Data sprawl across cloud and hybrid environments has now become a leading headache for security professionals, new research shows.
A third of UK organizations have seen data volumes grow by 30% or more over the past year, according to Proofpoint's latest Data Security Landscape report. Among enterprises with more than 10,000 employees, 41% manage more than a petabyte of data.
A third of UK organizations have seen data volumes grow by 30% or more over the past year, according to Proofpoint's latest Data Security Landscape report. Among enterprises with more than 10,000 employees, 41% manage more than a petabyte of data.
"These are staggering amounts that would have been hard to imagine even a few years ago — and understaffed security teams are struggling to keep up," researchers said.
More than half cited cloud and SaaS data sprawl as a top challenge, with 38% saying redundant or obsolete data poses a significant risk.
Proofpoint's own platform data reinforces this, showing that 27% of cloud storage is abandoned, consisting of unused data that inflates costs.
Data sprawl has big security implications
Financial issues related to data sprawl are only one part of the equation, however, with researchers warning that this widens the attack surface and puts enterprises at greater risk.
Over the last 12 months, 85% of organizations globally have experienced data loss, with a mean number of 11 incidents.
Notably, it’s staff that cause most problems, with 66% of organizations attributing their most significant data loss events to careless employees or third-party contractors.
31% cited compromised users and 33% malicious insiders, according to Proofpoint.
AI is now a major concern
Meanwhile, AI is causing serious problems, according to Proofpoint. Indeed, two-in-five organizations citing data loss via public or enterprise generative AI tools as a top concern
More than a third of respondents said they also worry about sensitive data being used in AI training.
With the advent of agentic AI, the situation has become worse, the study noted. More than a third (38%) said they saw unsupervised data access by agents as a critical threat, and 54% said they lack sufficient visibility and controls over generative AI tools.
"We’ve entered a new era of data security where insider threats, relentless data growth and AI-driven change are testing the limits of traditional defences,” said Ryan Kalember, chief strategy officer at Proofpoint. "Fragmented tools and limited visibility leave organizations exposed."
This summer, Tom van Aardt, chief data officer (CDO) advisor at consultancy firm BML, warned that data sprawl is only set to increase, thanks to regulations demanding greater transparency on where data resides, how it’s processed, and who has access.
“Ultimately, evolving regulations will force businesses to embed privacy-by-design and security-by-default principles into their data strategies, turning regulatory compliance from a checkbox exercise into a core operational discipline," he said.
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
-
Google wants to take hackers to courtNews You don't have a package waiting for you, it's a scam – and Google is fighting back
-
How cyber leaders can communicate with the boardIn-depth With the cost of cyber attacks clearer than ever before, how can CISOs use this data to convince boards that cybersecurity is worth the investment?
