Security leaders are under pressure to support AI programs as they move from pilot to production. New research from Cloudflare suggests that success relies less on experimentation and more on disciplined application modernization that is closely tied to your security strategy. This study investigates how application architectures, decision-making structures, and security adjustments impact readiness for AI at scale.
Modernized application stack enables broader AI integration
The findings show that companies that are modernizing their applications report greater progress with the use of AI. These groups describe modernization as a prerequisite for scaling AI workloads across production systems. AI efforts rely on applications that can rapidly integrate new services, process real-time data flows, and operate consistently across distributed environments.
A modernized application stack provides the flexibility to incorporate AI capabilities into existing products and workflows. Experts report that AI is being embedded in core applications, internal operations, and customer-facing services. AI acts as part of continuous application evolution and impacts how systems are updated and expanded over time.
Companies that are slow to modernize say they have a different experience. AI projects tend to stall while teams grapple with fundamental issues like legacy architecture, fragmented infrastructure, and inconsistent controls. These situations slow deployment and increase operational risk, especially when AI systems interact with sensitive data or external services.
“If you don’t embrace AI and modernize your business to protect against the next wave of cyber attacks, you won’t just stand still, you’ll quickly fall behind,” said Matthew Prince, CEO of Cloudflare. “Winners in this internet age will ultimately be determined by their infrastructure.”
Accelerate modernization results with security alignment
One recurring pattern in research is the relationship between security alignment and modernization success. Organizations that align their security and application efforts report smoother modernization timelines and improved AI outcomes. The security features of these environments are involved early in design decisions and infrastructure planning.
This coordination reduces the need for late-stage modifications and reactive controls. Security policies are built into application workflows, deployment pipelines, and access models. As a result, companies spend less time fixing post-deployment issues and more time supporting new features.
Companies whose security and application functions are tightly aligned express greater trust in their infrastructure and staff as they advance their AI initiatives. This confidence supports broader AI adoption across the business, including new applications designed specifically to use AI.
security leadership
Groups that report on modernization progress tend to centralize decision-making among a small number of leaders. This structure allows for faster approvals, clear accountability, and more consistent priorities.
Defining ownership allows security requirements to be addressed at the same time as architectural changes, rather than being introduced later. It also helps align budgets, schedules, and risk tolerance across departments.
An environment where the decision-making process is fragmented slows progress and increases internal tensions. Security personnel in these environments often spend their time negotiating priorities, responding to urgent issues, and managing exceptions. This dynamic limits the ability to support long-term initiatives such as AI-driven application development.
Scale your security operations more predictably
The study also examines how application security events are managed. Although incidents remain common across industries, organizations that are modernizing report better management of response efforts. As your application environment grows, the amount of time you spend on remediation increases slowly.
This result reflects increased visibility and more consistent enforcement of controls across the application stack. Teams can identify issues early, respond with standardized processes, and avoid repeated manual intervention. As AI workloads increase system complexity, these capabilities become increasingly important.
Organizations operating on less mature foundations report higher operational burdens. Patching vulnerabilities, restoring systems, and addressing compliance gaps takes more time. These activities consume resources that could support modernization and AI efforts.
AI Readiness Changes Security Leadership Priorities
This research suggests that AI readiness has become a key concern for security leaders. AI workloads drive demand for reliable identity control, API security, data protection, and observability. Weaknesses in these areas can delay AI adoption and increase exposure to risk.
CISOs in modern infrastructure environments have greater influence over application strategy. Security considerations drive architecture choices, deployment models, and vendor selection. This position allows leaders to support innovation while maintaining operational discipline.
Teams that trust their ability to manage AI-related risks move faster. Understanding AI architecture and data flows can help you develop without creating bottlenecks.
Webinar: Redefining attack simulation with AI
