35% of organizations reported a lack of AI policy as a challenge in using AI for cybersecurity.

36% of organizations reported a lack of appropriate data sets as a challenge in using AI for cybersecurity.

72% of all organizations surveyed are at least moderately prepared to control and secure agentic AI systems.

Only 42% of healthcare organizations have signed a Business Associate Agreement (BAA) covering any AI assistant used in email.

75% of Pacesetters (the most AI-ready group) report having the capacity to fully secure agentic AI systems that make decisions independently.

75% of healthcare organizations say AI has added confusion, not clarity, to email compliance.

43% of organizations reported skill gaps in basic cybersecurity topics as a challenge in using AI for cybersecurity.

38% of organizations reported uncertainty around AI efficiency as a challenge in using AI for cybersecurity.

41% of healthcare IT and compliance leaders feel confident they could detect improper AI use before a HIPAA violation occurs.

21% of respondents from healthcare organizations believe a Business Associate Agreement (BAA) isn’t required for an AI email assistant.

62% of healthcare IT and compliance leaders have observed staff experimenting with ChatGPT or similar tools even though they’re unsanctioned.

70% of companies are in early stages of AI adoption.

84% of Pacesetters (most AI-ready group) control agent actions with guardrails and live monitoring vs 24% of all companies.

25% of healthcare organizations have not formally approved any staff use of AI in email.

51% of organizations surveyed focus on recruiting the right talent to manage AI-specific cybersecurity threats.

Only 29% of all companies have fully integrated AI into security and identity systems, compared to 62% of Pacesetters (most AI-ready group).

Talent gaps are most acute in the area of cybersecurity for AI, affecting 60% of all companies surveyed.

43% of organizations are in the early education/experiment phase of AI adoption.

16% of healthcare IT and compliance leaders admit compliance was never consulted before AI email tools were enabled.

58% of healthcare organizations have not signed a BAA for an AI email tool so far.