State of AI Usage Report 2026 (full report here) by LayerX Security reveals the extent of the enterprise AI visibility gap and why most organizations still don't understand where their AI exposure is actually coming from. The research shows that enterprise AI risk is not distributed evenly across users or platforms. Instead, it is heavily concentrated among a small group of AI power users and a handful of dominant AI platforms that drive the majority of enterprise AI activity and sensitive data exposure.
At the same time, AI usage is rapidly fragmenting across personal accounts, AI browser extensions, embedded copilots, AI connectors, and secondary AI tools operating outside traditional visibility and governance controls. The result is a fragmented AI ecosystem that most organizations still cannot fully see or govern.
While AI Is Everywhere in the Enterprise, Most Employees Are Casual
The common perception is that "everyone uses AI now". The report paints a much more nuanced picture. While nearly half of enterprise users interacted with AI tools over the past year, only 18% use AI on a weekly basis. This suggests that most employees remain casual users.
At first glance, that sounds like good news for security teams. Fewer users should mean lower risk. But the report found the opposite.
Enterprise AI activity is heavily concentrated among a very small group of employees. While half of the users had 12 AI conversations or fewer, the top 5% generated at least 144 conversations. These same users also engaged in much deeper interactions, averaging 18 prompts per conversation compared to the average of 2.
This creates a new class of "AI power users" that conduct far more conversations, interact across multiple AI platforms, and engage in significantly deeper prompt chains than average employees.
The result: AI risk is not distributed evenly across the organization. A relatively small group of users drives a disproportionate amount of enterprise AI exposure.
ChatGPT Is Still Dominating Enterprise AI Usage, But Copilot is Coming Closer
Despite the rapid growth of enterprise copilots, ChatGPT remains the dominant AI platform inside enterprises by a significant margin. It accounts for 36% of enterprise AI users and more than 55% of all AI conversations. That gap matters because it shows ChatGPT users are far more active than users of competing platforms.
Copilot M365 is growing quickly, reaching 29% adoption and nearly a quarter of enterprise AI conversations. The growth of Copilot also signals something important: enterprise AI usage is starting to split between governed enterprise-native AI and consumer-driven AI adoption. But beyond those two leaders, most AI platforms remain far behind despite the attention they receive.
While Copilot M365 usage is largely tied to corporate-managed Microsoft environments, where organizations typically maintain stronger visibility and governance controls, Gemini presents a very different risk profile. Most enterprise Gemini usage still happens through the regular consumer version, not Gemini Enterprise. In many cases, employees access it through personal accounts and unmanaged environments. That means organizations often have little visibility into how data is retained, whether prompts are used for model training, or how enterprise information is ultimately handled.
The implication is significant: not all enterprise AI adoption carries the same level of risk. The real governance challenge increasingly comes from consumer AI usage operating inside enterprise workflows under the appearance of legitimate productivity tools.
Shadow AI Is No Longer A Few Applications; It's a Long Tail of Under-the-Radar AI Apps
Most organizations still think about Shadow AI as employees using an unapproved chatbot. That definition is already outdated.
The LayerX research shows that enterprise AI usage is rapidly fragmenting across a growing ecosystem of AI tools, embedded assistants, AI browser extensions, AI search engines, coding copilots, and AI-powered SaaS features that often operate outside traditional visibility and governance controls.
Nearly 30% of enterprise users already use multiple AI platforms, while the top 5% interact with six or more AI applications. Employees are no longer relying on a single assistant for isolated tasks. They are combining multiple AI systems inside the same workflows, often switching between tools depending on the task, data type, or convenience.
This is what modern Shadow AI actually looks like. It's the growing long tail of AI tools that organizations struggle to see, track, or govern. In many cases, organizations may not even realize AI is being used at all, creating a far larger governance challenge than most organizations anticipate.
Enterprise AI Usage Is Far More Personal Than Organizations Realize
Most organizations assume that if employees use AI for work, they will naturally use corporate-managed AI environments. But that's not true.
Nearly half of all enterprise AI conversations happen through personal identities rather than corporate-managed accounts. What's even more concerning is that over 14% of conversations conducted with corporate identities are tied to personal AI licenses.
This creates a major governance blind spot, as when employees use personal AI accounts, organizations lose visibility into retention policies, auditability, model training exposure, and how enterprise data is ultimately handled. Sensitive company information can move into external AI ecosystems without centralized oversight or policy enforcement.
What makes this particularly surprising is that the divide is not just about identities. It is increasingly shaping platform selection itself.
Enterprise-focused platforms such as Copilot M365 and Gemini Enterprise are used primarily through corporate-managed accounts. Meanwhile, platforms like ChatGPT, Claude, and DeepSeek remain dominated by personal usage.
This means the enterprise AI problem is no longer just about AI applications. It is increasingly becoming a "personal AI" and governance problem.
Sensitive Data Flows Into All AI Platforms, With DeepSeek and ChatGPT The Worst Culprits
The report found that more than 6% of enterprise AI conversations already contain sensitive data. We categorized the sensitive data to find that personal data was the most common category by far, appearing in 5.81% of conversations, while financial and IT-related data appeared less frequently but still represented meaningful exposure.
DeepSeek showed the highest sensitive data exposure rate at 12.63% of conversations. ChatGPT followed at 8.38%. Copilot M365 showed a significantly lower exposure rate at 3.65%.
This suggests enterprise-integrated AI platforms may operate within more controlled governance environments, while consumer-oriented AI tools continue to see much riskier usage patterns.
The question is no longer whether employees will share sensitive data with AI systems. They already are. The real challenge is understanding where it happens, how often, and through which identities and platforms.
AI Extensions and Connectors Are Quietly Expanding the AI Risk Surface
The report also highlights two fast-growing AI channels that many organizations are barely tracking today: AI browser extensions and AI connectors.
About 15% of enterprise users already run at least one AI browser extension. Nearly 75% of these extensions request high or critical browser permissions. More than 16% already have known vulnerabilities.
At the same time, AI connectors are increasingly linking AI systems directly to enterprise applications like SharePoint, GitHub, Slack, Atlassian, and Google Workspace.
This means that AI systems are no longer limited to employees manually pasting information into chatbot windows. They are increasingly being granted persistent, programmatic access to enterprise systems, documents, collaboration platforms, and internal knowledge repositories. This fundamentally changes the nature of enterprise AI risk.
Turning Insight Into Action: The Path Forward for CISOs
The report makes one thing clear: traditional AI governance approaches are falling behind how employees actually use AI. It outlines a clear direction for security leaders:
- Identify and Monitor High-Risk AI Power Users: AI risk is highly concentrated among a small group of employees who rely heavily on AI across multiple platforms and expose significantly more sensitive data than average users. Treating all AI usage equally wastes resources and misses the highest-risk behavior.
- Stop Focusing Only on "Approved AI": The biggest visibility gap is the growing long tail of AI tools, embedded assistants, browser extensions, AI search engines, and connectors quietly spreading across the enterprise.
- Block Personal Account Usage as Active Shadow AI: Unmanaged personal AI accounts and personal AI licenses expose sensitive enterprise workflows to uncontrolled AI environments. Enforcing corporate AI identities and blocking personal account usage helps ensure that AI interactions, prompts, and data flows remain visible, governed, and protected under enterprise security controls.
- Shift From "Block or Allow" to Inline AI Guardrails: Blocking AI outright is no longer realistic, and an "allow-all" approach is equally risky. Organizations need inline guardrails that monitor prompts, uploads, responses, and AI-driven actions in real-time to prevent sensitive data exposure without disrupting productivity.
Download the full State of AI Usage report from here
