Skip to main content
HomeTopicsGovernance

Governance

We've curated 49 cybersecurity statistics about Governance to help you understand how regulatory frameworks, compliance practices, and risk management strategies are evolving in 2025 to keep organizations secure amidst growing cyber threats.

Showing 1-20 of 49 results

0% of organizations ban vibe coding outright.

New Relic6/15/2026
AI CodingProduction Policy

88% of organizations include vibe coding in formal production policies.

New Relic6/15/2026
AI CodingProduction Policy

95% of CISOs feel pressure to suppress or delay compliance-related security issues when business deadlines are at stake.

Checkmarx6/15/2026
Application SecurityExecutive Risk

15% of security leaders cite misalignment with internal security policies as a major concern with AI-generated code.

Salt Security6/6/2026
Security PolicyAI Security

65% of CEOs believe they have a full AI inventory.

Veeam6/6/2026
AI Inventory

Organizations relying on shared ownership are 47% less likely to detect rogue AI behavior.

Veeam6/6/2026
AI Risk

Over half of US CISOs track AI as a dedicated risk category.

Sprinto6/6/2026
AI RiskRisk Categories

48% of technical leaders believe they have a full AI inventory.

Veeam6/6/2026
AI Inventory

53% of enterprises operate AI agents autonomously for low-risk tasks while applying human review for higher-risk actions.

Cloud Security Alliance (CSA) & Token Security5/27/2026
AI AutonomyAI Agents

33% of IT and security leaders have only partial control over the use of agentic AI in their organizations.

Keepit5/27/2026
Agentic AI

Only 21% of enterprises have formal decommissioning processes for AI agents.

Cloud Security Alliance (CSA) & Token Security5/27/2026
Lifecycle ManagementAI Agents

38% of enterprises require human approval when AI agents exceed their scope.

Cloud Security Alliance (CSA) & Token Security5/27/2026
Human AuthorizationAI Agents

53% of enterprises use human authorization as a primary signal for governing AI agent behavior.

Cloud Security Alliance (CSA) & Token Security5/27/2026
Human AuthorizationAI Agents

79% of enterprises say context-aware controls will be important or very important in the next two years.

Cloud Security Alliance (CSA) & Token Security5/27/2026
Context-Aware ControlsFuture Priorities

57% of C-suite executives believe their organization consistently meets remediation SLAs, yet only 15% of security practitioners agree.

Cobalt5/27/2026
SLAsSecurity Operations

53% of organizations have a board member involved in or leading a cyber risk assessment committee.

CyberEdge Group5/27/2026
Risk ManagementBoard Oversight

79% of General Counsels lack confidence that current board reporting strikes the right balance between clarity and overload.

Diligent Institute5/27/2026
LegalBoard Reporting

Only 19% say their organization’s GRC systems are fully integrated, 65% say they are somewhat integrated, and 16% report no integration at all.

Diligent Institute5/27/2026
LegalGRC Systems

63% of enterprises use action risk as a primary signal for governing AI agent behavior.

Cloud Security Alliance (CSA) & Token Security5/27/2026
Risk ManagementAI Agents

42.4% of teams address AI separately from standard governance structures.

Manifest5/27/2026
AI Governance