New AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI "Power Users"

The LayerX report spotlights a classic Pareto‑style risk distribution: a tiny minority of "AI power users" produce the bulk of enterprise AI traffic and expose the most sensitive data. These users not only converse more frequently but also craft longer prompt chains, amplifying the chance of inadvertent data leakage. For security leaders, this concentration means monitoring can be laser‑focused on a handful of high‑risk accounts rather than diluting effort across the entire workforce.

Platform dynamics further complicate governance. ChatGPT remains the dominant force, responsible for over half of all AI conversations, yet its consumer‑oriented nature means many interactions happen under personal accounts. Microsoft’s Copilot M365 is gaining ground with corporate‑managed deployments, but other models like Gemini still see heavy personal‑use exposure. The proliferation of shadow AI—browser extensions, embedded copilots, and AI connectors—creates a sprawling, hard‑to‑track ecosystem that slips past traditional controls, turning everyday productivity tools into covert data pipelines.

CISOs must evolve from binary "block or allow" policies to nuanced, inline guardrails that inspect prompts, data uploads, and AI‑driven actions in real time. Prioritizing high‑risk power users, enforcing corporate‑only identities, and cataloguing shadow‑AI assets such as extensions and connectors are immediate steps. By embedding continuous monitoring and automated policy enforcement, organizations can mitigate exposure without stifling the productivity gains that AI delivers, turning a looming threat into a manageable operational risk.