Report: 54% of cybersecurity and IT pros faced ‘AI-related security incident’
Report: 54% of cybersecurity and IT pros faced ‘AI-related security incident’
https://www.itbrew.com/stories/report-54-of-cybersecurity-pros-faced-ai-related-security-incident
Publish Date: 2026-06-08 12:04:00
Source Domain: www.itbrew.com
Using an unordered list, summarize the following article with between 4 and 8 key points. For an IT pro, is there anything scarier than someone saying, “There’s been an incident”?If you want to heighten that fear, imagine it is described as an “AI incident,” which could mean anything from a deleted database to a tricked chatbot.Check Point Software Technologies recently surveyed 1,042 cybersecurity and IT professionals around the world and found that more than half had reported an “AI-related security incident.”We asked IT pros to explain what an AI incident means to them, and what a high percentage of those events reveals about the IT industry’s preparedness.“The adoption is outpacing the readiness,” Paul Barbosa, VP of cloud security and SASE at Check Point, told us.Incident response. Check Point’s study, released on May 26, found that 54% of respondents experienced an AI-related security event—and just under a quarter (24%) “cannot confirm due to lack of visibility.”The Check Point report divided incidents into three categories: Unauthorized or shadow AI usage (41%)AI-generated content used in an attack, such as phishing or deepfakes (37%)Sensitive data leaked to or through AI services (32%)AI incidents are taking many forms lately, from internal accidents to external threat actors. Verizon’s annual Data Breach Investigations Report, which was released on May 19 and studied over 31,000 incidents and 22,000 data breaches between November 2024 and November 2025, revealed similar trends in shadow AI and GenAI-assisted attacks.Regarding unauthorized use of AI tools, Verizon’s investigations report found that over two-thirds (67%) of users are employing non-corporate accounts on their corporate devices to access AI services. Additionally, users are submitting sensitive information to GenAI models. Top data types discovered include source code, images, and structured data.In terms of AI-assisted attacks, Verizon (coordinating with AI company Anthropic) discovered threat actors sought AI assistance for approximately 15 distinct attack techniques across the MITRE ATT&CK spectrum, which Verizon mapped to common initial access vectors like phishing, exploits, and credential abuse.Top insights for IT prosFrom cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.IT Brew’s own survey, conducted in Q4 of 2025, found that 45% of AI implementers cited new security vulnerabilities or compliance risks as their primary challenge.As if shadow AI and AI-enhanced attackers weren’t enough of a threat, IT business leaders see new risks on the horizon. Jack Nelson, CISO at enterprise IT and security software company Ivanti, envisions attackers using AI tools to uncover software vulnerabilities or even compromising the models themselves.TJ Marlin, CEO at AI security platform Guardrail Technologies, sees agents having excessive permissions as they make business decisions. “The biggest incidents today aren’t the rogue AI systems…It’s really about AI agents getting too much access, [and] employees trusting AI-generated actions.”Ready or not, companies are deploying AI. The technology and its risks are advancing at a rapid pace.“For us that have been in the industry for 20-plus years, we’ve seen a lot of paradigm shifts,” Barbosa said. “But nothing that has happened at this speed.”To prevent shadow AI usage and a resulting leak of data to unsanctioned AI models, Barbosa recommends companies take inventory of AI tools and see which partners offer a level of visibility, like network monitoring of AI services, as well as tools that discover unsanctioned use of apps on the device or in the cloud.“Get your arms around what your users are accessing, how they’re accessing it, and when they’re accessing it,” Barbosa said. “And then step number two is making sure that that usage is intended or authorized.”
