AI security has a detection problem, and Check Point’s 2026 report puts a number on it

More than three-quarters of organisations have rewritten their security strategy to account for artificial intelligence, yet only a quarter possess the architecture to enforce what those strategies now demand, a disconnect that Check Point's 2026 Cloud Security Report identifies as the single most consequential weakness inside the enterprise as AI moves from experiment to production infrastructure.

The report, produced with Cybersecurity Insiders, surveyed 1,042 cybersecurity and IT professionals and found that 77% have changed their security strategy in response to AI, while only 26% say their architecture can enforce it, a 51-point gap that the research describes as the widest finding in the dataset and the structural fault line beneath almost every other problem it documents.

That gap is not abstract because it is already producing measurable damage across environments where AI now operates with credentials, autonomy, and access to sensitive systems. The report found that 54% of organisations have confirmed at least one AI-related security incident, while a further 24% suspect one but lack the telemetry to confirm it, meaning more than three-quarters have either been compromised or cannot rule it out, a level of uncertainty that the research treats as evidence of detection environments that were never tuned for AI-specific threats.

The most common incidents reported were unauthorised or shadow AI usage discovered by 41% of respondents, AI-generated content used in attacks such as phishing or deepfakes by 37%, and sensitive data leaked to or through AI services by 32%, a spread that reflects exposure on both sides of the problem, governing what employees send to external tools and protecting enterprise systems from AI-enabled attacks.

Paul Barbosa, Vice President of Cloud Security and SASE at Check Point Software Technologies, located the cause of that exposure in the speed at which deployment has outrun governance. "The 2026 Cloud Security Report confirms what many security practitioners already sense," he said, before setting out the imbalance the survey measures across infrastructure, access, and runtime. The figures supporting his assessment are consistent across the report, with 70% of organisations now running generative AI in production and 64% having deployed AI agents inside live systems, including 12% that have granted those agents privileged access to core systems, even as the controls surrounding those workloads remain partial, inconsistent, or absent altogether.

Production has moved faster than the controls meant to contain it

The pattern the report returns to repeatedly is one of capability running ahead of governance, and it appears first at the infrastructure layer, where AI has reshaped how traffic actually moves. Organisations reported more API-driven traffic at 51%, increased traffic to external AI services at 48%, and less predictable patterns at 33%, changes that the research argues amount to a different operating model rather than a set of edge cases, and one that existing inspection stacks were not built to handle, with only 24% of organisations able to fully inspect AI traffic without degrading application performance and 67% reporting fragmented security policies across their hybrid environments.

The datacenter compounds the strain, because 76% of organisations rate perimeter security as critical for protecting AI training and inference workloads, while only 35% believe their current perimeter can actually support them, a 41-point gap that mirrors the headline disconnect and widens as 29% of organisations move AI workloads onto their own infrastructure.

"AI adoption has outpaced the architecture built to govern it," Barbosa said. "Agents are acting inside live systems; data is moving through external AI services, and most enterprises still lack the visibility and enforcement to keep pace." That absence of visibility is the report's second recurring theme and arguably its most uncomfortable, because only 5% of organisations report full visibility into which AI tools are being used across the business, what data those tools access, and where that data travels once it enters an AI workflow, which leaves 95% making policy decisions from an incomplete map.

The same figure recurs in a separate finding, with only 5% saying their tools can reliably distinguish legitimate AI activity from suspicious or unauthorised usage, a twofold blindness that means teams frequently neither know which tools are in use nor whether the activity they can see is safe.

Visibility gaps make consistent enforcement structurally impossible

Where teams can see AI activity, they often cannot govern it consistently, and the report shows an access layer that has not converged on any dominant model. Organisations split across five approaches, with 24% applying no AI-specific access controls at all, 22% relying on endpoint agents, 19% applying different rules depending on whether a user is on or off the network, 19% blocking external AI outright, and only 16% enforcing the same controls regardless of location, an inconsistency that means the same employee can encounter entirely different protection depending on how they connect.

Coverage falls short on both planes that matter, with only 13% of organisations able to fully inspect and enforce policy on traffic to AI software-as-a-service tools such as ChatGPT, Copilot, and Gemini, and only 11% able to fully detect and control AI applications or browser-based tools on managed devices.

The application layer tells the same story through different instruments, because traffic generated by AI is exposing how poorly conventional web protections fit the new interaction model. Only 22% of organisations rate their web application firewall or WAAP tools as effective against generative AI-specific attacks such as prompt injection, while 71% report increased false positives since adopting the technology, and runtime governance lags further still, with only 17% having broadly deployed runtime controls such as input validation, output filtering, and tool-use authorisation, and 56% operating with no formal security testing process for AI applications.

The supply chain extends the same weakness outward, as 46% of organisations have no structured security assessment process for AI vendors and only 7% scan AI models for vulnerabilities or malicious code before deployment, meaning many enterprises are running models they have not inspected, from vendors they have not assessed, inside applications they have not fully tested.

Detection has outpaced prevention at every point that matters

Every weakness the report examines converges on one structural deficiency, which is that organisations can increasingly observe AI-related risk, but very few can stop it before harm occurs. The prevention gap is measurable across all three enforcement points the survey tested, and even prompt security, the most developed of them, allows only 13% of organisations to block a malicious prompt before it reaches the model, while 26% can merely detect and alert.

Data fares similarly, with 16% able to block sensitive information from reaching AI services and 28% only able to flag it after the fact, and outputs are weakest of all, with just 5% able to reliably block unsafe AI-generated content before it reaches users or downstream systems. The same fragility surfaces in how the workforce behaves, because 42% of organisations say employees bypass AI security controls when those controls slow them down, choosing personal accounts or uncovered browser tools rather than the approved path, behaviour the report reads as evidence that governance is sitting too far above the workflow to shape what people actually do.

Accountability follows the same diffuse pattern, with responsibility for AI security spread across the CISO at 44%, cross-functional committees at 40%, and IT leadership at 36%, while only 14% have a dedicated AI security leader and only 14% operate policies that are both enforced and audited, even though 45% have documented policies on paper. The market is consolidating against that backdrop, as 86% of leaders rate unified security management across datacenter, cloud, and edge as critical for AI workloads, and 37% are actively consolidating around platform vendors, nearly double the 20% still pursuing best-of-breed point solutions, though execution trails recognition, given that 88% report AI has increased operational complexity.

Barbosa presented the response as a question of where security has to live rather than how much of it to add. "At Check Point, we believe security has to be built into the architecture from the start," he said. "Beginning at the infrastructure layer, through clouds, and especially at runtime. Visibility, Control, and Security need to be present at all layers in the stack AI workloads will operate in." Check Point's answer is its Hybrid Mesh Network Security approach, which it pairs with a newly launched AI Defense Plane and Agentic Network Security Orchestration Platform and which it says delivered a 99.8% security effectiveness score in the 2026 Miercom report, positioning prevention inside the data path rather than alongside it as a monitoring layer that, in the report's assessment, produces a log entry rather than protection.