• 73% say AI-powered threats are already having a significant impact on their organization, in new survey
• Nearly half of security professionals feel unprepared to defend against AI-driven attacks, despite 92% saying these threats are driving major upgrades to their defenses
• More than three-quarters (77%) of security professionals reported that generative AI is now embedded in their security stack and 96% say AI significantly boosts the speed and efficiency of their work
• Darktrace launches Darktrace / SECURE AI™, a new solution designed to give security teams visibility and control over AI tools and agents in the enterprise

Darktrace, a global leader in AI for cybersecurity, today announced the findings of its 2026 State of AI Cybersecurity Report, examining how the rapid adoption of AI into businesses is changing the nature of cyber risk for global enterprises. The findings highlight increasing concern among cybersecurity professionals about the rise of agentic AI in their organizations, with more than three-quarters (76%) of security professionals surveyed worried about the security implications of integrating AI agents into their organization. That concern is particularly acute at senior levels, with nearly half of security executives (47%) saying they are very or extremely concerned as AI agents increasingly operate with direct access to sensitive data and critical business processes. At the same time, 97% of security leaders agree AI in their own security stack significantly strengthens their ability to defend against bad actors.

Security experts attribute agents’ access to sensitive and proprietary data, their ability to interact directly with critical systems, and a lack of mature governance around their use as key drivers of concern. Data exposure was identified as the top risk (61%), followed by potential violations of data security and privacy regulations (56%) and the misuse or abuse of AI tools (51%). Despite rising risk awareness regarding AI, just 37% of respondent organizations have a formal policy for securely deploying AI, down 8 percentage points from last year’s report.

“Enterprises are embracing AI fast, and while AI tools are helping security teams better defend against attacks, agentic AI introduces a new class of insider risk,” said Issy Richards, VP of Product, Darktrace. “These systems can act with the reach of an employee — accessing sensitive data and triggering business processes — without human context or accountability. Our research shows security leaders are already worried, and this cannot be treated as an afterthought. If AI agents are operating inside your organization, their governance, access controls, and monitoring are a board-level responsibility, not just a technical one.”

AI-Powered Attacks Accelerate

Beyond the manipulation of AI agents, the 2026 State of AI Cybersecurity report highlights growing concern that bad actors are using AI to accelerate and scale cyber attacks. Nearly three-quarters (73%) of security professionals say AI-powered threats are already having a significant impact on their organization. In addition, 87% report that AI is significantly increasing the volume of attacks they face, while 89% say AI is making attacks more sophisticated overall. Separately, 91% of professionals note that AI is making phishing and other social engineering attacks more sophisticated and effective. Hyper-personalized phishing emerges as the AI-powered attack posing the greatest risk (50%), followed closely by automated vulnerability scanning (45%), adaptive malware (40%), and deepfake voice fraud (39%). Despite widespread recognition of these threats, nearly half (46%) admit they feel unprepared to defend against AI-driven attacks, almost unchanged from 45% twelve months ago. 92%, meanwhile, say that these threats are driving major upgrades to their defenses.

AI vs. AI: Defenders Fighting Back

As cyber threats accelerate and IT environments grow more complex, security teams are increasingly turning to AI as a critical weapon in the fight against cybercrime. More than three-quarters (77%) of security professionals reported that generative AI is now embedded in their security stack and nearly all (96%) said that AI significantly boosts the speed and efficiency of their work.

Security teams say AI delivers its greatest value where human analysts struggle most: detecting novel threats and identifying anomalies at speed, with 72% of professionals citing this as the area where AI delivers the greatest impact.

Many organizations are already moving beyond AI that only recommends and toward AI that can take action within defined guardrails. In the Security Operations Center, 14% say they allow AI to act independently, while a further 70% enable AI to take action with human approval; only 13% keep AI limited to recommendations.

Darktrace Brings Visibility and Control to Enterprise AI Adoption with New Solution

In response to the trends reflected in the survey’s findings, and building on its unique Self-Learning AI approach to protecting organizations, Darktrace today also unveiled its latest offering, Darktrace / SECURE AI™. Darktrace / SECURE AI is designed to give security teams visibility and control of how AI tools and agents are being used, what data and systems they can access, and how they behave across the organization. The technology enables security teams to not only manage but safely enable AI usage at scale, across their enterprise.

Darktrace data shows that AI adoption is already creating new visibility gaps across the enterprise. In October, Darktrace observed a 39% month-over-month increase in anomalous data uploads to generative AI services. The average anomalous upload was 75MB, equivalent to around 4,700 pages of documents, significantly increasing the risk of sensitive data leaving the organization unchecked¹.

“As AI becomes embedded across core business operations, many organizations are developing a dangerous blind spot,” added Richards. “They no longer have clear visibility into what AI systems can access or how they’re behaving inside the enterprise. Darktrace / SECURE AI isn’t about slowing AI adoption, it’s about giving leaders the visibility and control they need to deploy AI safely, responsibly, and at scale.”

Additional Resources: ‍

• Download the full 2026 State of AI Cybersecurity Report here and check out the Darktrace blog here for more insights behind the data.
• Join the webinar on February 3^rd to learn more about how AI is reshaping the cybersecurity landscape.
• To learn more about Darktrace / SECURE AI, check out the full press release here.

About the Darktrace State of AI Cybersecurity Report

Darktrace partnered with AimPoint Group to survey 1,540 cybersecurity leaders and practitioners from 14 different countries including the U.S., U.K, Germany, Australia, Singapore and Japan. The survey was fielded online between October and November 2025. Their roles range from CISO to IT security managers, IT security analysts and incident responders, with the majority of participants holding leadership roles such as CIO, CISO, IT security executive, director, manager, or team lead.

About Darktrace  

Darktrace is a global leader in AI for cybersecurity that keeps organizations ahead of the changing threat landscape every day. Founded in 2013, Darktrace provides the essential cybersecurity platform protecting organizations from unknown threats using its proprietary AI that learns from the unique patterns of life for each customer in real-time. The Darktrace ActiveAI Security Platform™ delivers a proactive approach to cyber resilience to secure the business across the entire digital estate – from network to cloud to email. It provides pre-emptive visibility into the customer’s security posture, transforms operations with a Cyber AI Analyst™, and detects and autonomously responds to threats in real-time. Breakthrough innovations from our R&D teams in Cambridge, UK, and The Hague, Netherlands have resulted in over 250 patent applications filed. Darktrace’s platform and services are supported by over 2,300 employees around the world who protect nearly 10,000 customers across all major industries globally.

¹According to internal Darktrace research