惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

H
Heimdal Security Blog
A
Arctic Wolf
K
Kaspersky official blog
V
Vulnerabilities – Threatpost
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Simon Willison's Weblog
Simon Willison's Weblog
L
LINUX DO - 热门话题
MongoDB | Blog
MongoDB | Blog
T
Threat Research - Cisco Blogs
D
Docker
爱范儿
爱范儿
T
Tenable Blog
C
Check Point Blog
B
Blog
C
Cisco Blogs
Vercel News
Vercel News
The Cloudflare Blog
T
Threatpost
NISL@THU
NISL@THU
T
Tor Project blog
V2EX - 技术
V2EX - 技术
P
Palo Alto Networks Blog
Application and Cybersecurity Blog
Application and Cybersecurity Blog
T
Tailwind CSS Blog
G
GRAHAM CLULEY
P
Privacy & Cybersecurity Law Blog
SecWiki News
SecWiki News
博客园 - 司徒正美
S
Security @ Cisco Blogs
GbyAI
GbyAI
S
Secure Thoughts
Microsoft Security Blog
Microsoft Security Blog
The Register - Security
The Register - Security
Recorded Future
Recorded Future
Cloudbric
Cloudbric
Webroot Blog
Webroot Blog
N
News and Events Feed by Topic
Y
Y Combinator Blog
博客园_首页
T
Troy Hunt's Blog
The Hacker News
The Hacker News
雷峰网
雷峰网
Google DeepMind News
Google DeepMind News
U
Unit 42
AWS News Blog
AWS News Blog
PCI Perspectives
PCI Perspectives
V
Visual Studio Blog
博客园 - 聂微东
有赞技术团队
有赞技术团队
酷 壳 – CoolShell
酷 壳 – CoolShell

Cloud Security Alliance

SearchLeak: Copilot Data Exfiltration Exploited | CSA Zero-Trust AI Governance for Multi-Agent Systems | CSA Dangling CNAMEs: Hidden Cloud Risk | CSA Agentic Payments in Financial Services | CSA Mythos and the Future of Cybersecurity | CSA AI-Driven Cloud Risk: Defenders Lose Ground | CSA Financial Services Industry Shifts from AI Adoption to | CSA CSAI Foundation Announces RiskRubric V2 as the Next Key | CSA RiskRubric Updates: AI Risk Assessment | CSA Over 80% of Organizations that Miss 24-Hour Patch Window Report | CSA ORCHIDEAS & MAESTRO: Secure AI Design | CSA Top 6 Claude Security Risks to Watch | CSA Cloud Cost Optimization in 2026 | CSA HIPAA Rule Overhaul in 2026 | CSA AI-Driven Exploits Outsmart Detection | CSA MCP Risks CISOs Should Prepare For | CSA AI Governance for Trust and Compliance | CSA MTTP: Patch Cycles Too Slow | CSA Cloud Security Evolution: Security Teams Lead | CSA Misconfigurations Break Customer Trust in Apps | CSA Taming Shadow AI: C-Suite Strategies | CSA Agentic AI Threats: Five Powers | CSA AIUC-1: Agentic AI Governance | CSA 2026 Threat Report for CISOs | CSA Securing AI in AWS: Runtime Detection & Response | CSA SLMs, LLMs, and the DSPM Difference | CSA OT Security Timeline: Mythos and Patch Pace | CSA Blast Radius and Cloud Threat Detection | CSA State of AI Cybersecurity 2026: 92% Concerned | CSA AI in MDR for Franchise & Multi-Location Ops | CSA AI Regulation: Identity and Authorization Gap | CSA MITRE ATT&CK for Cloud: Detection Coverage Guide | CSA Shadow AI Agents: The Insider Threat | CSA Medical Device Breaches Reveal Cloud Security Gaps | CSA AISMM: AI Security Maturity Model for Cloud | CSA Globee® Awards for Artificial Intelligence (AI) Honors Cloud | CSA Patching Smarter for Mythos Security | CSA SDP v3: Identity-First Zero Trust for AI | CSA AI-Ready Security Documents Beyond STIX, OSCAL, and SARIF | CSA Penetration Testing for ISO 42001 & Trust | CSA AI Agent Posture: Data-First Security Guardrails | CSA AI Agents Go Beyond Output: Enterprise Security | CSA AI Agent Security Starts with Scope Control | CSA Identity Spoofing vs. Identity Abuse | CSA AARM: Securing the Agentic Runtime | CSA Securing the Agentic Control Plane | CSA CSAI Foundation Announces Key Milestones to Secure the Agentic | CSA Catastrophic AI Risk Controls | CSA Cloud to AI: Building Secure Programs | CSA Identity in AI Era: Zero Trust's First Pillar | CSA SDLC Visibility: Securing Multi-Cloud Development Lifecycles | CSA Cloud Risk: Top 3 Threats & AI Tools | CSA AI Agent Identity Is Solved Backwards | CSA 8 Truths About Cloud Privilege Risk | CSA AI Governance: Mature Programs | CSA Agent Access Management: Data-First Security | CSA Glasswing: AI-Driven Security for Safer Software | CSA Runtime Security: Detection & Real-Time Cloud | CSA Identity as the OS for AI Security | CSA Cloud Misconfigurations Drive Attacks at Scale | CSA Sensing AI Behavior with the WBSC Probe Library | CSA An Actionable Guide to GDPR Compliance for Startups | CSA Cloud Security LIVE 2026: AI Risk & Trust | CSA Shadow AI Agents: Enterprise Governance | CSA Rethinking Non-Human Identity Security | CSA New Cloud Security Alliance Survey Reveals 82% of Enterprises Have Unknown AI Agents in Their Environments More Than Half of Organizations Experience AI Agent Scope | CSA SANS Institute, Cloud Security Alliance, [un]prompted, and OWASP | CSA AI Agents Are Talking: Are You Listening? | CSA Software Supply Chain Security Needs an Upgrade Choosing the Right AI Standard: 7-Point Guide | CSA Audience-Driven Authorization for AI Agents | CSA A CISO's Guide to Cloud Security Architecture | CSA Who’s Behind That Action? The AI Agent Identity Crisis SSCF Adoption for SaaS Security | CSA Mythos and the Vulnpocalypse: Cloud Defenses | CSA AI Security Risks and Data Visibility | CSA From Compliance to Credibility with CAIQ/CCM | CSA The State of Cybersecurity in the Finance Sector: Six Trends to Watch EU AI Act Compliance with prEN 18286 & ISO 42001 | CSA AI Security in the Cloud: Exposure Management | CSA Rethinking Incident Response as Engineering System | CSA Defense Depends on the Creator: AI Security | CSA ATF: Zero Trust for AI Agents | CSA Cybersecurity Needs a New Data Architecture | CSA CSA STAR v4.1 Updates for Cloud Security | CSA SC Media Names Cloud Security Alliance’s Trusted AI Safety | CSA Exposed AWS Key Leads to Full Account Takeover | CSA Post-Quantum Cloud Migration for CSA Members | CSA AI Identity Security Compliance Checklist | CSA The Agentic Trust Deficit: MCP's Authentication Vacuum | CSA More Than Two-Thirds of Organizations Cannot Clearly Distinguish | CSA AI Cybersecurity 2026: Insights from 1,500 Leaders | CSA Three-Body Security: Data, AI & Identity | CSA IAM as Safety for AI-Controlled Systems | CSA Kubernetes Cost Savings and Security Debt | CSA Code to Cloud Security: Unified Exposure Management | CSA Retail Misconfigurations Attackers Exploit | CSA Rethinking Authorization for the Age of Agentic AI | CSA Enterprise AI: Guardrails to Governance | CSA
Unstructured Data Surges as Enterprises Struggle to Maintain | CSA
2026-03-30 · via Cloud Security Alliance

Despite growing awareness of unstructured data risks, many organizations lag in scalable security as cloud, AI, and automation deployments accelerate

SEATTLE – March 31, 2026 – The Rise in Unstructured Data and AI Security Risks, a new survey report from the Cloud Security Alliance (CSA), the world’s leading not-for-profit organization committed to AI, cloud, and Zero Trust cybersecurity education, has revealed that traditional security and governance practices are straining to keep pace with the rampant growth of unstructured data. The survey, commissioned by Thales, the leading global technology and security provider, found that while three-quarters of organizations are confident in their ability to secure unstructured data, more than two-thirds (68%) report that less than 80% of their unstructured data is protected—a security gap exacerbated by limited visibility and distributed environments. 

Unstructured data is a prime target for breaches and cyberattacks because it often contains sensitive information yet remains difficult to track, govern, and secure at scale. The survey highlights strong concern among executives and IT professionals about gaining visibility into this unstructured (and potentially sensitive) data—often buried in documents, emails, chats, images, and other free-form files—where critical assets such as personally identifiable information (PII), financial records, intellectual property, and legal documents are housed. Scattered, inconsistently labeled, and difficult to monitor, unstructured data presents a high-value opportunity for attackers seeking credentials, confidential business plans, trade secrets, payment data, and other exploitable assets.

“The explosive growth of unstructured data—estimated by Gartner to account for between 70% and 90% of enterprise data—has become a defining characteristic of modern organizations. While it enables significant operational value, it also introduces substantial security risk. What is clear from this study is that as unstructured data continues to expand and spread across environments, many organizations are struggling to keep pace with the visibility, governance, and protections needed to manage it securely,” said Hillary Baron, AVP of Research, Cloud Security Alliance.

Among the survey’s key findings:

  • Unstructured data is fueling enterprise data growth. Organizations reported that unstructured data accounted for approximately 33% of enterprise data, with semi-structured data making up an additional 21%. Additionally, nearly a third (29%) stated that unstructured data accounted for more than half of their annual data growth. 
  • Persistent gaps in visibility, classification, and sensitive data awareness undermine unstructured data security. More than half (56%) of those surveyed indicated they have only partial visibility into where their data is stored. Despite listing security (74%), governance (57%), privacy (54%), and compliance (50%) as top concerns, companies are struggling to execute foundational controls such as sensitive data protection, access monitoring, and classification scanning.
  • Organizations are overestimating their ability to secure unstructured data. Seventy-five percent of organizations expressed confidence in their ability to secure unstructured data, even as 68% reported that a significant portion of their unstructured data remains unprotected. Still another 10% are unsure of their actual coverage. 
  • Fragmented tools, manual processes, and shared ownership limit scalability. Nearly one-third (32%) of organizations use 11 or more tools to manage their unstructured data, and of those, 12% rely on at least 21 tools. This tool sprawl also extends to the types of tools in use: data encryption (62%), cloud security (60%), application security (59%), and identity and access management (56%) are among the most popular.
  • Artificial intelligence amplifies existing security blind spots. Organizations view AI as both a top future threat (47%) and a core security capability (40%) for unstructured data. While many said they plan to rely on AI for detection, classification, and automation, foundational gaps remain. Only 9% of organizations reported having real-time scanning capabilities, and 23% can’t scan at all, raising concerns that AI may amplify existing blind spots rather than improving security outcomes.

”As the CSA research highlights, today's organizations are generating and sharing unstructured data at a pace that traditional tools and governance models were never designed to handle. This puts them at a critical point of failure, where inconsistent and manual approaches can no longer keep up with the volume, velocity, and distribution of data across cloud, collaboration platforms, and AI-driven environments. Without addressing these gaps, AI, automation, and emerging technologies like post-quantum cryptography will only increase exposure. Establishing a unified, scalable approach to securing unstructured data is now an operational imperative,” said Todd Moore, Vice President, Thales Data Security. 

The survey and report were commissioned to better understand the industry’s knowledge, attitudes, and opinions regarding unstructured data, its security and challenges. Thales financed the project and co-developed the questionnaire with CSA research analysts. The survey was conducted online by CSA in November 2025 and received 210 responses from IT and security professionals from organizations of various sizes and locations. CSA’s research analysts performed the data analysis and interpretation for this report.

Download The Rise in Unstructured Data and AI Security Risks.

About Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world’s leading not-for-profit organization committed to awareness, practical implementation, and credentialing of forward-looking cybersecurity topics, including AI, cloud, and Zero Trust. In an era where digital transformation drives business success, CSA stands as the global authority ensuring organizations can operate securely while harnessing cutting-edge technology. Through volunteer-driven research, globally-accepted standards, and award-winning vendor-neutral education programs that unite technical experts, industry practitioners, and varied associations, governments, chapters, and corporate members, CSA bridges the gap between innovation and pragmatic security execution. Visit CSA’s website to learn more.

Media Contact
Kristina Rundquist
ZAG Communications for the CSA
[email protected]