FINDINGS from Mimecast’s State of Human Risk 2026 study reveal that while collaboration tools now underpin how work gets done across modern enterprises, many organizations are finding it difficult to keep pace with the growing complexity and fragmentation of these environments.
The research found that 90 percent of APAC organizations say collaboration tools are essential to day-to-day operations. Meanwhile, 66 percent say employees regularly download and use collaboration tools that have not been vetted or approved by IT teams, highlighting how workforce behavior is increasingly moving faster than governance processes can adapt.
The growing sprawl of communication, messaging and file-sharing platforms is also creating mounting concerns about visibility and security oversight.
As organizations increasingly embed AI capabilities into collaboration environments, visibility gaps created by unmanaged tools may introduce additional layers of operational and security risk. At the same time, 45 percent of APAC organizations reported an increase in collaboration tool-based threats over the past year, suggesting that these concerns are already beginning to materialize.
The governance gap carries particular urgency as AI agents move from pilot projects to production environments within enterprises across the region. Unlike individual users, AI agents can operate across multiple systems and workflows simultaneously, amplifying existing visibility and governance challenges.
Many organizations are now operating in environments where employees adopt new tools faster than governance models can evolve. Without foundational visibility and governance in place, organizations risk deploying agents into environments they cannot adequately monitor or control. Managing collaboration sprawl is increasingly becoming a prerequisite for responsible AI adoption.
The findings also suggest that many organizations continue to rely on fragmented approaches to governance and compliance. Only 37 percent of APAC organizations say they have automated compliance tools in place across multiple communication channels, despite collaboration ecosystems becoming increasingly distributed.
The research reflects a broader shift in how organizations need to think about cybersecurity and risk management as work becomes increasingly decentralized and AI-enabled. Rather than focusing solely on protecting channels or endpoints, organizations are being challenged to secure the integrity, accountability and governance of work across both human and AI-assisted environments.
“AI agents are coming whether organizations are ready or not. The collaboration environments they will operate in need to be understood, governed and secured before those agents are deployed — not after. The organizations that invest in governance now will be the ones that can move fastest and most safely when agentic AI becomes the norm,” said Nicky Choo, vice president and general manager for APAC at Mimecast.
Mimecast’s State of Human Risk 2026 study is based on responses from IT and security decision-makers across APAC, North America and EMEA and examines how human behavior, insider activity and organizational practices influence today’s cyber risk landscape.