The AI Paradox: CISOs Gain Confidence in Defense Against Traditional Threats but Are Unprepared for AI Identities, Says Portnox Survey

News provided by

Nov 05, 2025, 09:00 ET

AUSTIN, Texas, Nov. 5, 2025 /PRNewswire/ -- Portnox, a leader in cloud-native zero trust access control and cybersecurity solutions, today unveiled the final set of findings from its annual CISO cybersecurity trends survey conducted by Wakefield Research, the results surrounding artificial intelligence (AI) reveal a new paradox for security leaders. While CISOs feel more secure in their roles and defenses against traditional threats, the rapid adoption of AI introduces a significant, unsecured new frontier.

"By zeroing in on the critical leadership tier of Chief Information Security Officers (CISOs) year after year, we can clearly chart the evolution of this role—from shifting concerns and budget priorities to the practical adoption of frameworks and technologies like zero trust," said Nathan Richter, Senior Partner, Wakefield Research.

The survey of 200 U.S. CISOs uncovered that CISO confidence has risen, but a new challenge lurks:

Encouraging Trends

CISO Job Security and Defense Confidence Rise: The intense pressure on CISOs appears to be easing. The percentage of CISOs who are very or extremely concerned about losing their job after a major breach has dropped significantly from 77% last year to just 55% now. Overall concern about a breach has also fallen (from 86% to 62% being very/extremely concerned), indicating that security leaders feel better prepared to defend against or mitigate attacks.
Easing Cyberinsurance Burden: Pressure related to cyberinsurance is also down. The number of companies constantly re-evaluating tools to improve premiums has dropped from 68% in 2024 to 40% today. Furthermore, CISO confusion about policy coverage has decreased across the board for threats like supply-chain attacks (down from 58% to 43%) and insider threats (down from 51% to 34%).

Emerging Concerns

The AI Identity Security Gap: Despite this positive trend in defense, most organizations are unprepared for the security implications of AI. A significant 78% of CISOs lack a formal strategy for handling AI identities in a zero trust security architecture. These identities include autonomous AI agents, bots, or machine-based actors that access or transmit data.
New AI Workloads: This gap will quickly translate into new work. 78% of CISOs expect AI to create a moderate or significant amount of new IT or security work for their teams because of AI-related security risks and vulnerabilities.

"CISOs are less worried about their risk exposure, perhaps because they see a realistic path to eliminating passwords and improving access control with cloud-based tools," said Denny LeCompte, CEO of Portnox. "Critically, this new confidence masks an urgent challenge: AI. AI adoption creates an entirely new, unmanaged, and potentially catastrophic security risk. Identity and access control frameworks must rapidly evolve to secure both human and machine identities driving the modern enterprise."

The survey highlights a key mandate for 2026: organizations must integrate identity-based access control for AI agents, or risk turning their hard-won confidence into a critical vulnerability.

View the survey results here: portnox.com/ciso-perspectives/data-2026.

Related:

About Portnox
Portnox delivers cloud-native zero trust access control and cybersecurity solutions that enable IT teams to proactively enforce powerful access control and endpoint risk monitoring and compliance policies. By eliminating the on-premises footprint of traditional access control systems, Portnox allows companies of any size or architecture to deploy, scale, enforce and maintain critical security policies with unprecedented ease. Hundreds of mid-market and enterprise companies leverage Portnox's award-winning unified access control platform to strengthen their organizational security posture.

SOURCE Portnox