AI security and risk management capability gaps affect 61% of organizations globally.

More than 30% of US organizations report experiencing a major AI-related security incident in the past 12 months.

Organizations relying on shared ownership are 47% less likely to detect rogue AI behavior.

Organizations where CISOs own AI agent risk are 24% more likely to detect rogue AI behavior.

Over half of US CISOs track AI as a dedicated risk category.

68% of IT professionals have personally seen AI generate hallucinations with potential operational impact.

Organizations spent more than $1 million on average in the past year responding to AI agent identity and security issues.

56% of cybersecurity decision-makers are concerned about employees inadvertently exposing sensitive information to AI systems.

68% of technology leaders express concern that their AI agents will behave unpredictably.

61% of organizations have revoked or rotated AI agent credentials due to suspected exposure.

53% of US companies express confidence they could regain control if AI exposes admin credentials.

Only 32% of organizations globally are very confident they could regain control if AI exposes admin credentials.

60% of digital trust professionals cited social engineering as an AI risk.

Only 38% of digital trust professionals are confident in their board’s understanding of AI risks.

67% of U.S. cybersecurity decision-makers are concerned about employees inadvertently exposing sensitive information to AI systems.

74% of digital trust professionals cited privacy violations as an AI risk.

45% of digital trust professionals noted that AI risks are an immediate priority.

67% of organizations using AI agents suspect those agents have already accessed data beyond their intended scope.

35% of law firms cite data privacy and security as AI-related concerns.

74% of organizations in the U.S., U.K., France, Germany, Spain, Italy, Singapore and Australia believe AI will increase attacks on identity infrastructure.