Singaporean organisations are facing growing challenges in safeguarding sensitive data as artificial intelligence tools and data sprawl amplify insider risks, according to Proofpoint’s 2025 Data Security Landscape report. The cybersecurity and compliance company found that nearly half of Singaporean firms lack adequate visibility and controls over generative AI (GenAI) tools, while 42% cite expanding data across cloud and hybrid environments as a top concern.
The findings reveal that as AI-driven productivity tools and autonomous agents become part of daily workflows, businesses are struggling to protect information in this evolving “agentic workspace”, where humans and AI systems work together. The report draws on responses from 1,000 security professionals across 10 countries, including Singapore, along with Proofpoint’s own platform data.
Ryan Kalember, chief strategy officer at Proofpoint, said the growing complexity of data environments is stretching traditional defences. “We’ve entered a new era of data security where insider threats, relentless data growth, and AI-driven change are testing the limits of traditional defences,” he said. “Fragmented tools and limited visibility leave organisations exposed. The future of data protection depends on unified, AI-powered solutions that understand content and context, adapt in real time, and secure information across both human and agent activity.”
Human factors remain a major cause of data loss
People continue to be the leading cause of data loss in Singapore. Forty-five percent of organisations attribute their most significant data loss events to careless employees or third-party contractors, while 38% blame compromised users and 36% cite malicious insiders. Proofpoint’s telemetry data shows that just 1% of users are responsible for 76% of data loss incidents, underscoring the need for behaviour-aware and adaptive security strategies.
On average, organisations in Singapore experience around 10 data loss incidents annually, with some reporting multiple cases each month. These incidents can take weeks to resolve, leaving sensitive data exposed and increasing workloads for security teams.
The issue is compounded by rising data volumes. Over one-fifth (21%) of Singaporean firms saw their data grow by more than 30% in the past year, while 42% identify cloud and software-as-a-service (SaaS) data sprawl as a critical challenge. Proofpoint’s platform data also reveals that 27% of cloud storage is “abandoned” — unused data that inflates costs and widens the potential attack surface.
The rise of AI agents introduces new risks
The rapid adoption of AI across business operations has created a new category of insider risk. Two in five (40%) organisations in Singapore cite data loss via GenAI tools as a top concern, while 39% worry about sensitive data being used for AI model training. AI agents, which often operate with high privileges, introduce further vulnerabilities. More than one-third (35%) of respondents flag unsupervised data access by these agents as a serious threat.
Oversight gaps persist, with nearly half (49%) of organisations admitting they lack sufficient visibility and control over AI tools. This trend reflects how AI-driven workflows are evolving faster than most data protection strategies can adapt.
Towards unified, AI-driven data security
The report also highlights operational strain among security teams, with 21% of Singaporean organisations reporting that it can take between one and four weeks to resolve a data loss incident. A majority (59%) use six or more data security vendors, leading to complex and fragmented toolsets that slow response times and hinder efficiency.
However, there are signs of progress. Nearly three in five (59%) organisations in Singapore have already deployed AI-enhanced data classification capabilities. Many see clear benefits in unifying their data protection strategies — 58% believe a consolidated platform would enable safer AI use, while 51% say it would reduce data loss risk.
George Lee, senior vice president for Asia Pacific and Japan at Proofpoint, said Singapore’s rapid digital transformation places it at the forefront of both innovation and emerging risk. “Our research shows that nearly half of Singaporean organisations lack adequate oversight of GenAI tools, while experiencing an average of 10 data loss incidents annually,” he said. “As Singapore continues to lead in AI implementation, organisations must move beyond fragmented point solutions and adopt unified, intelligent security platforms that can protect data across both human and AI-driven workflows.”
