Enterprise AI security strategies are moving faster than the architecture meant to enforce them, according to a Cybersecurity Insiders survey published in Check Point’s 2026 Cloud Security Report.
The survey of 1,042 cybersecurity and IT professionals, conducted in early 2026, found that 77% of organizations have made moderate, significant or complete changes to their security strategy in response to AI. Only 26% said their current architecture is ready, or needs only minor changes, to support AI-driven workloads.
Agent deployments scale faster than security controls
That 51-point gap shows up first in production deployment. 70% of organizations now run generative AI workloads in production, while 64% have AI agents in pilot or production.
Within that group, 12% have given agents privileged access to core systems, moving the security problem from employee use of AI tools toward machine-driven access inside enterprise workflows.
Separate research from the Cloud Security Alliance, commissioned by Zenity, points to the same agent-control problem. Its April 2026 report found that 53% of organizations had AI agents exceed their intended permissions, while 47% reported a security incident involving an AI agent in the past year. Only 16% reported high confidence in detecting AI agent-specific threats..
Active threats exploit visibility and access gaps
The Check Point report found that 54% of organizations have confirmed at least one AI-related security incident, while another 24% suspect an incident but lack the telemetry to confirm it. Reported incidents included unauthorized or shadow AI use at 41%, AI-generated content used in attacks such as phishing or deepfakes at 37% and sensitive data leaked to or through AI services at 32%.
At the network layer, 51% of organizations reported more API-driven traffic, 48% reported more traffic to external AI services and only 24% said current network tools can fully inspect AI traffic without degrading performance.
The access layer remains uneven. Nearly a quarter of organizations (24%) have no AI-specific access controls at all, while 22% rely solely on endpoint agents. Another 19% apply inconsistent rules based on network location, and 19% simply block external AI tools outright.
Only 16% enforce a consistent policy regardless of where users are working. Coverage is even weaker at the SaaS and endpoint level. Just 13% can fully inspect and enforce policy on traffic to major AI services such as OpenAI, Anthropic, and Google AI.
Only 11% have endpoint tools capable of detecting and controlling unauthorized AI applications or browser-based tools on managed devices.
Runtime controls lag production use
At the application layer, the report found that only 17% of organizations have broadly deployed runtime controls such as input validation, output filtering and tool-use authorization across AI applications. Another 56% have no formal security testing process for generative AI applications, or test only on an ad hoc basis.
That application-security gap aligns with risks tracked by OWASP’s Top 10 for Large Language Model Applications, which lists prompt injection, insecure output handling, supply chain vulnerabilities, sensitive information disclosure and excessive agency among major LLM application risks.
OWASP describes excessive agency as a condition where an LLM-enabled system can perform damaging actions because of excessive functionality, permissions or autonomy.
Check Point’s survey suggests many controls are still tuned for older patterns. Only 22% rated current WAF/WAAP tools effective against prompt injection, while 71% reported increased false positives.
Untraceable data flows trigger compliance concerns
The data findings create the clearest governance problem: The survey found that 44% of organizations cannot trace where sensitive data goes once it enters an AI workflow, while 17% were unsure.
Only 15% have deployed and enforced data loss prevention controls specifically configured for AI data flows.
That data-lineage gap is becoming harder to separate from AI security itself. In May 2025, the National Security Agency’s Artificial Intelligence Security Center released joint guidance with CISA, the FBI and international partners that described data used across AI development, testing and operation as part of the AI supply chain. The guidance recommends measures including data provenance tracking, trusted infrastructure and data protection across the AI system lifecycle.
NIST’s AI Risk Management Framework adds another reference point. The framework is voluntary and intended to help organizations incorporate trustworthiness considerations into the design, development, use and evaluation of AI systems. NIST’s Generative AI Profile, published in 2024, applies that risk-management approach to generative AI-specific risks.
European rules are adding pressure. The AI Act’s obligations for general-purpose AI models took effect in August 2025, while high-risk system rules (biometrics, critical infrastructure, employment, etc.) apply from December 2027.
Budget consolidation targets fragmented accountability
The Check Point report’s operating-model findings show why those obligations may be difficult to evidence. 45% of organizations have documented AI security policies, but only 14% actively enforce and audit them.
Accountability is also spread across functions: 44% named the CISO or security team as primarily accountable for AI security risk, 40% named a cross-functional committee and 36% named CIO or IT leadership, the report finds.
Spending is rising, but the report suggests buyers are trying to reduce security fragmentation rather than add another set of isolated tools. 52% of organizations are increasing dedicated AI security budgets, and 37% said their primary investment direction over the next 12 months is consolidation around existing platform vendors. That compares with 20% investing mainly in best-of-breed AI security tools.
Asset mapping anchors unified security architectures
The report recommends enterprises begin with a comprehensive AI asset inventory — mapping external services, internal applications, agents, model endpoints, credentials, and sensitive data flows. From there, they must enforce consistent access controls, implement runtime protections inside AI workflows, clarify ownership, and consolidate toward a unified hybrid security architecture.