A new report released today by Check Point Software lays out in stark terms how far enterprise security architecture has fallen behind AI adoption and the incidents already resulting from that gap.
The 2026 Cloud Security Report, produced in partnership with Cybersecurity Insiders and based on responses from 1,042 cybersecurity and IT professionals surveyed in early 2026, finds that 77% of organisations have updated their security strategy in response to AI. Only 26% say they have the architecture to enforce it. That 51-point disconnect is the report’s headline finding, but the data behind it is arguably more concerning than the number itself.
The visibility problem
Before organisations can enforce an AI security policy, they need to see what they’re trying to govern. On that front, the numbers are bleak. Only 5% of organisations report full visibility into which AI tools employees are using, what data those tools are accessing, and where that data goes once it enters an AI workflow. The same figure, 5%, applies to organisations whose security tools can reliably distinguish legitimate AI activity from suspicious or unauthorised usage.
That blind spot has a direct consequence. 54% of organisations have confirmed at least one AI-related security incident in the past year. Another 24% suspect they’ve been hit but lack the telemetry to confirm it. Together, that means 78% have either experienced confirmed AI-related security impact or cannot rule it out.
The most commonly reported incident types were unauthorised or shadow AI usage (41%), AI-generated content used in attacks such as phishing or deepfakes (37%), and sensitive data leaked to or through AI services (32%).
Infrastructure built for the wrong traffic model
The report argues that much of this exposure is structural. Security architectures were designed for human-driven access, known SaaS patterns, and predictable application behaviour. AI traffic looks different: API-heavy, service-mediated, increasingly autonomous, and running at volumes that didn’t exist twelve months ago.
The numbers bear that out. Only 24% of organisations say their current network security tools can fully inspect AI traffic without degrading application performance. 76% face inspection gaps, performance tradeoffs, or limited confidence in their controls. 67% report fragmented security policies across hybrid environments. 64% say their architecture needs moderate or significant redesign to support AI workloads.
AI agents are compounding the problem. 64% of enterprises have AI agents in pilot or production, including 12% that have granted them privileged access to core systems. Most security architectures were not designed to govern machine-driven access at that scale. Only 14% have AI security policies that are both enforced and audited.
WAFs, runtime controls, and the detection-only trap
At the application layer, the picture is similarly underprepared. Only 22% rate their current WAF or WAAP tools as effective against GenAI-specific attacks such as prompt injection. 71% report increased false positives since GenAI adoption, an operational drag that is itself a consequence of inspection logic tuned for human-driven web traffic being applied to AI payloads it wasn’t designed for.
Runtime controls are even less mature. Only 17% have broadly deployed runtime LLM controls such as input validation, output filtering, and tool-use authorisation across their applications. 56% have no formal security testing process for GenAI applications, or test only on an ad hoc basis.
The report frames the result as a detection-without-prevention problem. Across three enforcement points, prompts, data flows, and outputs, more organisations can observe risk than can stop it. Only 13% can block a malicious prompt before it reaches a model. Only 16% can block sensitive data from reaching AI services. Only 5% can reliably block unsafe AI-generated content before it reaches users or downstream systems.
Shadow AI and policy bypass
The governance layer is under similar pressure. 45% of organisations have documented AI security policies. Only 14% have policies that are actively enforced and audited. When controls do exist but create friction, 42% of organisations say employees bypass them, pasting sensitive data into personal AI accounts, using browser-based tools the endpoint agent doesn’t cover, or taking whatever path is faster than the approved one.
Only 15% have deployed AI-specific DLP controls. 44% cannot trace where sensitive data goes once it enters an AI workflow. 25% permit source code in external AI tools.
“The 2026 Cloud Security Report confirms what many security practitioners already sense,” said Stuart Green, Cloud Solution Architect at Check Point Software Technologies. “AI adoption has outpaced the architecture built to govern it. Agents are acting inside live systems; data is moving through external AI services, and most enterprises still lack the visibility and enforcement to keep pace. At Check Point, we believe security has to be built into the architecture from the start. Beginning at the infrastructure layer, through clouds, and especially at runtime. Visibility, Control, and Security need to be present at all layers in the stack AI workloads will operate in.”
The five-step path forward
The report closes with a sequenced set of actions: build an AI asset inventory, explicitly govern employee access to external AI services, implement prevention and runtime controls in enterprise AI workflows, give one function authority to define policy and enforce it, and consolidate toward a unified hybrid security architecture.
The underlying argument is architectural. AI security maturity, the report contends, comes not from adding isolated controls but from turning governance, visibility, data protection, access control, and enforcement into a single operating model — one that can carry policy consistently across cloud, datacenter, SaaS, and endpoint environments, enforced at the point where AI interactions actually occur.
The full 2026 Cloud Security Report is available here.
