A majority of safety leaders are struggling to defend AI methods with instruments and abilities that aren’t match for the problem, based on the AI and Adversarial Testing Benchmark Report 2026 from Pentera.
The report, primarily based on a survey of 300 US CISOs and senior safety leaders, examines how organizations are securing AI infrastructure and highlights essential gaps tied to abilities shortages and reliance on safety controls not designed for the AI period.
AI adoption is outpacing safety visibility
AI methods are not often deployed in isolation. They’re layered throughout and built-in into current company expertise, from cloud platforms and id methods to purposes and information pipelines. With possession unfold throughout disparate groups, efficient centralized oversight has collapsed.
Because of this, 67 p.c of CISOs reported restricted visibility into how AI is getting used throughout their group. Not one of the respondents indicated they’ve full visibility; moderately, they acknowledge being conscious of or accepting some type of unmanaged or unsanctioned AI utilization.
With out a clear view of the place AI methods function or what assets they will entry, safety groups wrestle to evaluate danger successfully. Fundamental questions, comparable to which identities AI methods depend on, what information they will attain, or how they behave when controls fail, usually stay unanswered.
Expertise, not funds, are the first barrier
Though AI safety is now an everyday matter in boardrooms and govt discussions, the research reveals that the most important challenges aren’t monetary.
CISOs recognized the next as their high obstacles to securing AI infrastructure:
- Lack of inner experience (50 p.c)
- Restricted visibility into AI utilization (48 p.c)
- Inadequate safety instruments designed particularly for AI methods (36 p.c)
Solely 17 p.c cited funds constraints as a major concern. This implies that many organizations are prepared to put money into AI safety, however don’t but have the specialised abilities wanted to judge AI-related dangers in actual environments.
AI methods introduce behaviors that safety groups are nonetheless studying to evaluate, together with autonomous decision-making, oblique entry paths, and privileged interplay between methods. With out the best experience and energetic testing, it turns into tough to judge whether or not current controls are efficient as meant.
Legacy controls are carrying many of the load
Within the absence of AI-specific greatest practices, abilities, and tooling, most enterprises are extending current safety controls to cowl AI infrastructure.
The research discovered that 75 p.c of CISOs depend on legacy safety controls, comparable to endpoint, utility, cloud, or API safety instruments, to guard AI methods. Solely 11 p.c reported having safety instruments designed particularly to safe AI infrastructure.
This strategy displays a well-recognized sample seen throughout earlier expertise shifts, the place organizations initially adapt current defenses earlier than extra tailor-made safety practices emerge. Whereas this could present primary protection, controls constructed for conventional methods could not account for the way AI modifications entry patterns and expands potential assault paths.
A well-known problem, now utilized to AI
Taken collectively, the findings present that AI safety challenges stem from foundational gaps moderately than a lack of information or intent.
As AI turns into a core a part of enterprise infrastructure, the report means that organizations might want to concentrate on constructing experience and enhancing how they validate safety controls throughout environments the place AI is already working.
To discover the total findings, obtain the AI and Adversarial Testing Benchmark Report 2026 for a deeper dialogue of the info and key takeaways.
Be aware: This text was written by Ryan Dory, Director, Technical Advisors at Pentera.
