Singapore organisations are facing increasing difficulty safeguarding sensitive information as the rise of generative AI tools, expanding data volumes, and emerging AI agents reshape workplace risk. Proofpoint’s latest Data Security Landscape report shows that many businesses are struggling to maintain visibility and control over data as both human and machine behaviour evolve.
The report draws on responses from 1,000 security professionals across 10 countries, including Singapore, along with data from Proofpoint’s own platform. It highlights that the shift towards AI-driven productivity tools and autonomous agents is creating new forms of insider risk. These agents now operate alongside employees, often with privileged access, yet many organisations remain unprepared for the security implications.
Ryan Kalember, chief strategy officer at Proofpoint, said the expanding threat landscape demands a different approach. “We’ve entered a new era of data security where insider threats, relentless data growth, and AI-driven change are testing the limits of traditional defences. Fragmented tools and limited visibility leave organisations exposed. The future of data protection depends on unified, AI-powered solutions that understand content and context, adapt in real time, and secure information across both human and agent activity.”
Human behaviour remains a major source of data loss
Singapore respondents reported that people remain the primary cause of data loss incidents. Forty-five percent of organisations attributed their most significant events to careless employees or contractors. Compromised users accounted for 38 percent of incidents, while 36 percent pointed to malicious insiders.
Proofpoint’s telemetry data reinforces this pattern, showing that just 1 percent of users are responsible for 76 percent of data loss events. On average, organisations in Singapore experienced 10 security incidents in the past year, with some managing multiple cases each month. Many incidents take weeks to resolve, adding operational strain and leaving sensitive information exposed for longer periods.
Data growth, cloud sprawl and AI agents intensify risk
The study also highlights how rapid data expansion is deepening security challenges. More than one-fifth of Singapore organisations saw their data volumes grow by 30 percent or more in the past year. At a global level, 41 percent of enterprises with over 10,000 employees now manage more than a petabyte of data.
This growth is accompanied by increased cloud complexity. Forty-two percent of Singapore respondents identified cloud and SaaS data sprawl as a top concern, and 35 percent warned that redundant or obsolete data introduces further risk. Proofpoint’s platform data suggests that 27 percent of cloud storage is abandoned, contributing to unnecessary cost and enlarging the attack surface.
AI adoption is creating another layer of exposure. Two in five organisations in Singapore cited data loss through public or enterprise generative AI tools as a major concern. Thirty-nine percent are worried about sensitive information being used to train AI models, while 35 percent see unsupervised access by AI agents as a critical threat. Almost half of all Singapore respondents said they lack sufficient visibility and control over these tools.
George Lee, senior vice president for Asia Pacific and Japan at Proofpoint, said local organisations face both an opportunity and a challenge. “Singapore’s position as a regional hub for innovation and digital transformation means organisations here are at the forefront of AI adoption, but this also exposes them to emerging risks. Our research shows that nearly half of Singaporean organisations lack adequate oversight of GenAI tools, while experiencing an average of 10 data loss incidents annually. As Singapore continues to lead in AI implementation, organisations must move beyond fragmented point solutions and adopt unified, intelligent security platforms that can protect data across both human and AI-driven workflows.”
Demand rises for unified, AI-powered security
Security teams are also dealing with complexity created by disconnected tools. Twenty-one percent of Singapore respondents said resolving a single data loss incident can take between one and four weeks. Fifty-nine percent rely on six or more data security vendors, which Proofpoint says contributes to slower response times and heavier workloads.
Many organisations are therefore turning to consolidated, AI-enhanced platforms. Almost three in five businesses in Singapore have already deployed AI-enabled data classification tools. When asked about the benefits of a unified data security solution, 58 percent said it would enable more secure and productive AI use, while 51 percent believed it would help reduce data loss incidents.
