A new report shows that although AI is now embedded across enterprises, many security teams lack a clear understanding of where AI is deployed, the risks it introduces, and the tools and expertise needed to secure it.
The study from Pentera, based on a survey of 300 US CISOs and security executives in North America, finds 67 percent report limited visibility into how AI is being used across their environment, and 44 percent acknowledge their AI security posture is already lagging behind the rest of their security program.
“AI represents a fundamental shift because it touches every part of the enterprise. It’s changing how data and systems interact, expanding organizational exposure beyond what most security programs have fully mapped,” says Amitai Ratzon, CEO of Pentera. “As AI adoption accelerates, enterprises are accepting risks they don’t yet fully understand. Adversarial testing enables security teams to see that risk from the attacker’s perspective — validating security controls, prioritizing exploitable gaps that pose real business impact, and strengthening their security posture over time.”
The survey finds that the top challenges are lack of internal expertise (50 percent), limited visibility into AI usage (48 percent), and insufficient AI-specific security tools (36 percent), underscoring the need for upskilling.
In addition 75 percent of CISOs report that their enterprises rely on extending controls originally designed for other attack surfaces to cover AI-driven workflows and infrastructure. Only 11 percent report having security tools specifically designed to protect AI systems.
Funding is an issue too 78 percent of enterprises fund AI security through existing security budgets, yet only one percent have a dedicated AI security budget. 21 percent plan to introduce one, signaling a shift toward maturity.
While 58 percent of CISOs say AI is influencing their security stack consolidation strategy, only three percent are actively consolidating due to AI, with another 11 percent consolidating for reasons unrelated to AI.
The full report is available from the Pentera site.
Image Credit: BiancoBlue/Dreamstime.com
