP) violations — including sensitive information like personal identifiers, national IDs, source code, and financial or medical data being inadvertently shared with external AI systems. ChatGPT alone was associated with hundreds of millions of DLP violations, illustrating how everyday AI usage can open up unintended exposure points when organizations lack clear boundaries on what data can be shared.
The scale of AI integration is outpacing many companies’ ability to govern and secure their deployments effectively. Many Indian enterprises use AI across departments and workflows before even cataloguing where models are deployed or what data they access — creating blind spots that leave critical information vulnerable. Although around 39 % of AI/ML transactions were subjected to security controls such as inspection or blocking policies, gaps in visibility and governance remain a major challenge as AI expands into core business functions.
Security experts stress that this trend underscores the need for stronger controls, better policies, and zero-trust architectures as AI becomes integral to enterprise operations. Without consistent oversight and clear data governance practices, AI systems — especially those embedded deeply into workflows — can expose organizations to both accidental leaks and targeted cyberattacks. India’s experience highlights how rapid innovation and growth in AI usage must be matched by stronger risk management and security postures to protect sensitive data.
