Board attention continues to increase, with security groups operating closer to executive decision-making than in previous years. This pattern mirrors the Voice of Security 2026 report by Tines. In that environment, many teams already rely on AI, automation, and workflow tools as part of their daily operations, creating a fundamental expectation that AI will play a central role in security operations.
Over the past year, we have seen an increase in board-level involvement, especially in large companies. Security teams now frequently participate in discussions related to resiliency, risk tolerance, and operational continuity. Aligning with broader business objectives requires an ongoing effort, especially as teams manage competing priorities such as cloud security, privacy obligations, detection coverage, and incident response.
Improved visibility of the board of directors as well as operational burden
Increased visibility has led to greater scrutiny of results and metrics. Leaders typically track security spending, compliance posture, training completion, and estimated incident costs. Experts focus on incident volume, vulnerability exposure, and detection speed. This combination reflects the expectation that security programs can maintain technical performance while remaining accountable to the business.
Workloads continue to grow. Manual, repetitive tasks still consume a large portion of the day and often range from gathering evidence, processing tickets, and coordinating between tools. This pattern persists even in environments where AI is widely deployed, contributing to fatigue and pressure across operational roles.
AI will become part of everyday security operations
AI already supports a wide range of security features. Common use cases include threat intelligence, detection, identity monitoring, phishing analysis, ticket triage, reporting, compliance documentation, and more. Many teams also rely on AI to assist with developer support, log analysis, and security training activities.
AI-related risks now form part of the core threat landscape. Data leakage by AI co-pilots, uncontrolled internal AI usage, and rapid operations are among the top concerns. Internal use cases receive particular attention as they intersect with sensitive data, workflow, and access control. The use of third-party AI and evolving regulatory requirements will further increase oversight responsibilities.
Governance becomes an everyday security function
Formal AI policies and governance frameworks are now in place in most organizations. Teams with established policies report higher confidence that AI output passes review steps and guardrails before influencing decisions. Governance work spans data processing, access management, auditability, and lifecycle monitoring of AI models and integrations.
Security and compliance considerations also impact whether your team can quickly operationalize automation. Concerns around data protection, regulatory obligations, tool integration, and staff readiness continue to influence adoption patterns. Budget constraints and legacy systems remain common constraints, reinforcing the need for governance structures to support day-to-day enforcement.
Manual work increases the risk of burnout and retention
Teams managing large tool inventories report greater strain, especially when workflows require frequent context switching. Leaders are increasingly seeing automation and improved tools as key levers for retaining staff. Practitioners consistently place work-life balance and meaningful impact at the heart of retention decisions.
Manual work also introduces operational risks. Repetitive processes increase human error and limited capacity limits the speed of response when incidents occur. Automation and orchestration offer opportunities to reduce repetitive tasks and stabilize operations, especially when workflows connect tools and people through defined processes.
Intelligent workflows take center stage
Many teams are interested in workflow platforms that connect automation, AI, and human review within a single operational layer. These approaches focus on moving work between systems without continuous manual handoffs. Respondents associate connected workflows with increased productivity, faster response times, improved data accuracy, and enhanced compliance tracking.
Interoperability is also playing an increasingly important role. Security teams are increasingly considering standardized frameworks and APIs that allow AI systems to interact with their tools under controlled conditions. This trend reflects efforts to incorporate AI into business processes.
“AI alone cannot solve broken security operations. Teams recognize the huge potential of AI to save time and improve morale, but without strong governance and well-designed workflows, that potential remains out of reach,” said Thomas Kinsella, Chief Customer Officer at Tines.
Download report: Voice of Security 2026
