25 April 2025

The report, which analyzed more than 536 billion AI transactions processed between February and December 2024 through the Zscaler Zero Trust Exchange platform, highlighted various real-world threats, including AI-enhanced phishing, fraudulent AI platforms, and heightened risks associated with agentic AI and open-source models such as DeepSeek.

ChatGPT emerged as the most widely used AI application, comprising 45.2% of all AI and machine learning transactions. Interestingly, it was also the most frequently blocked application due to enterprise concerns over data leakage and unauthorized use. Following closely behind were Grammarly and Microsoft Copilot, which also ranked among the most blocked tools.

"We had no visibility into ChatGPT. Zscaler was our key solution initially to help us understand who was going to it and what they were uploading,” said Jason Koler, Chief Information Security Officer at Eaton Corporation.

The rise of agentic AI and the open-source DeepSeek model has opened new avenues for cybercriminals to exploit AI technologies, enabling them to automate and scale attacks at an unprecedented rate. DeepSeek, which is emerging from China, poses a challenge to established American companies like DeepAI, AnthAI, and Meta, as it offers strong performance, open access, and affordability, while simultaneously introducing significant security challenges.

Throughout the review period, enterprises shared vast quantities of data with AI tools, transmitting a total of 3,624 terabytes, indicating deep integration of AI into business processes. However, companies also blocked nearly 60% of AI and machine learning transactions, reflecting a growing awareness of the risks associated with data exposure, unauthorized access, and the importance of regulatory compliance.

"As AI transforms industries, it also creates new and unforeseen security challenges. Data is the gold for AI innovation, but it must be handled securely,” said Deepen Desai, Chief Security Officer at Zscaler.

Regionally, Australia has emerged as one of the leading sources of AI and machine learning transactions, along with the United States, India, Canada, Germany, Japan, and the United Kingdom. In the Asia-Pacific region, India led with 36.4% of activity, followed closely by Japan at 15.2% and Australia at 13.6%. On a global scale, the United States accounted for 46.2% of transactions, with India (8.7%), the United Kingdom (4.2%), Germany (4.2%), Japan (3.6%), Canada (3.6%), and Australia (3.3%) following behind.

The finance and insurance sector produced the largest portion of enterprise AI and machine learning traffic, making up 28.4%, while the manufacturing sector contributed 21.6%. Other notable industries such as services (18.5%), technology (10.1%), healthcare (9.6%), and government (4.2%) also exhibited significant AI activity, each facing unique regulatory and security challenges. This growth is particularly evident in new AI-driven applications for fraud detection, risk modelling, supply chain optimization, robotics automation, and customer service automation.

The report underscores a crucial reality: while AI adoption is driving significant productivity improvements, it is simultaneously exposing organizations to a rapidly evolving threat landscape. The need for upskilling is evident, with 83% of Australian business leaders prioritizing AI adoption by 2025 and 40% recognizing training as critical for ensuring a secure transition.

To address these emerging risks, Zscaler continues to advocate for a zero trust security model. Their report highlights key strategies such as data classification, breach prediction, real-time AI insights, threat protection, and application segmentation, all designed to manage risks and limit exposure as enterprises increasingly integrate AI tools into their business practices.