According to Cybersecurity Insider research published in Check Point’s 2026 Cloud Security Report, enterprise AI security strategies are moving faster than the architecture to enforce them.
A survey of 1,042 cybersecurity and IT professionals conducted in early 2026 found that 77% of organizations have made moderate, significant, or complete changes to their security strategies in response to AI. Only 26% say their current architecture is ready or requires only minor changes to support AI-driven workloads.
Agent deployments can scale faster than security controls
This 51 point difference first appears in production deployments. Currently, 70% of organizations are running generative AI workloads in production, and 64% are using AI agents in pilot or production environments.
Within that group, 12% are giving agents privileged access to core systems, shifting security concerns from employee use of AI tools to machine access within corporate workflows.
A separate study commissioned by Zenity and conducted by the Cloud Security Alliance also pointed to the same agent control issues. An April 2026 report found that 53% of organizations let their AI agents exceed their intended privileges, and 47% reported a security incident involving an AI agent in the past year. Only 16% reported that they were highly confident in detecting AI agent-specific threats.
Active threats exploit visibility and access gaps
Check Point’s report found that 54% of organizations have confirmed at least one AI-related security incident, and another 24% suspect an incident but lack telemetry to confirm it. Reported incidents included 41% AI abuse or use of shadow AI, 37% AI-generated content used in attacks such as phishing and deepfakes, and 32% leakage of sensitive data to or through AI services.
At the network layer, 51% of organizations reported an increase in API-driven traffic, 48% reported an increase in traffic to external AI services, and only 24% said their current network tools were able to fully inspect AI traffic without degrading performance.
Access tiers remain uneven. Almost a quarter (24%) of organizations have no AI-specific access controls at all, and 22% rely solely on endpoint agents. Another 19% apply inconsistent rules based on network location, and 19% simply block external AI tools altogether.
Only 16% enforce consistent policies regardless of where users work. At the SaaS and endpoint level, coverage is even weaker. Only 13% are able to fully inspect and enforce policies for traffic to major AI services such as OpenAI, Anthropic, and Google AI.
Only 11% of organizations have endpoint tools that can detect and control rogue AI applications and browser-based tools on managed devices.
Runtime control is delayed for production use
At the application layer, the report found that only 17% of organizations broadly deploy runtime controls such as input validation, output filtering, and tool permissions across their AI applications. Additionally, 56% have no formal security testing process for their generative AI applications or only test on an ad hoc basis.
This application and security gap is consistent with the risks tracked in OWASP’s Top 10 Large Language Model Applications. This list lists instant injection, insecure output processing, supply chain vulnerabilities, sensitive information leakage, and over-representation among the major risks for LLM applications.
OWASP describes excessive agency as a condition in which an LLM-enabled system can perform harmful actions due to excessive functionality, authority, or autonomy.
Check Point research shows that many controls are still tailored to old patterns. Current WAF/WAAP tools are only rated 22% effective against prompt injection, and 71% report an increase in false positives.
Untraceable data flows raise compliance concerns
The findings of the data raise some of the clearest governance questions. The survey found that 44% of organizations cannot track where sensitive data goes after it enters an AI workflow, and 17% are unsure.
Only 15% of companies have implemented and applied data loss prevention controls specifically configured for AI data flows.
It is becoming increasingly difficult to separate this data lineage gap from AI security itself. In May 2025, the National Security Agency’s Artificial Intelligence Security Center released joint guidance with CISA, the FBI, and international partners to explain data used throughout AI development, testing, and operations as part of the AI supply chain. The guidance recommends measures such as data provenance tracking, trusted infrastructure, and data protection throughout the lifecycle of AI systems.
NIST’s AI Risk Management Framework adds another reference point. This framework is voluntary and is intended to help organizations incorporate reliability considerations into the design, development, use, and evaluation of AI systems. NIST’s Generative AI Profile, published in 2024, applies its risk management approach to the risks specific to generative AI.
European rules are adding pressure. AI Act obligations for general-purpose AI models will take effect in August 2025, and high-risk systems rules (such as biometrics, critical infrastructure, and employment) will apply from December 2027.
Budget consolidation targets fragmented responsibilities
The findings of the Check Point report on operating models demonstrate why these obligations are difficult to prove. 45% of organizations have a documented AI security policy, but only 14% actively enforce and audit it.
According to the report, accountability also extends across departments, with 44% citing the CISO or security team as the primary person responsible for AI security risks, 40% citing cross-functional committees, and 36% citing the CIO or IT leader.
Spending is increasing, but the report suggests buyers are looking to reduce security fragmentation rather than adding another standalone tool. 52% of organizations are increasing their budgets dedicated to AI security, and 37% say their primary investment direction over the next 12 months will be consolidation around existing platform vendors. In contrast, 20% are primarily investing in the best AI security tools.
Asset mapping anchors your unified security architecture
This report recommends that enterprises start with a comprehensive AI asset inventory that maps external services, internal applications, agents, model endpoints, credentials, and sensitive data flows. From there, they must enforce consistent access controls, implement runtime protections within AI workflows, clarify ownership, and integrate toward a unified hybrid security architecture.
