- Two-thirds of security leaders lack visibility into how AI is used within their organizations, with none claiming full oversight.
- A lack of internal expertise is the top barrier to AI security, cited by 50% of CISOs, while only 17% point to budget issues.
- Most enterprises rely on legacy security controls designed for traditional IT, not AI systems, to manage emerging risks.
A majority of security leaders are struggling to defend rapidly proliferating AI infrastructure with inadequate tools and skills, Pentera‘s latest report reveals. The AI and Adversarial Testing Benchmark Report 2026, surveying 300 U.S. CISOs, highlights that organizations are dangerously outpaced by this technological shift.
Consequently, 67 percent report severely limited visibility into AI deployment and usage across their technology stack. This obscurity makes it impossible to effectively assess risks related to data access, identity, or system behavior. The core problem, however, is not financial.
Half of the surveyed CISOs identified a lack of internal expertise as their primary obstacle to securing these complex systems. Consequently, they are forced to extend familiar but ill-fitting legacy security controls.
Meanwhile, the report found that 75 percent of organizations rely on traditional endpoint, cloud, and API security tools to protect AI infrastructure. Consequently, the approach mirrors past tech shifts where old defenses are adapted before tailored practices emerge.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
