CISOs under pressure to keep data secure during AI rollouts without harming growth

IT leaders are optimistic about the value AI can deliver, but readiness is low. Many organizations still lack the security, governance and alignment needed to deploy AI responsibly.

A new study by the Ponemon Institute for OpenText finds 57 percent of CIOs, CISOs, and other IT leaders rate AI adoption as a top priority, and 54 percent are confident they can demonstrate ROI from AI initiatives. However, 53 percent say it is ‘very difficult’ or ‘extremely difficult’ to reduce AI security and legal risks.

Only 47 percent say IT and security goals are aligned with those driving AI strategy, even though 50 percent of respondents say their organizations have hired or are considering hiring a chief AI officer or a chief digital officer to lead AI strategy.

GenAI is definitely gaining traction, with 32 percent having adopted it, and another 26 percent planning to in the next six months. Top GenAI use cases include security operations (39 percent), employee productivity (36 percent), and software development (34 percent). However, only 19 percent of organizations have adopted agentic AI and 16 percent will adopt it in the next six months. Just 31 percent of those rate agentic AI as being highly important to their business
strategy.

“This research confirms what we’re hearing from CIOs every day. AI is mission-critical, but most organizations aren’t ready to support it,” says Shannon Bell, chief digital officer at, OpenText. “Without trusted, well-governed information, AI can’t deliver on its promise. At OpenText, we’re helping IT and security leaders close that gap by simplifying information complexity, strengthening governance, and ensuring the right information is secure and actionable across the enterprise.”

The study also shows that 73 percent of respondents say that reducing complexity is essential (23 percent), very important (23 percent) and important (27 percent) for a strong security posture, with unstructured data (44 percent) among the top contributors to complexity.

Data governance is seen as the first line of defense to address data security risks in AI, nearly half (46 percent) of respondents say they are developing a data security program and practice. But just 43 percent are very or highly confident in their ability to measure ROI on securing and managing information assets.

The full report is available from the OpenText site.

Image Credit: Leowolfert/Dreamstime.com