"When asked which environments are of most concern, 45% of respondents identified internal AI systems and Large Language Models (LLMs) as their primary concern, followed closely by cloud infrastructure and application environments at 44%." — Security Magazine
Visibility gaps into employee AI use
The survey paints a striking picture of what organizations can and cannot see. Nearly half of respondents identify internal AI systems and LLMs as the single greatest environment of concern (45%), with cloud infrastructure and application environments close behind (44%). Yet the same data shows a paradox: 20.4% of respondents rated employees leaking sensitive data into public LLMs as a low or extremely low risk, even as 53.5% list that very scenario among the top AI-driven threats. Across the United States, visibility problems are sharper—48.8% of U.S. organizations report marked gaps in visibility compared with the overall 33.8% figure reported for uncertainty about which legitimate tools are essential for each user.
Breach suppression and institutional secrecy
More than half of respondents who experienced a security incident or breach in the past 12 months—55.2%—said they were told to keep it confidential despite believing it should have been reported to authorities. That number, while slightly down from 57.6% in 2025, remains well above the 42% recorded in 2023, indicating a persistent culture of breach suppression. The U.S. leads regional figures at 68.6%, with Germany and the U.K. each at 57.2%. The pressure to stay silent spans organizational ranks: 56.8% of managers and 53.5% of practitioners report similar instructions to keep incidents confidential.
Where attacks are landing: cloud, BEC, ransomware, and AI social engineering
Cloud infrastructure or application breaches were the single most frequently experienced incident type in the past year (41.8%), followed by business email compromise (BEC) causing financial or data loss (35.9%) and ransomware (25.6%). U.S. organizations reported unusually high exposure to BEC incidents—54.7%—noted as nearly 19 percentage points above the overall average. The survey also found that AI-driven social engineering has moved from hypothetical to commonplace: 59.2% of respondents reported experiencing AI-driven social engineering attacks in the past 12 months.
Operational barriers that prevent shrinking the attack surface
Respondents identified concrete, operational constraints that limit defensive action. The top barrier was the high overhead of maintaining hardening rules and managing exceptions (38%), followed by fear of operational disruption (35.4%) and resource constraints (34.6%). Difficulty securing legacy systems (34.5%) and visibility gaps about which tools each user legitimately requires (33.8%) add to the challenge. These figures suggest organizations recognize exposure but struggle to tighten controls without disrupting business processes.
What this means for managers, practitioners, and procurement leaders
- Managers and practitioners: Both groups report pressure to keep breaches confidential (managers 56.8%, practitioners 53.5%), signaling internal reporting cultures that may suppress escalation and regulatory notification.
- Procurement leaders: Data sovereignty concerns are a major switching factor—76.1% of respondents said they would likely switch cybersecurity vendors over worries about data jurisdiction, foreign government access, or unclear data-processing models. That sentiment is strongest in the U.S. (87%), the U.K. (85%), and Germany (77%), with managers more likely than practitioners to express urgency (79.4% versus 72.8%).
Threat priorities: self-mutating malware, evasion, deepfakes, and agentic AI
Organizations rank a broad set of AI-driven scenarios as serious threats. Top among them is attackers using AI to generate self-mutating malware (55.9%), followed by employees leaking sensitive data into public LLMs (53.5%), AI-driven evasion techniques that could bypass traditional EDR signatures (52.5%), and deepfakes or voice cloning used in fraud or BEC (51.9%). The report notes that current threat intelligence suggests adversaries are using AI to accelerate and refine attacks rather than to create fundamentally new malware. Concern about agentic AI expanding the attack surface is particularly acute in Singapore (64%) and the U.S. (61.6%).
The survey frames a central tension: organizations rank AI systems and LLMs as top environmental concerns while substantial portions of the same respondent pool underestimate the risk of data leakage into public models and report significant internal pressure to conceal breaches. Those facts, taken together, raise a pointed question for security leaders and regulators alike—how will organizations reconcile acknowledged exposure, operational constraints, and entrenched secrecy to reduce real-world risk?




