.png)
Generative AI tools operate inside nearly every European workplace, embedded in meeting transcription services, writing assistants, coding copilots, and search features. Workers in the region pull these tools into daily routines that involve customer records, financial information, and proprietary code, and that volume of activity has produced a measurable pattern in where data exposure occurs. The Netskope Threat Labs Report: Europe 2026 documents this pattern across organizations in Europe over the past year.
Source: Netskope Threat Labs
Near-total adoption with shifting governance
AI usage spans about 99% of organizations in Europe, and the share of individual users actively interacting with AI applications has climbed from 35% to 65% over the past year. Direct interaction with chatbots and assistants tells only part of the story. Roughly 95% of users now touch applications that incorporate AI-powered features indirectly, and 89% interact with applications that rely on user data for training.
Companies in Europe have moved toward sanctioned environments. The share of users on personal AI accounts dropped from 79% to 43% during the same period, and the share on organization-managed AI solutions climbed from 28% to 72%. A countertrend complicates the picture. The percentage of users who switch between personal and enterprise accounts has grown from 7% to 15%, indicating that shadow AI activity continues even as governance programs mature.
Regulated data dominates exposure incidents
Data policy violations across AI and personal cloud applications concentrate on regulated information, which accounts for 59% of incidents. Source code follows at 15%, intellectual property at 13%, and passwords and API keys at 12%. The pattern points to compliance-sensitive material as the category most often pushed into AI tools or personal cloud accounts in ways that trigger data loss prevention rules.
ChatGPT leads, Claude jumps ahead of Gemini
The application mix in Europe diverges from global rankings. ChatGPT remains the most widely used AI service across the region, with Anthropic Claude holding second place ahead of Google Gemini. That ordering inverts the global pattern, where Gemini sits ahead of Claude. Mistral Le Chat, a French-developed assistant, also features in the regional mix.
Claude’s rise accelerated in September 2025, when its adoption curve steepened sharply and pushed it past Gemini. ChatGPT held its lead throughout the year, and Microsoft Copilot maintained steady usage.
Blocked applications reflect privacy concerns
Many organizations restrict specific AI applications they view as risky. Particular Audience leads the blocked list at 44%, followed by ZeroGPT at 37% and DeepSeek at 36%. The applications drawing blocks raise questions around data handling transparency, personalization mechanics, and visibility into how user data is processed and retained. In regulated sectors, blanket category blocks supplement individual app controls.
Attackers blend into trusted cloud services
Malware distribution in Europe leans on widely trusted cloud platforms. Attackers continue to host malicious payloads on services such as GitHub and Microsoft OneDrive, which carry reputational trust and often bypass URL-based filtering. The use of personal cloud applications inside corporate networks blurs the line between work and personal data flows, opening additional pathways for exposure when users move files between environments.
What the data points to
European organizations have built guardrails around AI in a year, moving most users from personal accounts into sanctioned platforms. The remaining work centers on three pressure points: the 15% of users who still switch between personal and enterprise accounts, the embedded AI features in everyday productivity tools that operate below the visibility threshold of many security programs, and the steady traffic of malicious files arriving through reputable cloud storage.
Netskope Threat Labs recommends pairing data loss prevention controls with application-specific governance, since regulated data violations occur across both AI services and personal cloud applications, and the boundary between the two categories grows thinner as AI capabilities ship inside every major productivity suite.
Download: The IT and security field guide to AI adoption
from Help Net Security https://ift.tt/WCUtg3p
0 comments:
Post a Comment