If you have been paying attention to Every Enterprise AI System Has, you already know this was coming. I’ve been writing about AI security for a while now, and I keep waiting for the data to tell a different story. It doesn’t. Zscaler just dropped their ThreatLabz 2026 AI Security Report, and the numbers are staggering.
They analysed 989.3 billion AI and ML transactions across their Zero Trust Exchange platform over the past year. Not a sample. Not a survey. Almost a trillion real-world transactions.
Here’s what they found: 100% of enterprise AI systems and applications observed had critical vulnerabilities. Not most of them. Not “a concerning number.” Every single one.
The 90-Minute Problem
What makes this worse isn’t just that vulnerabilities exist, it’s how fast attackers exploit them. According to the report, 90% of compromised systems were breached in under 90 minutes. The median time to first critical failure? Just 16 minutes. Some were compromised in one second.
Let that sink in. Your security team gets an alert, maybe checks Slack, opens the ticket, and starts investigating. By the time they’ve finished their coffee, the attacker has already moved laterally through your network.
As Deepen Desai, Zscaler’s EVP for Cybersecurity, put it: “AI can no longer be considered as a simple productivity tool but a primary vector for autonomous, machine-speed attacks by both crimeware and nation-state.”
Your Team Is Flooding Corporate AI With Sensitive Data
Enterprise AI usage jumped 91% year-over-year. The ecosystem now includes over 3,400 AI applications. And your employees are feeding them everything.
The report found that 18,033 terabytes of enterprise data was transferred to AI and ML applications last year. That’s a 93% increase from the year before. Grammarly alone received 3,615 TB. ChatGPT got 2,021 TB.
And here’s the kicker: 410 million data loss prevention policy violations were linked to ChatGPT alone. People were trying to paste social security numbers, source code, and medical records into the chatbot.
The Zscaler analysts called Grammarly and ChatGPT “the world’s most concentrated repositories of corporate intelligence.” That’s not a compliment.
Why This Matters for Every Business
This isn’t a problem for big enterprises with fancy security budgets. If your team uses AI tools (and they do), this is your problem too. The finance and insurance sectors accounted for 23% of all AI traffic. Engineering teams drove nearly half of all usage.
The report also flagged the rise of agentic AI as a new attack surface. These autonomous AI agents handle reconnaissance, exploitation, and lateral movement without human intervention. And the biggest data breaches of 2026? They’ll likely come from the tools companies willingly connect to their own systems.
What You Need to Do Right Now
First, you need an inventory of every AI tool your organisation uses. Not just the ones IT approved. The ones marketing signed up for, the ones developers are using through shadow IT, the ones embedded in your SaaS tools that you didn’t even know existed.
Second, monitor the data flowing into those tools. 410 million DLP violations means your current controls aren’t working. You need real-time visibility into what’s being shared.
Third, assume breaches will happen at machine speed and plan accordingly. If your incident response playbook still assumes you have hours or days to respond, rewrite it. You have minutes.
Fourth, review your AI vendor security posture. OpenAI was the top LLM vendor every month of 2025. Codelium and Perplexity followed. These platforms are handling massive amounts of your data. Know what protections they have in place and whether they meet your standards.
The Bottom Line
AI governance has gone from a policy discussion to an operational emergency. The Zscaler report makes that painfully clear. Organisations are racing to adopt AI without adequate security controls, and attackers are already exploiting the gap.
The tools are powerful. The risks are real. And the clock is ticking faster than most people realise.
“Defenders must assume that attacks can scale and adapt at machine speed, not human speed.”
Zscaler ThreatLabz 2026 AI Security Report