The usage of core LLM providers has become nearly ubiquitous with OpenAI present in 96.0 percent of organizations, and Anthropic at 77.8 percent. These two being the most commonly integrated with the organization’s productivity suite
A new report from Nudge Security highlights how AI use has moved beyond experimentation and general-purpose chat tools, and is now embedded into workflows, integrated with core business platforms, and increasingly capable of taking autonomous action.
As a result AI governance has emerged as a top priority for security and risk leaders, but many programs remain narrowly focused on vendor approvals, acceptable use policies, or model-level risk.
“AI adoption is no longer experimental — it’s operational,” says Russell Spitler, CEO and co-founder of Nudge Security. “This shift means AI governance can’t be reactive or policy-only anymore. It requires real-time visibility into what AI tools are in use, how they’re integrated with critical systems, and where sensitive data is flowing. The teams that succeed will be the ones who treat AI governance as a continuous, adaptive process — not a one-time audit.”
Among the report’s other findings, the most-used AI tools are diversifying beyond chat. Tools for meeting intelligence (Otter.ai at 74.2 percent, Read.ai at 62.5 percent), presentations (Gamma at 52.8 percent), coding (Cursor at 48.4 percent), and voice (ElevenLabs at 45.2 percent) are now widely present.
Agent tools like Manus (22 percent), Lindy (11 percent), and Agent.ai (eight percent) are also establishing an early footprint. Among the most active chat tools observed, OpenAI accounts for 66.8 percent of prompt volume and Google Gemini for 29.6 percent (together 96.4 percent).
The report highlights the risk of leaking sensitive information as 17 percent percent of prompts include copy/paste and/or file upload activity. Detected sensitive-data events are led by secrets and credentials (47.9 percent), followed by financial information (36.3 percent) and health-related data (15.8 percent).
The full report is available from the Nudge Security site.
Image credit: supatman/depositphotos.com
