Organizations Lag in AI Governance as Shadow AI and AI-Powered Threats Expand Attack Surface

Timeline

1. 05.05.2026 14:10 1 articles · 15h ago

   ISACA survey identifies governance and security gaps in enterprise AI adoption

   A survey of 3,400 digital trust professionals reveals that 90% of organizations report employee use of AI tools, but only 38% have formal AI policies in place. 25% lack any AI policy, and 56% cannot estimate the time required to halt AI systems during a security incident. Only 20% have processes to override malicious or compromised AI systems. AI-powered phishing and social engineering attacks are perceived as harder to detect (71%), and authenticating digital information has become significantly more difficult (58%). 38% report declining trust in traditional threat detection methods, while 43% acknowledge improvements in detection and response due to AI-based cybersecurity tools.

   Show sources

   • AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed to Cyber Risk — www.infosecurity-magazine.com — 05.05.2026 14:10

   Open in new tab

Information Snippets

• 90% of digital trust professionals report employees in their organization use AI tools, yet only 38% have formal, comprehensive AI policies in place.

  First reported: 05.05.2026 14:10
  1 source, 1 article
  Show sources

  • AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed to Cyber Risk — www.infosecurity-magazine.com — 05.05.2026 14:10

• 25% of organizations lack any AI-related policies, and 30% have only limited policies.

  First reported: 05.05.2026 14:10
  1 source, 1 article
  Show sources

  • AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed to Cyber Risk — www.infosecurity-magazine.com — 05.05.2026 14:10

• Shadow AI usage—employees leveraging unapproved AI tools—risks accidental exposure of sensitive company data to AI models.

  First reported: 05.05.2026 14:10
  1 source, 1 article
  Show sources

  • AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed to Cyber Risk — www.infosecurity-magazine.com — 05.05.2026 14:10

• 56% of respondents are unaware of how long it would take to shut down AI systems during a security incident.

  First reported: 05.05.2026 14:10
  1 source, 1 article
  Show sources

  • AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed to Cyber Risk — www.infosecurity-magazine.com — 05.05.2026 14:10

• Only 20% of organizations have procedures to override or shut down AI systems in the event of malicious activity or data poisoning attacks.

  First reported: 05.05.2026 14:10
  1 source, 1 article
  Show sources

  • AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed to Cyber Risk — www.infosecurity-magazine.com — 05.05.2026 14:10

• 71% of respondents report AI-powered phishing and social engineering attacks are now harder to detect, and 58% say AI has made authenticating digital information significantly more difficult.

  First reported: 05.05.2026 14:10
  1 source, 1 article
  Show sources

  • AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed to Cyber Risk — www.infosecurity-magazine.com — 05.05.2026 14:10

• 38% of respondents have reduced trust in traditional threat detection methods due to AI-driven threats.

  First reported: 05.05.2026 14:10
  1 source, 1 article
  Show sources

  • AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed to Cyber Risk — www.infosecurity-magazine.com — 05.05.2026 14:10

• 43% of organizations acknowledge that AI-based cybersecurity tools have improved their ability to detect and respond to cyber threats.

  First reported: 05.05.2026 14:10
  1 source, 1 article
  Show sources

  • AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed to Cyber Risk — www.infosecurity-magazine.com — 05.05.2026 14:10