RSS

The More Confident in AI Security, the More Likely Breached, Study Finds

mooreds1 pts0 comments

The More Confident Organizations Are in Their AI Security, the More Likely They've Been Breached, New Research Finds - IT Security Guru

About Us

Monday, 15 June, 2026

Home

Features

Insight

Channel News

Events

Most Inspiring Women in Cyber 2026

Topics

Cloud Security

Cyber Crime

Cyber Warfare

Data Protection

DDoS

Hacking

Malware, Phishing and Ransomware

Mobile Security

Network Security

Regulation

Skills Gap

The Internet of Things

Threat Detection

AI and Machine Learning

Industrial Internet of Things

Multimedia

Product Reviews

About Us

No Result

View All Result

Home

Features

Insight

Channel News

Events

Most Inspiring Women in Cyber 2026

Topics

Cloud Security

Cyber Crime

Cyber Warfare

Data Protection

DDoS

Hacking

Malware, Phishing and Ransomware

Mobile Security

Network Security

Regulation

Skills Gap

The Internet of Things

Threat Detection

AI and Machine Learning

Industrial Internet of Things

Multimedia

Product Reviews

About Us

No Result

View All Result

No Result

View All Result

The More Confident Organizations Are in Their AI Security, the More Likely They’ve Been Breached, New Research Finds

by<br>Guru Writer

June 11, 2026

in<br>Featured

Share on FacebookShare on Twitter

Nearly two-thirds of organizations have suffered a confirmed AI identity-related security incident in the past 12 months, and the companies that feel most secure are being hit the hardest, according to new research from FusionAuth.

The 2026 State of AI and Identity Report, which surveyed 312 technology and security leaders, including CTOs, CISOs, and VPs of engineering, security, and platform, found that 65% of organizations reported a confirmed AI identity breach in the past year, with a further 23% reporting a near miss. Just 12% came through the year unscathed.

But the report’s most striking finding is not the breach rate itself; it is who is being breached. Among respondents who rated themselves "extremely confident" in their AI security posture, 84% had already experienced a confirmed incident. That figure falls to 64% for those "very confident" and just 17% for those who described themselves as "not so confident". In other words, confidence and breach rates rise together.

The organizations at the top of the confidence scale share a common profile: broad AI deployment, comprehensive governance policies, formalized lifecycle processes, and heavy investment. On paper, they are doing everything right and they are still being breached at the highest rates.

"Confidence appears to be tracking deployment velocity and governance activity, not actual protection," said Brian Bell, CEO of FusionAuth. "The faster organizations move, the more confident they feel. The faster they move, the larger their attack surface. Written policies don’t answer the questions that matter: Can you scope what each agent can access? Can you see what it’s doing? Can you prove what it accessed after the fact? Can you revoke access before a near miss becomes something worse? Architecture answers those questions. Policy alone does not."

The report suggests self-reported maturity has become an unreliable signal of actual security posture, with implications for how the industry benchmarks AI readiness. It also notes that organizations with mature security programs may simply be better at detecting incidents, meaning lower-confidence organizations are not necessarily safer, just blind to what is already happening.

Shadow AI is now the norm

The findings paint a picture of AI adoption racing ahead of the controls meant to govern it. Some 88% of respondents say AI deployment is outpacing their identity and security infrastructure, while 80% report shadow AI, employees connecting AI tools to internal systems without security or IT review. In the highest-risk cohort, organizations that combine production AI features, widespread employee AI use, and multi-tenant SaaS identity platforms see shadow AI reach 96%, and the confirmed incident rate hits 90%.

Architecture emerged as the variable that most clearly separates outcomes. Organizations running multi-tenant SaaS identity platforms reported confirmed incidents at more than twice the rate of self-hosted deployments – 83% versus 38%. In a shared environment, the report argues, a single compromised token or misconfigured policy can cascade across every AI workflow connected to the identity layer, creating a far larger blast radius than in an isolated deployment.

The weakest lifecycle controls were auditing what AI agents accessed (formalized at just 70% of organizations) and revoking access when no longer needed (73%), precisely the controls that matter once agents begin acting autonomously.

Identity becomes a commercial problem

AI identity risk is also showing up in the sales cycle. Eighty-five percent of respondents have faced customer, partner, or regulatory demands to demonstrate tenant isolation, with 56% facing such demands frequently, turning what was once a...

security organizations identity confident cyber result

Related Articles

The Newest Instagram "Exploit" Is the Goofiest I've Seen

ssiddharth34 ptsaccount attacker email instagram seen like

Apple WWDC 2026 Livestream

nextstep32 ptsapple stream video event live feed

Claude Fable 5

Philpax30 ptsfable claude mythos model models capabilities

US Government directive to suspend access to Fable 5 and Mythos 5

Dylan131224 ptsfable government anthropic jailbreak access mythos

It's Not Just X. It's Y

mooreds21 ptslanguage model writing like grammarly human
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.