The latest AI and Adversarial Testing Benchmark Report 2026 from Pentera uncovers significant challenges faced by security leaders in protecting artificial intelligence systems. Despite the rapid adoption of AI, many organizations remain hamstrung by outdated skills and tools, impeding effective defense strategies.
AI Integration Outpaces Security Oversight
AI technologies are frequently integrated into existing corporate systems, ranging from cloud platforms to data pipelines. However, this integration often lacks centralized oversight, leading to insufficient security visibility. According to the report, 67% of CISOs have limited insight into AI usage within their organizations, indicating a widespread struggle to manage AI resources effectively.
Without comprehensive visibility, security teams face difficulties in assessing AI-related risks. Fundamental questions regarding AI identities, data access, and failure responses remain unanswered, highlighting a critical oversight in current security practices.
Skills Shortage: A Barrier to AI Security
While AI security discussions are prevalent in executive boardrooms, the primary obstacle identified by security leaders is a lack of internal expertise. The report reveals that 50% of CISOs cite this as their top challenge, closely followed by limited visibility into AI usage (48%) and insufficient AI-specific security tools (36%).
Interestingly, budget constraints are less of a concern, with only 17% of respondents viewing them as a primary issue. This suggests a willingness to invest in AI security, though the necessary skillsets to accurately assess AI risks remain scarce.
Legacy Controls Struggle to Secure AI
In the absence of AI-specific security solutions, many enterprises rely on legacy controls to protect their AI systems. The report indicates that 75% of CISOs utilize existing security tools like endpoint and cloud security measures, while just 11% possess tools specifically designed for AI.
This adaptation of traditional defenses reflects past technology shifts, where existing measures are initially repurposed before new, tailored solutions emerge. However, legacy controls may not accommodate the unique access patterns and potential vulnerabilities introduced by AI systems.
Addressing Foundational Gaps in AI Security
The findings underscore that AI security challenges are rooted in fundamental gaps rather than a lack of intention or awareness. As AI becomes integral to enterprise infrastructure, organizations must prioritize building expertise and validating security controls in operational environments.
For a comprehensive analysis of the data, the AI and Adversarial Testing Benchmark Report 2026 offers detailed insights and recommendations for overcoming these challenges.
