In a recent survey conducted by Heimdal, a significant gap in confidence regarding AI risk management has been highlighted between executives and those managing AI operations daily. The study, titled The State of AI Risk Management in 2026, surveyed 1,000 IT professionals from the UK and US, revealing that AI implementation has outpaced security measures by a factor of two to one.
Disparity in AI Confidence Levels
The survey results show a stark contrast in perception between different levels within organizations. In the US, 29% of executives believe that AI risks are under control, compared to only 7% of mid-level practitioners responsible for managing these risks. A similar disparity exists in the UK, with 18% of executives expressing confidence against 11% of practitioners.
This confidence gap is statistically significant and underscores a critical issue: those closer to AI’s daily operations express more concern about potential risks than senior executives.
AI Adoption Versus Security Measures
AI tools are now deeply integrated into most IT environments, with over 70% of UK and US environments using platforms like ChatGPT. Despite this widespread adoption, security measures have not kept pace. The report indicates that less than half of the teams feel their security infrastructure is ready to handle AI-related risks.
Interestingly, teams with comprehensive visibility into AI usage express more concern about data leakage, highlighting the need for better oversight and control.
Future Outlook and Recommendations
Heimdal’s report suggests that misplaced confidence can be dangerous, as highlighted by Adam Pilton, a Cybersecurity Advisor at Heimdal. He emphasizes the need for businesses to focus not only on AI’s productivity benefits but also on the potential security threats it poses.
Rafay Baloch, an independent security researcher, warns about the blind spots created by AI tools, stressing the importance of clear oversight and responsible usage. Organizations are advised to integrate AI into their core IT strategies, ensuring rigorous scrutiny similar to other critical suppliers.
For a comprehensive understanding of the current state of AI risk management, the full report provides detailed insights and recommendations for enhancing security measures and fostering responsible AI use.
The survey, conducted by Pollfish from May 1 to May 8, 2026, captures responses from a diverse range of IT professionals, from entry-level to C-suite executives.
