Menlo Security’s 2025 Report Uncovers 68% Surge in “Shadow” Generative AI Usage in the Modern Enterprise

MOUNTAIN VIEW, Calif.--(BUSINESS WIRE)--Menlo Security, the pioneer of browser security, recently released its 2025 Report: How AI is Shaping the Modern Workspace. The report, based on telemetry data from hundreds of global organizations, uncovers a significant 50% spike in web traffic to generative AI (GenAI) sites and a corresponding surge in AI-driven cyber threats. With 10.53 billion visits to AI sites recorded in January 2025, the data highlights rapid adoption of GenAI and a growing wave of shadow AI usage and the associated risk of data leakage threatening modern enterprise security.

Key Findings from the 2025 Report:

• Explosive AI Growth: Web traffic to GenAI sites jumped 50%, from 7 billion visits in February 2024 to 10.53 billion in January 2025, with 80% of access happening via browsers.
• Shadow AI Risks: 68% of employees use free-tier AI tools like ChatGPT via personal accounts; with 57% inputting sensitive data. A staggering 155,005 copy and 313,120 paste attempts were logged in a single month, demonstrating how users, often unaware of the risks, are inadvertently exposing sensitive company information while simply trying to get their work done.
• Domain and App Proliferation: With over 6,500 GenAI domains and 3,000 apps observed, users have a plethora of options, but this explosion has also made it easier for scammers to trick people. For example, the technology enables the creation of fake websites that deliver ransomware.
• Regional Insights: The Americas led in overall AI traffic, while Asia-Pacific showed strong growth in GenAI adoption. In particular, 75% of organizations in China and 73% in India reported implementing GenAI. EMEA continues to lag behind, likely due to stricter regulatory environments.

“The numbers don’t lie; AI adoption is exploding and essential in the modern workspace. However, without clear governance, this rapid growth can create serious risks around data leakage,” said Devin Ertel, Chief Information Security Officer at Menlo Security. “Governance is about providing employees with safe, secure, and responsible ways to use GenAI, and ensuring that sensitive corporate data isn’t inadvertently exposed or lost. Our report highlights the need for organizations to move past fear and start enabling AI use responsibly, with the right guardrails in place.”

With the EU AI Act and other regulations looming, Menlo urges enterprises to adopt sanctioned AI tools, enforce stringent data loss prevention (DLP) policies, and eliminate shadow AI. As AI-driven threats proliferate, organizations must assume that BYOD and unmanaged devices are compromised, making true zero trust access to internal and SaaS applications more critical than ever. The Menlo Secure Cloud Browser, powered by HEAT Shield AI, provides comprehensive protection against these evolving threats.

The 2025 Report: How AI is Shaping the Modern Workspace is available here.

About Menlo Security

Menlo Security protects organizations from cyber threats that attack web browsers. Menlo Security’s patented Cloud-Browser Security Platform scales to provide comprehensive protection across enterprises of any size, without requiring endpoint software or impacting the end user-experience. Menlo Security is trusted by major global businesses, including Fortune 500 companies, eight of the ten largest global financial services institutions, and large governmental institutions. The company is backed by Vista Equity Partners, Neuberger Berman, General Catalyst, American Express Ventures, Ericsson Ventures, HSBC, and JPMorgan Chase. Menlo Security is headquartered in Mountain View, California. For more information, please visit www.menlosecurity.com.