The report shows most organizations are facing AI-enabled attacks but lack defined strategies, visibility, and resources to respond.

Key Takeaways

• 87% of security professionals report an increase in AI-driven cyber threats
• 78% say they have already experienced AI-enabled cyber incidents
• Only ~40% say they are adequately prepared to defend against these threats
• 61% cannot reliably distinguish AI-generated attacks from human-generated ones
• 62% say they lack the AI expertise to improve defenses

Darktrace’s State of AI Cybersecurity 2026 report finds that 87% of security professionals are seeing an increase in AI-driven cyber threats, while fewer than half are prepared to defend against them.

AI threats are simultaneously increasing and becoming more sophisticated

78% of respondents experience AI-enabled cyber incidents, including AI-assisted phishing, automated vulnerability discovery, and adaptive malware.

Among those experiencing incidents, 65% say the attacks were more sophisticated than traditional methods. This includes more convincing social engineering content and reduced time required to move from initial system access to the exploitation of vulnerabilities and the execution of attacks.

Most Organizations Lack Defined AI Cybersecurity Strategies

Only 42% of organizations have formal plans, such as policies, tools, and processes, to manage AI-related cyber risks.

The remaining 58% of organizations rely on their current cybersecurity frameworks that do not address AI-driven attack methods.

Detection Gaps Limit Ability To Identify AI-Generated Attacks

61% of cybersecurity professionals report difficulty distinguishing between AI-generated and human-generated threats, particularly in phishing and social engineering scenarios. The report attributes this to the increasing realism of AI-generated text, voice, and synthetic media.

The report finds that only 39% of respondents say they are confident they can identify AI-driven attacks in real time.

AI Adoption In Cybersecurity Is Widespread But Not Autonomous

55% of organizations use AI tools in their threat detection, anomaly identification, and automated response.

However, only 32% report that their AI systems operate autonomously. Most organizations require human oversight for decision-making and response actions.

Skills And Budget Constraints Limit Readiness

The report identifies resource limitations as a key barrier to improving AI cybersecurity readiness. 62% of respondents cite a lack of internal expertise in AI and machine learning as a constraint.

In addition, 58% said they lack sufficient budget for AI-specific security investments, including tools, training, and infrastructure.

The report surveyed 1,540 cybersecurity professionals from 14 countries across sectors, including financial services, healthcare, manufacturing, and technology.