Report

The 2025 State of Data Compliance and Security Report

Ann Rosen
Ann Rosen
Ross Millenacker
Ross Millenacker
Steve Karam
Steve Karam

Data Management,

Security & Compliance,

AI

Explore findings from our survey of 280 enterprise leaders. 

See what we learned about rising data exposure risks, growing AI concerns, and the current state of data compliance solutions.

 

Organizations are grappling with unprecedented levels of sensitive data in non-production environments, and it’s putting them at risk. In fact, according to our 2025 research, 60% of organizations have experienced data breaches or theft in non-production — an increase of 11% from last year.

That’s a wake-up call for global enterprises that depend on safe, compliant data management.

Get unique data and insights from our second annual State of Data Compliance and Security Report. Complete the form to get your copy.

What’s In the Report?

We partnered with a third-party research firm to survey 280 global enterprise leaders.

They answered questions like:

  • How has the volume of sensitive data increased in non-production?
  • How concerned are you about the expanded exposure footprint in non-production environments at your organization?
  • What trade-offs has your organization experienced when implementing sensitive data protection in non-production environments?
  • Do you believe sensitive data (PII/PHI) should be allowed in AI model training, fine-tuning, and retrieval augmented generation (RAG) application development/testing?

This report explores the results of these and more — offering insights you can’t find anywhere else on the current state of data compliance and security.

image-pdx-2025-data-compliance-report-webpage-image-1
image-pdx-2025-data-compliance-report-webpage-image-2

Surprising Findings on Compliance, AI and Data Privacy

The results of the survey — detailed in this report — surprised us.

Beyond the alarming finding that 60% of organizations have experienced breach in non-production, just some of the standout findings include:

  • 84% of organizations allow compliance exceptions in non-production environments.
  • 91% say sensitive data should be allowed in AI training and testing, yet 78% are highly concerned about theft or breach of model training data.
  • 86% of organizations plan to invest in AI data privacy over the next 1-2 years.

Who Should Read The State of Data Compliance and Security Report?

This report is designed to help global enterprise leaders:

  • Gain insight on the state of data compliance and security in non-production today.
  • Understand the current landscape of data privacy and AI — and the risks.
  • Identify how to better protect their sensitive data in non-production.

The analysis in this report is relevant to leaders (C-suite Executives, VPs, Directors, and managers) in the following functional areas:

  • Application Development (AppDev).
  • Application Testing/Quality Assurance (QA).
  • Data and Analytics.
  • Data Engineering.
  • DevOps.
  • Information Security (InfoSec).
  • IT Operations (IT Ops).
  • Privacy and Compliance.
image-pdx-2025-data-compliance-report-webpage-image-3

Ready for 30+ pages of findings and insights on data compliance and security?

Complete the form now to download your copy of the 2025 State of Data Compliance and Security Report.
Download the Report