AI is no longer experimental—it’s embedded. According to a recent survey of 96 organizations conducted by Wiz and Gatepoint Research, 87% of respondents’ teams are already using AI services, often through platforms like OpenAI or Amazon Bedrock.
But as AI adoption surges, security isn’t keeping pace.
Our new survey report, AI Security Readiness: Insights from 100 Cloud Architects, Engineers, and Security Leaders, reveals how organizations are deploying AI, what risks they’re facing, and how few have the tools or visibility to manage this next wave of cloud innovation. The report is based on responses from technical architects, engineers, directors, and C-level leaders across industries.
Here are three key takeaways from the data:
1. AI adoption is outpacing security expertise
While 87% of respondents are using AI, 31% cite a lack of AI security expertise as their top challenge—the most common concern by far. Security teams are often being asked to protect AI services they didn’t deploy, don’t fully understand, and can’t consistently monitor.
Without stronger frameworks, organizations risk exposing sensitive data, misconfiguring AI services, or relying on tools that weren’t designed with AI in mind.
2. Most orgs rely on traditional controls—not AI-specific protections
Only 13% of respondents are using AI-specific security posture management (AI-SPM) today. Instead, many lean on traditional practices: 53% use secure development processes, 41% rely on tenant isolation, and 35% conduct audits for shadow AI.
These are important foundations—but they can’t scale to match AI’s speed and complexity.
3. Complexity is growing fast, but visibility isn’t
45% of organizations are using hybrid cloud, and another 33% are in multi-cloud environments. Yet most still rely heavily on endpoint detection and response (EDR)—tools built for older architectures. Worse, 25% of respondents don’t even know what AI services are currently running in their environment.
Shadow AI is no longer a theoretical risk—it’s already here.
What’s inside the full report?
Inside the full report, you’ll find:
A breakdown of how AI risk maps to overall cloud security maturity
Insights into the operational challenges of securing AI (not just the technical ones)
A three-level AI security maturity curve you can use to benchmark your org
Actionable recommendations for building visibility, governance, and automation into your AI strategy
Download the full report to see how your organization compares—and what it will take to stay ahead of AI risk.
