Leadership’s race for AI adoption leaves critical security gaps, says Tenable report on C-Suite AI security risks
A new Tenable report reveals a growing rift between innovation and protection in the corporate world. As executives rush to deploy artificial intelligence, many are ignoring basic security principles, leaving companies open to avoidable cyberattacks.
The State of Cloud and AI Security 2025 report, produced with the Cloud Security Alliance, surveyed over 1,000 IT and security professionals globally, including from Singapore. The findings expose a leadership crisis where executives are measuring the wrong things and missing critical threats.
Instead of preventing breaches, many organisations measure how often they happen. Forty-three percent of companies track only incident frequency and severity—numbers that matter only after an attack. This mindset, Tenable says, creates a false sense of safety.
The study found an average of 2.17 cloud-related breaches per company in the past 18 months, yet only 8% were classified as severe. Common causes included misconfigured cloud services and excessive user permissions—failures that are entirely preventable.
AI adoption is adding pressure. Over half of surveyed organisations now use AI in daily operations, but 34% have already suffered an AI-related breach. While leaders fear futuristic threats like model manipulation, most incidents stem from familiar problems: software flaws, insider risks, and poor configurations.
Liat Hayun, VP of Product and Research at Tenable, warned that “leaders are applying 21st-century technology to a 20th-century security mindset.” The issue, she said, lies in strategy, not software.
Eighty-two percent of organisations operate in hybrid environments, and 63% use multiple cloud platforms. Yet only a minority invest in unified risk assessment or tool consolidation. Until leaders reset their approach and focus on prevention, Tenable warns that even the strongest security teams will remain reactive, overstretched, and exposed.
