As data continues to proliferate across enterprises, the challenges of managing, securing, and accessing this data are growing in complexity. Immuta’s 2025 State of Data Security Report, compiled from a survey of over 700 data leaders, offers a revealing snapshot of the industry’s current concerns and where it is headed in the year ahead. The findings shed light on the tensions organizations face as they strive to balance data accessibility with robust security and compliance measures.
The Pressure to Balance Speed with Security
At the top of the list for data security professionals is the ongoing challenge of providing secure and timely access to data. Over 64% of respondents highlighted significant obstacles in ensuring that the right people can access the right data when they need it. Privacy and compliance concerns continue to be the dominant barriers to unlocking data’s potential. "Compliance and access are highly correlated. I don’t know if you could ever decouple them,” says Joe Regensburger, VP of Research at Immuta, emphasizing the delicate balance that organizations must strike between security and usability.
Despite these concerns, many respondents report optimism for the future, with 66% feeling that their ability to protect data has improved over the last year. However, the road to a more secure and accessible data environment is far from smooth. Over 50% of respondents say that manual data governance processes, fragmented data storage, and siloed systems create substantial inefficiencies. More than a third of organizations still struggle with delayed data access, often waiting a week or more for critical data.
People, Processes, and Technology: A Three-Pronged Challenge
The report highlights three primary factors that are impeding data access: people, processes, and technology. According to the survey, managing data governance is often a team effort, with 40% of organizations involving 6-10 people in governance and security, and a third involving 20 or more. This often results in communication breakdowns and mismanagement of data access requests.
Technologically, companies are increasingly confronted with the limitations of legacy systems. Nearly 41% of respondents cited outdated tools as a barrier to effective data management. Without the right technological infrastructure in place, businesses are unable to respond quickly to data demands. Moreover, 53% of respondents said that technology management challenges have made their workloads more difficult than a year ago.
“Getting data into the hands of people who can extract value from it is the number one priority,” says Steve Touw, Co-Founder and CTO of Immuta. As data users expand beyond traditional IT teams to include business analysts and AI specialists, companies must rethink their approach to data access, moving towards more dynamic, self-service solutions.
AI's Growing Role and Implementation Hurdles
Looking toward the future, artificial intelligence (AI) and machine learning (ML) are expected to play a pivotal role in data strategy. Over half of the data leaders surveyed (54%) consider integrating AI/ML models into business processes a top priority for the coming year. Despite the hype surrounding these technologies, however, the report underscores significant implementation barriers.
More than half of respondents (55%) say their data security strategy is not keeping pace with the fast evolution of AI technologies, with integration into existing systems cited as one of the top challenges. Additionally, a growing concern is the regulatory landscape around AI, with nearly a third of leaders saying that data security and privacy issues related to AI remain unresolved.
“It’s the right time to practice AI with a few initial key use cases and address those issues as you build,” says Bart Koek, Immuta’s Field CTO. As AI matures, data leaders will need to confront these security and scalability concerns head-on to reap its full potential.
Strategic Priorities: Compliance, Self-Service, and Data Marketplaces
The report outlines several key initiatives for 2025, with compliance and privacy initiatives topping the list. A significant 58% of respondents are prioritizing strengthening data security and privacy programs to meet ever-growing regulatory requirements. This focus on compliance is crucial not only for data protection but also for enabling faster access to data, which remains a critical business driver.
Self-service data access is another area of intense focus. As enterprises strive for more agility, 42% of respondents are prioritizing self-service data access for their users. With the right tools in place, organizations hope to eliminate bottlenecks in data requests and empower business units to access the data they need without waiting for IT support. In addition, internal data marketplaces, where data products can be accessed and shared across departments, are expected to become more common in 2025.
For organizations with fragmented data systems, moving towards a more decentralized model of data governance, known as data mesh, is also gaining traction. This model assigns data ownership to specific domains within the business, helping to break down silos and improve data accessibility.
Turning Data Challenges Into Opportunities
Despite the challenges, data leaders remain optimistic about the year ahead. Three-quarters of respondents believe their organizations are equipped to handle data threats, and many report that their ability to protect data has improved over the last 12 months. The barriers faced by enterprises -- from data silos to manual governance processes -- are seen not only as problems to overcome but also as opportunities to innovate.
Data marketplaces, domain data ownership, and enhanced monitoring systems are expected to be widely implemented in 2025 as organizations work to streamline data access while strengthening governance and compliance measures. As Bart Koek notes, “Quite often, we see people use manual security processes for years. It might seem okay, but they don’t think about how it could be a lot better by having the right policies in place that scale.”
Ultimately, the key to success will lie in building an ecosystem where data governance is an enabler, not a bottleneck. By adopting flexible, scalable solutions that enable data access without compromising security, organizations can unlock the full potential of their data while staying compliant and protecting their most sensitive information.
As the 2025 report reveals, the opportunities for growth are immense, and businesses that can successfully integrate robust data governance, security, and AI will be well-positioned for success in the year ahead.