NEW YORK, March 19, 2026 /PRNewswire/ — A recent study reveals that cybersecurity leaders are facing heightened challenges as artificial intelligence (AI) increasingly transforms the threat landscape and defensive capabilities. According to the EY Cybersecurity Roadmap Study, which surveyed 500 senior corporate security leaders, 96% perceive AI-enabled cyber attacks as a significant threat to their organizations. Approximately 48% of respondents estimate that at least a quarter of all cybersecurity incidents they experienced in the past year were facilitated by AI. Despite this awareness, less than half of senior security leaders express strong confidence in their organizations’ ability to thwart such AI-driven breaches.
“Security leaders have been rapidly bolting on AI solutions to stay ahead of AI-driven cyber threats, but their lack of confidence in defenses signals a need for reimagining security architecture with AI at the core,” says Ganesh Devarajan, EY Americas Consulting Cyber Risk Practice Leader. He emphasizes the necessity for organizations to adopt an AI-native approach, embedding cybersecurity as a fundamental layer of trust in enterprise AI systems.
In response to these evolving threats, security leaders are moving towards autonomous defensive strategies. Nearly all respondents (99%) believe that strategically employing AI will revolutionize their organizations’ proactive and defensive cybersecurity strategies. However, 85% of these leaders whose organizations currently utilize AI in cybersecurity report that their existing budgets are inadequate to address AI-enabled threats.
This funding situation is expected to change dramatically. The study indicates that the proportion of organizations committing at least a quarter of their total cybersecurity budget to AI solutions is set to increase significantly, rising from just 9% today to 48% within two years. “Budget increases create the opportunity for cyber leaders to strategically invest to move from automating simple tasks to advanced agentic AI systems that can undertake complex, multi-step actions across products and ecosystems simulating human responses to attacks,” Devarajan added.
Furthermore, the emergence of agentic AI is poised to become central in cybersecurity defenses. A striking 97% of senior security leaders believe their organization’s competitive edge over the next two years will hinge on the sophistication of their agentic AI cybersecurity measures. The survey highlights a projected doubling in the use of agentic AI across various critical areas: advanced persistent threat detection is expected to rise from 30% currently to 62%, real-time fraud detection from 32% to 58%, identity and access management from 23% to 51%, third-party risk management from 25% to 50%, data privacy and compliance from 27% to 48%, and defenses against deep fakes and impersonation from 23% to 42%.
As organizations race to harness AI, a pronounced need for structured governance has emerged. Almost all senior security leaders report having an AI cybersecurity governance framework in place, with 98% affirming its importance for ensuring responsible AI use. However, a significant gap exists between policy and practical implementation, with only 20% of organizations having successfully optimized these frameworks within their culture. While 51% have a defined AI cybersecurity governance framework embedded in key processes, just 26% report full rollout and integration across business units.
“The proliferation of AI cyber threats is an operational reality that puts the limitations of legacy frameworks on full display,” Devarajan remarked. He contended that organizations must transition from standalone cyber defenses and risk management to a comprehensive system that architects trust across governance, compliance, and ethics, effectively turning AI from a liability into a competitive advantage.
The insights from the EY Cybersecurity Roadmap Study indicate that, as the cybersecurity landscape continues to evolve, organizations must proactively adapt their strategies to harness AI effectively, ensuring both resilience and sustainability in an increasingly complex digital world.
For more information about cybersecurity and the Trust Layer of EY.ai Value Blueprints, visit ey.com.
See also
Anthropic’s Claims of AI-Driven Cyberattacks Raise Industry Skepticism
Anthropic Reports AI-Driven Cyberattack Linked to Chinese Espionage
Quantum Computing Threatens Current Cryptography, Experts Seek Solutions
Anthropic’s Claude AI exploited in significant cyber-espionage operation
AI Poisoning Attacks Surge 40%: Businesses Face Growing Cybersecurity Risks
