Organizational uncertainty in incident response timelines for AI system compromises
Summary
Hide ▲
Show ▼
A survey of over 3,400 IT and cybersecurity professionals reveals significant uncertainty in incident response capabilities for compromised AI systems. 56% of respondents lack awareness of their organization’s ability to halt AI systems during an attack, while only 32% believe they could respond within an hour. Confusion over ownership of enterprise AI applications exacerbates governance and security risks, with 20% of respondents unaware of accountability structures. Only 43% of security professionals express high confidence in their organization’s ability to investigate and explain serious AI incidents to leadership or regulators, highlighting systemic preparedness gaps.
Timeline
-
23.03.2026 18:30 1 articles · 2h ago
Survey reveals major gaps in AI incident response timelines and governance accountability
New research from ISACA indicates that over half of cybersecurity professionals are uncertain about their organization’s ability to rapidly mitigate AI system compromises. The study also reveals confusion over AI governance ownership and low confidence in incident investigation capabilities, with fewer than half of respondents expressing high assurance in their organization’s preparedness for serious AI-related security incidents.
Show sources
- Most Cybersecurity Staff Don’t Know How Fast They Could Stop a Cyber-Attack on AI Systems — www.infosecurity-magazine.com — 23.03.2026 18:30
Information Snippets
-
56% of IT and cybersecurity professionals do not know how quickly they could shut down AI systems compromised in a cyber-attack, according to ISACA’s survey of 3,400+ security and digital professionals.
First reported: 23.03.2026 18:301 source, 1 articleShow sources
- Most Cybersecurity Staff Don’t Know How Fast They Could Stop a Cyber-Attack on AI Systems — www.infosecurity-magazine.com — 23.03.2026 18:30
-
32% of respondents believe they could halt potentially compromised AI systems within an hour, while 7% estimate response times exceeding one hour.
First reported: 23.03.2026 18:301 source, 1 articleShow sources
- Most Cybersecurity Staff Don’t Know How Fast They Could Stop a Cyber-Attack on AI Systems — www.infosecurity-magazine.com — 23.03.2026 18:30
-
20% of surveyed professionals are unaware of which team or executive is accountable for managing enterprise AI applications.
First reported: 23.03.2026 18:301 source, 1 articleShow sources
- Most Cybersecurity Staff Don’t Know How Fast They Could Stop a Cyber-Attack on AI Systems — www.infosecurity-magazine.com — 23.03.2026 18:30
-
28% of respondents attribute AI governance responsibility to board-level executives, 18% to CIO/CTO, and 13% to the CISO, reflecting fragmented ownership models.
First reported: 23.03.2026 18:301 source, 1 articleShow sources
- Most Cybersecurity Staff Don’t Know How Fast They Could Stop a Cyber-Attack on AI Systems — www.infosecurity-magazine.com — 23.03.2026 18:30
-
43% of security professionals report high confidence in their organization’s ability to investigate and explain serious AI incidents to leadership or regulators, while 27% have little to no confidence.
First reported: 23.03.2026 18:301 source, 1 articleShow sources
- Most Cybersecurity Staff Don’t Know How Fast They Could Stop a Cyber-Attack on AI Systems — www.infosecurity-magazine.com — 23.03.2026 18:30
-
Only 36% of organizations require human approval for most AI actions prior to execution, with 26% reviewing AI activity post-execution and 11% only reviewing flagged activities.
First reported: 23.03.2026 18:301 source, 1 articleShow sources
- Most Cybersecurity Staff Don’t Know How Fast They Could Stop a Cyber-Attack on AI Systems — www.infosecurity-magazine.com — 23.03.2026 18:30