By 2028, more than 50% of enterprises will use AI security platforms to secure third-party AI service usage and protect custom-built AI applications.

75% of large U.S. companies say Harvest Now, Decrypt Later (HNDL) attacks must be addressed most urgently.

80% of companies say data privacy breaches are the top generative AI security risk.

77% of large U.S. companies are concerned about intellectual property theft as a generative AI security risk.

Over 90% of large U.S. companies use AI in daily production operations.

59% of enterprises confirm or suspect the presence of shadow AI within their environments.

40% of the riskiest device types are new compared to last year.

75% of the riskiest device types are new compared to two years ago.

SSH is the second most common protocol observed, with rising usage in nearly every sector except retail.

Routers account for one-third of the most critical vulnerabilities in organizational networks.

91% of enterprise employees are using AI on the job.

87% of security leaders trust agentic AI.

Organizations test only 32% of their global attack surface on average.

87% of organizations have moved beyond evaluation and are actively planning, piloting, or using agentic AI for penetration testing.

68% of the enterprise environment remains untested, creating significant blind spots.

64% of organizations prefer an agent-led, human-oversight model combining machine scalability with a human safety net.

49% of organizations expect complete or significant displacement of traditional penetration testing services by agentic AI.

95% of organizations rank penetration testing as a top priority.

95% of organizations anticipate that agentic AI will displace traditional penetration testing services.

93% of security leaders state that comprehensive guardrails and transparent decision-making are critical for safe operation of agentic AI.