#United States #Boston #AI Security #Pentera #CISO Survey

AI Security Landscape in 2026

In the dynamic realm of cybersecurity, the rapid adoption of artificial intelligence (AI) is reshaping enterprises at an unprecedented pace. Pentera, a leader in AI-driven security validation, recently unveiled its findings from the 2026 AI Security & Exposure Benchmark, based on insights gathered from 300 Chief Information Security Officers (CISOs) and security executives across North America. The survey sheds light on an urgent issue: despite the growing integration of AI in various business functions, organizations struggle to secure these applications effectively.

Key Findings from the Benchmark Survey

The report unveils several critical gaps between AI deployment and the security mechanisms intended to protect it:
1. Limited Awareness: A staggering 67% of CISOs cited a lack of visibility into how AI is utilized within their organizations. This limited understanding hampers their ability to mitigate risks effectively.
2. Inadequate Security Tools: The survey indicates that only 11% of companies have security tools tailored specifically for AI systems, while 50% of executives pointed to a shortage of internal expertise in addressing AI-related security threats.
3. Reliance on Legacy Systems: 75% of CISOs reported extending existing security controls, originally designed for traditional IT environments, to cover AI workflows. This reliance on outdated systems increases vulnerabilities, as these tools may not address the unique challenges of AI.

The Shift in Risk Perception

According to Amitai Ratzon, CEO of Pentera, this integration of AI necessitates a fundamental shift in how enterprises view risk. As AI influences every corner of an organization, it expands vulnerabilities beyond what current security programs can comprehend. Many businesses are adopting AI without fully grasping the associated risks, leaving them exposed to new threats.

Gaps in Budgeting and Strategy

Despite security funding being present, there’s a notable shift required regarding priorities:

• - While 78% of enterprises fund AI security using existing budgets, only 1% have earmarked a dedicated budget for AI security. This reflects a pressing need for organizations to treat AI security as a standalone priority to mature their security posture effectively.
• - 21% of companies are considering the introduction of a distinct AI security budget, indicating a gradual shift towards recognizing the importance of AI in their overall risk management strategies.

Adversarial Testing and Its Importance

Pentera emphasizes the role of adversarial testing in understanding risk from an attacker’s perspective. By validating security controls and identifying exploitable vulnerabilities, security teams can enhance their operational effectiveness and mitigate potential threats. This approach encourages proactive addressing of gaps—an essential practice as enterprises increasingly depend on AI technologies.

Insights on Security Stack Consolidation

Interestingly, while 58% of CISOs indicated that AI is influencing their consolidation strategies regarding security tools, only 3% are actively integrating their security stacks with AI considerations. This highlights a disparity between recognizing AI's impact and taking actionable steps to adapt their security infrastructures accordingly.

Conclusion

As AI continues its rapid integration into the corporate landscape, the findings of Pentera's 2026 benchmark report underscore a pressing need for enterprises to prioritize security in tandem with AI adoption. Companies must invest not only in the technology itself but also in enhancing their security awareness and protocols. Addressing these gaps today will be crucial for mitigating risks and safeguarding valuable assets in an increasingly complex digital age. Organizations must become proactive rather than reactive if they hope to navigate this new terrain safely.