43% of organizations reported skill gaps in basic cybersecurity topics as a challenge in using AI for cybersecurity.

55% of organizations surveyed prioritize defending models and data from tampering.

94% of healthcare organizations have begun updating security policies to address generative AI threats in email.

58% of healthcare organizations have not signed a BAA for an AI email tool so far.

84% of Pacesetters (most AI-ready group) control agent actions with guardrails and live monitoring vs 24% of all companies.

69% of healthcare IT leaders feel pressured to adopt AI faster than they can secure it.

21% of respondents from healthcare organizations believe a Business Associate Agreement (BAA) isn’t required for an AI email assistant.

62% of healthcare IT and compliance leaders have observed staff experimenting with ChatGPT or similar tools even though they’re unsanctioned.

25% of healthcare organizations have not formally approved any staff use of AI in email.

70% of firms place themselves in an early education phase or a stage of testing AI implementation on low-priority systems.

52% of companies rate themselves as having high capability in AI.

41.9% of organizations surveyed perceived generative AI applications as a risk, ranking third compared to legacy systems at 23.5% and endpoint devices at 30.6%.

51% of developers worry about unauthorized or excessive API calls from AI agents, making it their number one security concern.

36% of developers lack trust in AI systems.

38% of healthcare organizations identified generative AI or AI tools as a cybersecurity concern, a new category in this year’s study.

33% of developers have ethical, legal, and compliance concerns about AI tools.

89% of developers use AI.

24% of developers actively design APIs with AI agents in mind.

16% of developers have not yet considered AI agents as API consumers.

56% of respondents cited a lack of control over AI model security used for code generation.