A new report from cybersecurity firm LayerX Security reveals that enterprise AI risk is far from evenly distributed. More than 6 per cent of enterprise AI conversations contain sensitive data, according to the company's State of AI Usage Report 2026 — and that exposure is heavily concentrated among a small cohort of high-volume "power users" rather than the broader workforce. The finding challenges a widespread assumption among security teams that AI risk scales proportionally with adoption numbers.
A Few Users, Most of the Risk
The research shows that while AI tool adoption across the enterprise continues to grow rapidly, a disproportionately small percentage of users account for the bulk of sensitive data being uploaded to AI platforms. These power users interact with large language models and AI assistants at significantly higher frequencies, often transferring substantial volumes of corporate data — potentially including customer records, proprietary code, and financial documents — through consumer-grade and unsanctioned AI tools.
The report also highlights shifting platform dynamics within enterprise AI usage. DeepSeek, for instance, has climbed to a 12.63 per cent share among tools observed in the study — a notable rise that underscores how quickly new AI platforms can gain traction inside organisations, often without formal IT approval.
This concentration means that blanket restrictions on AI usage, which many organisations have implemented as a first line of defence, are likely missing the mark. By treating all users equally, such policies create friction for low-risk adopters while doing little to monitor or constrain the small group driving actual exposure.
The Visibility Gap
LayerX identifies the root cause as a visibility gap. Most enterprises lack granular, per-user telemetry into AI tool usage — meaning security teams cannot distinguish between an employee who asks an AI chatbot a casual question once a week and one who routinely feeds confidential spreadsheets into a generative model multiple times a day. Without session-level data on what information is being shared and with which platforms, identifying and managing power-user risk remains largely guesswork.
The report argues that organisations need to shift toward risk-proportionate governance: targeted monitoring, tiered policies, and focused enforcement on the highest-volume AI users rather than sweeping bans that drive usage underground.
Editorial: Implications for Regulated Sectors
The LayerX report does not address any specific jurisdiction or regulatory framework. What follows is editorial analysis from the HKLUG team on how these findings may apply to Hong Kong's regulated financial services sector.
For organisations operating under stringent data handling and operational resilience requirements — such as banks, insurers, securities firms, and asset managers — unmonitored AI data exposure raises questions that go beyond cybersecurity. Customer data leaked through an unsanctioned AI tool could implicate personal data protection obligations, while confidential transaction details shared with external AI providers could create conduct and information barrier concerns.
The power-user concentration finding suggests a practical path for such firms. Rather than attempting to lock down AI access organisation-wide, deploying visibility tools that surface who the high-volume AI users are, what data categories they are handling, and which platforms they are connecting to can form the basis of targeted guardrails — such as data classification filters, approved-tool whitelists, and elevated monitoring for this small cohort.
A Broader Trend
The report arrives amid a broader regulatory shift. The EU AI Act has introduced obligations around AI system governance, and emerging APAC frameworks are beginning to address enterprise AI oversight. For organisations across the region, demonstrating control over how AI tools are used internally is steadily transitioning from a best-practice aspiration to a compliance expectation.
The core takeaway from LayerX's research is straightforward: most enterprises are looking for AI risk in the wrong place. It is not the casual experimenter who poses the greatest threat — it is the small, identifiable group of power users whose activity goes largely unseen. Building the visibility to find them is the first step toward managing the risk effectively.
網絡安全公司 LayerX Security 的一份新報告指出,企業面臨的 AI 風險絕非均勻分佈。根據該公司的《2026 年 AI 使用狀況報告》,超過 6% 的企業 AI 對話涉及敏感數據——而這些數據暴露高度集中於一小撮高用量的「重度使用者」,而非更廣泛的員工群體。此發現挑戰了安全團隊中一個普遍存在的假設,即認為 AI 風險會隨著採用率成比例地增長。
少數使用者,承擔大部分風險
研究顯示,儘管企業內 AI 工具的採用率持續快速增長,但一個不成比例的小部分使用者,卻佔據了被上傳至 AI 平台的敏感數據中的大部分。這些重度使用者與大型語言模型及 AI 助手的互動頻率顯著更高,經常通過消費者級別及未經授權的 AI 工具,傳輸大量企業數據——其中可能包括客戶記錄、專有代碼及財務文件。
報告同時突顯了企業 AI 使用中平台格局的轉變。以 DeepSeek 為例,其在研究中觀察到的工具佔有率已攀升至 12.63%——這一顯著增長表明,新的 AI 平台能以多快的速度在組織內部獲得採用,且往往未經正式的 IT 部門批准。
這種風險集中現象意味著,許多組織作為首道防線而實施的「一刀切」AI 使用限制,很可能未能切中要害。這類政策對所有使用者一視同仁,為低風險的採用者製造了摩擦,卻未能有效監控或約束那小部分真正導致數據暴露的群體。
可見性差距
LayerX 認為根本原因在於「可見性差距」。大多數企業缺乏針對 AI 工具使用情況的、按使用者細分的詳細遙測數據——這意味著安全團隊無法區分一個每週隨意向 AI 聊天機器人提問一次的員工,與一個每天多次將機密 spreadsheet 輸入生成式模型的員工。若缺乏關於哪些資訊被分享、以及分享至哪些平台的會話層級數據,識別及管理重度使用者的風險在很大程度上仍只能依靠猜測。
報告主張,組織需要轉向與風險程度相匹配的治理模式:針對性監控、分級政策,並集中力量執行於最高用量的 AI 使用者,而非全面禁止,以免將使用行為推向地下。
編者按:對受規管行業的啟示
LayerX 的報告並未涉及任何特定司法管轄區或監管框架。以下為 HKLUG 團隊就這些發現在香港受規管金融服務業中的適用情況所作的編輯分析。
對於在嚴格的數據處理及營運韌性要求下運作的組織——例如銀行、保險公司、證券商及資產管理機構——未經監控的 AI 數據暴露所引發的問題,已超越網絡安全的範疇。客戶數據通過未經授權的 AI 工具外洩,可能觸及個人資料保護方面的責任;而將機密交易細節分享予外部 AI 供應商,亦可能造成操守及信息屏障方面的疑慮。
重度使用者集中的發現為此類機構指明了一條可行的路徑。與其試圖在全組織範圍內封鎖 AI 使用,部署可見性工具以揭示誰是高用量的 AI 使用者、他們處理哪些類別的數據,以及他們連接至哪些平台,可作為針對性防護措施的基礎——例如數據分類過濾器、已核准工具白名單,以及對這一小部分群體的加強監控。
更廣泛的趨勢
該報告發佈之際,正值監管環境發生更廣泛轉變。歐盟的《人工智能法案》已引入關於 AI 系統治理的義務,而亞太區新興的框架亦正開始處理企業 AI 監督問題。對於整個區域的組織而言,證明其對內部 AI 工具使用方式的掌控能力,正穩步地從一個最佳實踐的願景,轉變為一項合規期望。
LayerX 研究的核心啟示非常直截了當:大多數企業都在錯誤的地方尋找 AI 風險。構成最大威脅的並非那些隨意嘗試的用戶,而是那小部分可識別的、其活動基本上不為人知的重度使用者群體。建立可見性以找到他們,是有效管理風險的第一步。