72% of CISOs express the most concern about discovering data used in AI initiatives.

83% of CISOs place significantly higher priority on AI data usage governance.

Speed of threat detection was used to evaluate AI efficacy by 57% of respondents

The top use case where security leaders say AI will offer most value is vulnerability and risk management, named by 74% of respondents

Nearly a third of respondents reported that their team spends at least four hours per week training AI models within their own tools or within commercially available AI functionality

100% of those who said their AI is very beneficial and a vital part of their security program have internal data science staff members

Third-party and supply chain risk was a big security pain point (42%)

Just 25% of teams use AI to power vulnerability prioritization

Just 18% have utilized GenAI to speed up summarization and reporting work

82% were optimistic about AI applicability to sifting through disparate results from scanning tools

81% were optimistic about AI applicability to dealing with overload of data

A lack of transparency and explainability was the top reason for turning off AI functionality, cited by 58%

Lack of skilled personnel is the biggest obstacle to the effective use of AI in cybersecurity today, cited by 55% of respondents

39% of firms are using AI to solve data overload problems that stymie vulnerability and exposure management work

Lack of transparency in AI decision making was an obstacle for 46% of respondents in the effective use of AI.

Just a fraction of respondents said that their tools come trained and/or tuned — 5%

Costs were an obstacle for 46% of respondents in effective use of AI.

Just over half of respondents said that they regularly disable AI functionality in some or all security tooling due to a range of considerations

1 in 5 respondents reporting that 75% or more of their tool stack promotes AI capabilities

57% of security teams find it difficult to enforce policies on training data usage.