ai risk today logo svg bl font
Menu
SUBSCRIBE
SUBSCRIBE
ai risk today logo svg bl font
Menu

Kroll Report Finds AI Adoption Outpaces Governance As Security Incidents Rise

Kroll Report Finds AI Adoption Outpaces Governance As Security Incidents Rise
Photo credit: Kroll
/ /

A global survey of cybersecurity leaders finds widespread AI-related security incidents and limited governance controls across organizations.

 

Key Takeaways

  • 76% of organizations experienced a security incident involving AI applications or models
  • 48% have little to no governance over AI tool and service adoption
  • 27% report AI-related incidents causing more than $1 million in damages
  • Companies allocate an average of 13% of AI budgets to testing security controls or models

Kroll just released its report, Bridging the Cyber Resiliency Gap: Why Aligning Cybersecurity Priorities, a survey of over 1,000 cybersecurity decision-makers. The report found that the majority of organizations are experiencing AI-related security incidents while lacking formal governance structures to manage the associated risks.

 

AI Adoption Without Guardrails Points To A High Rate Of Incidents

The survey reports that 76% of organizations experienced a security incident involving AI applications or models in the past year. 

40% of employees use AI tools in their work, including both approved systems and “shadow AI” tools that operate without oversight. Despite this level of use, 48% of respondents have little to no organizational governance over AI tool and service adoption. Half of these have no guidelines at all or do but don’t enforce them.

 

AI Security Breaches – A Financial Concern, Yet Companies Aren’t Investing In Protections

55% of respondents identify financial risks as their primary concern regarding AI threats, while 41% worry about operational disruptions from AI-driven cyberattacks.

27% of respondents reported incidents resulting in more than $1 million in damages.

Yet, few are investing in securing AI systems. Companies allocate 13% of their AI initiative budgets to testing security controls or evaluating the models themselves.

 

Strong Cyber Protocols = Less AI-Related Incidents

Organizations with higher cybersecurity maturity experience fewer AI-related incidents. Specifically, 89% of organizations with very low cyber maturity reported AI-related security incidents,, compared to 54% of those with very high maturity, while 46% of highly mature organizations reported no AI-related incidents over the past two years.

The findings are based on survey data collected from companies with annual revenues ranging from $50 million to more than $5 billion, across multiple sectors and geographies.

Essential AI Risk Intelligence

Daily insights on AI governance, regulation, and enterprise risk management. Trusted by Chief Risk Officers and compliance leaders globally.

SUBSCRIBE

By subscribing, you agree to receive our daily newsletter. Unsubscribe anytime.

Advertise with AI RIsk Today, Today!