See also (wiki): ai-cybersecurity, agentic-ai-governance, vendor-security-questionnaires
Executive Summary
- 61% of executives report their organization’s AI models, assets, or data have been compromised in the past 12 months — and 67% have been targeted by AI-enabled cyberattacks (IBM IBV / Palo Alto Networks, n=1,000 C-level executives, Q4 2025–Q1 2026, 17 countries).
- The average enterprise runs 27 different AI solutions from 10 vendors layered on top of 73 cybersecurity solutions from 22 vendors. This fragmentation is the attack surface.
- Only 8% of organizations have deployed agentic AI at scale, yet the security risks of agentic systems — autonomous agents with inherited permissions crossing organizational boundaries — are already materializing.
- 24% of organizations have begun to break from the pack with integrated AI security; 28% are falling behind. The differentiator is not budget — it is whether AI security is architected as a platform or bolted on as point solutions.
The Threat Landscape Has Changed Shape
The IBM IBV and Palo Alto Networks study, published March 22, 2026, captures a security environment that mid-market CISOs and CIOs will recognize: conventional defenses built for human-speed threats are failing against machine-speed adversaries. Two-thirds of surveyed executives say cyberthreats are evolving faster than the defenses designed to stop them.
The specific gaps are instructive for any organization scaling AI:
| Security Gap | % of Executives Reporting Gap | Date |
|---|---|---|
| AI model development and training unprotected | 56% | Q4 2025–Q1 2026 |
| Model inference and live AI usage unprotected | 48% | Q4 2025–Q1 2026 |
| Access controls and identity protections insufficient | 45% | Q4 2025–Q1 2026 |
| Telemetry and observability insufficient | 42% | Q4 2025–Q1 2026 |
| AI data management safeguards insufficient | 38% | Q4 2025–Q1 2026 |
Meanwhile, 76% of executives report rising unsanctioned AI use by employees — shadow AI that creates exposure no security team can govern if they cannot see it.
Tool Sprawl Is the Real Vulnerability
The study’s most actionable finding for mid-market security leaders: organizations are drowning in tools. The average enterprise operates 27 AI solutions from 10 vendors and 73 cybersecurity solutions from 22 vendors. As TELUS Digital’s CISO Steve Jablonski puts it: “You can’t secure what you don’t understand, and you can’t understand fifty different tools.”
For a 300-person company, the calculus is different but the principle holds. If the IT team manages even a quarter of those solution counts, the integration burden alone degrades security posture. The study finds that organizations with elevated AI identity-related risks experience a 52% higher cybersecurity incident rate, even after adjusting for size.
The Maturity Pyramid
Enterprise AI adoption follows a steep pyramid. Each step up sees roughly half the adoption rate of the level below:
| AI Maturity Stage | % of Organizations |
|---|---|
| Basic AI automation | 41% |
| AI augmentation | 29% |
| Generative AI | 18% |
| Agentic AI | 8% |
| Multi-agent workflow orchestration | 5% |
| Autonomous AI | 3% |
Only 1 in 10 executives says AI is fully integrated into the IT operating model and DevSecOps. Fewer than one-third describe their organization as “more mature than peers” with respect to AI security. And 51% say their current infrastructure cannot securely support multi-agent or autonomous operations — even as boards push for exactly that.
The ROI of Getting Security Right
The study quantifies what secure AI leaders gain:
- Organizations with a coordinated multi-agent security strategy expect 42% higher ROI than those with no AI security strategy.
- Organizations making the leap to fully autonomous AI capabilities expect 160% higher ROI on average.
- 25% of AI initiatives have been cancelled, postponed, or failed to scale specifically because of security concerns — a direct cost of inadequate security architecture.
The 24% of organizations classified as “Scaled and secure AI leaders” share four characteristics: autonomous AI readiness, integrated exposure management, AI operations integration, and shared governance practices. The 28% classified as “Nascent” are below average on all four.
Exposure Management: The New Baseline
The study identifies AI exposure management — the discipline of continuously discovering, assessing, and reducing risk across the entire AI footprint — as the connective tissue between AI ambition and AI security. Three data points define the gap:
- 76% of executives say exposure management will be their primary method for unifying prevention, detection, and response by 2028.
- Only 38% have integrated it into risk, detection, and response solutions today.
- 64% still depend on human-based remediation of AI security exposures.
The expected shift is dramatic: high-maturity organizations are projected to increase by 84% by 2028, while low-maturity organizations are projected to decrease by 52%.
Key Data Points
| Metric | Value | Source | Date |
|---|---|---|---|
| AI models/assets/data compromised in past 12 months | 61% | IBM IBV / Palo Alto, n=1,000 | Mar 2026 |
| Targeted by AI-enabled cyberattack in past year | 67% | IBM IBV / Palo Alto, n=1,000 | Mar 2026 |
| AI initiatives cancelled/postponed due to security | 25% | IBM IBV / Palo Alto, n=1,000 | Mar 2026 |
| Rise in unsanctioned AI use by employees | 76% | IBM IBV / Palo Alto, n=1,000 | Mar 2026 |
| Average AI solutions per organization | 27 (from 10 vendors) | IBM IBV / Palo Alto, n=1,000 | Mar 2026 |
| Average cybersecurity solutions per organization | 73 (from 22 vendors) | IBM IBV / Palo Alto, n=1,000 | Mar 2026 |
| Higher incident rate from AI identity risk | 52% | IBM IBV / Palo Alto, n=1,000 | Mar 2026 |
| Expected cybersecurity spend increase to secure AI by 2028 | 55% | IBM IBV / Palo Alto, n=1,000 | Mar 2026 |
| ROI advantage: multi-agent strategy vs. none | 42% higher | IBM IBV / Palo Alto, n=1,000 | Mar 2026 |
| ROI advantage: autonomous AI capabilities | 160% higher | IBM IBV / Palo Alto, n=1,000 | Mar 2026 |
| AI security is shared responsibility | 82% | IBM IBV / Palo Alto, n=1,000 | Mar 2026 |
Source credibility: MEDIUM. IBM IBV is an independent research arm, but the study is co-published with Palo Alto Networks, which sells AI security products. The methodology is sound (n=1,000, 17 countries, Q4 2025–Q1 2026 fieldwork, composite resilience index with analytical frameworks disclosed), but the framing tilts toward platform consolidation — which is what both IBM Consulting and Palo Alto Networks sell. The underlying data points (61% compromised, 67% targeted, tool sprawl counts) are survey-reported and consistent with Gartner and Forrester’s independent findings on security fragmentation. Cross-reference against: MIT CISR GenAI Risk Space taxonomy (Jan 2026, 62 executive interviews), Anthropic Trustworthy Agents in Practice (Apr 2026), and the existing ai-enabled-attacks-ciso-threat-briefing in the corpus.
What This Means for Your Organization
Three decisions surface from this data for a mid-market CISO, CIO, or CFO:
First, audit your AI solution count. If the average $17B enterprise runs 27 AI solutions from 10 vendors, a 300-person company running even 8-10 AI tools from 5+ vendors faces the same integration tax at a fraction of the security budget. Every AI tool that authenticates once and inherits broad permissions is a vector. The study’s finding that 68% of executives say AI agents must be treated as distinct identities applies at every scale.
Second, close the shadow AI gap before the auditors do. Seventy-six percent of large enterprises report rising unsanctioned AI use. Mid-market companies have less visibility and fewer controls. The 25% of AI initiatives cancelled or postponed because of security concerns represent real cost — but the cost of an undetected breach through an unsanctioned AI tool is higher.
Third, pick a platform posture, not more point solutions. The study’s sharpest insight is that the 24% of leaders pulling ahead did not outspend the 28% falling behind. They integrated. For a mid-market company, that means choosing one or two vendors whose AI and security capabilities interoperate rather than accumulating best-of-breed tools that create ungovernable complexity.
If this raised questions specific to your AI security posture, I’d welcome the conversation — brandon@brandonsneider.com
Sources
- IBM Institute for Business Value and Palo Alto Networks. “Elusive Threats, Elastic Defense: Securing AI at Scale.” Published March 22, 2026. n=1,000 C-level executives, 17 countries, 20 industries. Survey conducted Q4 2025–Q1 2026. https://www.ibm.com/thought-leadership/institute-business-value/en-us/report/agentic-ai-cybersecurity. Credibility: MEDIUM — vendor co-published (IBM + Palo Alto Networks), sound methodology, survey-reported data consistent with independent findings.
Vendor caveat: IBM Institute for Business Value and Palo Alto Networks both have direct commercial interest in AI security platforms, consolidation services, and managed security engagements. The study’s framing (platform consolidation over point solutions) aligns with both vendors’ product positioning. All findings are self-reported by survey respondents; the platform-leaders vs. platform-followers performance differential is not independently audited.
Brandon Sneider | brandon@brandonsneider.com April 2026