Palo Alto Networks’ State of Generative AI report: on average, 10% of a company’s 66 GenAI apps.....

• 25 Jun 2025
• TM Team
• 0 Comments

Palo Alto Networks, the world's leading AI cybersecurity company, released its State of Generative AI 2025 report, which reveals that on average, 10% of a company’s 66 GenAI apps are high-risk. While AI growth offers significant productivity benefits, the report warns that unsanctioned usage, emerging threats, and a lack of governance have rapidly expanded the attack surface for organisations, particularly across India and the Asia-Pacific region.

India’s 2025 Union Budget demonstrates a strong commitment to advancing Artificial Intelligence (AI), with an allocation of Rs. 500 crores towards the Centre of Excellence in Artificial Intelligence for education. This underscores the country’s ambition to become one of the global leaders in the AI race. While AI is a groundbreaking and transformative technology, it is increasingly being weaponized by threat actors to launch faster, more sophisticated cyber attacks. In this evolving threat landscape, the only effective way to tackle AI-driven attacks is by using AI-driven security systems - essentially fighting AI with AI. This duality highlights the urgency for India to pair AI development with robust cybersecurity preparedness. 

“AI adoption offers transformative opportunities across both commercial and government sectors in the region. But as this report highlights, we are also seeing an expanding attack surface, particularly with the use of high-risk GenAI applications in critical infrastructure sectors,” said Tom Scully, Director and Principal Architect for Government and Critical Industries, Asia Pacific & Japan, at Palo Alto Networks. “Organisations must balance innovation with strong governance, adopting security architectures that account for AI’s unique risks. From shadow AI and data leakage to the more complex threats posed by agentic AI models. Proactive oversight and adaptive security controls are essential to ensuring that the benefits of AI are fully realised without compromising national security, public trust, or operational integrity.”

The 2025 State of GenAI report, based on traffic analysis from 7,051 global enterprise customers, provides an in-depth look into how enterprises are adopting GenAI and where they remain most vulnerable.

Key findings of the 2025 GenAI Security Report include:

• Rapid adoption rates: There’s been an 890% surge in Generative AI (GenAI) traffic in 2024. 
• In India: The top 3 most used GenAI apps by volume were Grammarly (32.56%), Microsoft Power Apps (19.98%), and Microsoft Copilot (16.37%)
• Risk posture: Globally on average, 10% of a company’s 66 GenAI apps are high-risk
• Exponential growth in GenAI adoption: Following the release of DeepSeek-R1 in January 2025, DeepSeek-related traffic alone spiked by 1,800% within two months.
• Rising data loss incidents: GenAI-related data loss prevention (DLP) incidents more than doubled over the course of 2025, now accounting for 14% of all data security incidents.
• Shadow AI emerges as a key risk: Unauthorised, unsanctioned GenAI use, termed “Shadow AI”, has created blind spots for IT and security teams, making it difficult to control sensitive data flows.
• Jailbreaking remains a top concern: Many high-risk AI models remain susceptible to jailbreak attacks that produce unsafe content, including offensive material and instructions for illegal activities.
• Industry-specific insights: Globally, technology and manufacturing sectors alone account for 39% of AI coding transactions, creating additional risk for industries that depend on proprietary IPs.

“India is one of GenAI’s biggest adopters and in a country where work happens in multiple languages, at massive scale, it’s no surprise that writing, coding, and conversational AI are leading use cases. But the pace of adoption has outstripped governance.” said Swapna Bapat, Vice President & Managing Director, India and SAARC, Palo Alto Networks. “Many organisations don’t realise just how much GenAI is already embedded in their daily workflows. The priority now isn’t whether to use these tools, it’s how to use AI to secure them without slowing people down.”

The report also offers best practice recommendations for businesses seeking to safely harness the potential of GenAI:

• Establish visibility and control: Gain comprehensive oversight of GenAI app usage, implement conditional access policies, and manage permissions at the user and group level.
• Safeguard sensitive data: Deploy real-time content inspection with centralised policy enforcement to detect and prevent unauthorised data exfiltration.
• Defend against AI-driven threats: Implement Zero Trust security architectures to mitigate modern cyberthreats, malware, and sophisticated AI-powered attacks.