Executive Summary

The year AI adoption went 
mainstream, and the impact 
on security teams

In 2025, we saw generative AI and early agentic systems move from limited pilots into widespread adoption across enterprises. Generative AI tools were embedded into operational workflows and the SaaS products we rely on every day, while AI agents gained more access to data and systems. We also saw glimpses of how threat actors can manipulate commercial AI models in attacks.

As AI reshapes our ways of working, cybersecurity leaders are being challenged to protect a rapidly expanding attack surface and manage never-before-seen risks. For many, the question is not whether AI should be secured, but what “securing AI” actually means in practice. Is it about protecting models? Governing data? Monitoring outputs? Controlling how AI agents behave?

AI systems are complex and dynamic. They operate across multiple business domains at once, with the potential to ingest or generate sensitive information, take action autonomously, and execute logic at scale. Securing AI means understanding where AI exists, how it behaves, what it is allowed to do, and how its decisions impact the broader enterprise. This demands new capabilities, revamped governance frameworks, and fresh thinking.

This is the third year we’ve surveyed more than 1,500 IT security leaders across industry verticals and company sizes to understand their perspective on the challenges—and opportunities—AI presents in cybersecurity. Survey participants come from 14 different countries across five continents, but all are tasked with navigating a fast-changing world. Since last year, we’ve seen enormous progress towards maturity in some areas. In others, there’s a standstill.

SRM leaders now have clear responsibilities to secure third-party AI consumption, protect enterprise AI applications and improve cybersecurity with AI.

— Gartner

Close [x]

THE State of AI Cybersecurity 2026

Organizations have been racing to implement generative and agentic AI tools at a breakneck pace. These technologies promise to transform workflows, revolutionize productivity, and create new value streams.

They also open a whole new attack surface. Within the past year, AI systems have joined the ranks of threat actors’ favorite targets.
The State of AI Cybersecurity 2026

INTRoduction

At the basic level, nothing has changed.

Adversaries and defenders have always been locked in an arms race, endlessly innovating to outmanoeuvre one another using the latest tools and technologies at their disposal.

What’s new is that AI has accelerated the pace of change of everything at once: the attack surface, the threats, and the tools designed to defend us.

In this environment, standing still is not an option. For leaders, the question is how to turn rapid change into sustained cyber resilience without slowing down the business.

That’s why we publish this research every year. The State of AI Cybersecurity 2026 explores how organizations are navigating this shift, where AI is delivering real advantage, and what it takes to stay ahead.

Executive Summary

The year AI adoption went mainstream, and the impact on security teams

In 2025, we saw generative AI and early agentic systems move from limited pilots into widespread adoption across enterprises. Generative AI tools were embedded into operational workflows and the SaaS products we rely on every day, while AI agents gained more access to data and systems. We also saw glimpses of how threat actors can manipulate commercial AI models in attacks.

Read the full Executive Summary

Contents

AI is changing everything

Gen Al tools are everywhere now - learn what's making security professionals most worried

92%

are concerned about the use of Al agents across the workforce and their impact on security

AI-powered threats are already having an impact – discover the top concerns

87%

are concerned about the use of Al agents across the workforce and their impact on security

AI is now ubiquitous in the security stack – but do CISOs trust it?

77%

of security stacks now make use of Gen AI

Everyone’s adding AI tools –see where CISOs are focusing their spend

96%

agree that AI significantly improves the speed and efficiency with which they work

Defining your path forward in the age of AI.

Jump in: How AI is reshaping the attack surface

Discover defenders’ attitudes towards widespread AI adoption in the enterprise, where the biggest areas of concern are, and what security teams are doing about it.

See what Darktrace finds in your environment