惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Engineering at Meta
Engineering at Meta
The GitHub Blog
The GitHub Blog
博客园_首页
T
The Blog of Author Tim Ferriss
H
Hackread – Cybersecurity News, Data Breaches, AI and More
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
腾讯CDC
I
InfoQ
量子位
J
Java Code Geeks
P
Proofpoint News Feed
有赞技术团队
有赞技术团队
Webroot Blog
Webroot Blog
Martin Fowler
Martin Fowler
D
Docker
F
Fortinet All Blogs
云风的 BLOG
云风的 BLOG
V
Vulnerabilities – Threatpost
罗磊的独立博客
P
Proofpoint News Feed
T
The Exploit Database - CXSecurity.com
Cyberwarzone
Cyberwarzone
P
Privacy & Cybersecurity Law Blog
Last Week in AI
Last Week in AI
爱范儿
爱范儿
The Hacker News
The Hacker News
S
SegmentFault 最新的问题
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
博客园 - 三生石上(FineUI控件)
V
V2EX
Simon Willison's Weblog
Simon Willison's Weblog
AI
AI
Y
Y Combinator Blog
Security Archives - TechRepublic
Security Archives - TechRepublic
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
GbyAI
GbyAI
V
Visual Studio Blog
H
Heimdal Security Blog
S
Secure Thoughts
B
Blog RSS Feed
雷峰网
雷峰网
T
Tenable Blog
C
Check Point Blog
G
Google Developers Blog
大猫的无限游戏
大猫的无限游戏
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
A
About on SuperTechFans
Recent Commits to openclaw:main
Recent Commits to openclaw:main

Heimdal Security Blog

MediaArena malvertising: why a quarantine isn't the end of the incident Top 6 Managed Detection and Response Providers Cyber-Aware Customers Are Raising the Bar for MSPs and Other Vendors Cyber-Aware Customers Are Raising the Bar for MSPs and Other Vendors How to scale your patches without scaling your team (the patch wave) AI didn't break patching. It showed us patching was already broken. Heimdal Launches MSP Onboarding Wizard to Help Partners Onboard Microsoft CSP Customers in 2 Minutes How Dynamic Defense shuts an attacker out without shutting down the business Static security has run out of road. The case for Dynamic Defense Breaking the MSP Echo Chamber: The Power of Community How attackers built a RAT on a Windows machine using its own .NET compiler Attacker enables RDP, creates admin, erases evidence in ten seconds Your Next Insider Threat May Be an AI Coworker The OSI Model and Its Two Missing Layers Heimdal® Marks Six Years of Consecutive ISAE 3000 SOC 2 Type II Certification The State of AI Risk Management in 2026 AI Will Absorb 99.98% of SOC Triage Within a Year, as 79% of IT teams brace for AI-driven workload shift Top 10 Cybersecurity Companies in Europe Heimdal Expands AI Strategy with AI Wingman and Third-Party AI Containment You Only Know What You’ve Got When Its Gone Nordic MSPs Can Now Access Heimdal’s Unified Security and Compliance Platform Through Elovade OpenClaw Incidents Show Why AI Adoption Pressure Puts Companies at Risk Heimdal Claims Industry First With a Cyber Essentials Control Mapping for PEDM to Help Organisations Prove Least Privilege Five Predictions for Cyber Security Trends in 2026 Heimdal Achieves OPSWAT Gold Certification for Anti-Malware How to Avoid Holiday Shopping Scams (From a Former Cyber Detective) ITDR Best Practices: How to Detect, Prevent, and Contain Critical Identity Threats When Buyers Discount MSPs With One Big Customer You’re Not Technical? That Excuse Just Expired! Tool Sprawl Taxes Your Business More Than You Think Heimdal 5.1.0 RC Dashboard: Smarter Automation, Stronger Compliance, and Smoother Control Can Generative AI Be Weaponized for Cyberattacks? Digital Warfare and the New Geopolitical Frontline Nearly 40% of 2024 Ransomware Payouts May Have Gone to Russia, China & North Korea
Heimdal Survey: Executives Four Times More Confident About AI Risk Than the Teams Managing It
Madalina Popovici · 2026-06-15 · via Heimdal Security Blog

London, UK, 16 June 2026 – Heimdal today published The State of AI Risk Management in 2026, a survey of 1,000 IT professionals across the United Kingdom and the United States.

The report’s headline finding is a divide inside the same organizations: the closer a person sits to the day-to-day running of AI, the less confident they are that the risk is contained. In the US, 29% of C-suite and VP respondents say their organization has AI risk under control, against 7% of the mid-level practitioners managing it.

In the UK the gap runs the same way, 18% to 11%. Both gaps are statistically significant.

AI tools are already present across most IT estates, and most teams run several at once.

The controls have not kept pace. Across both markets, the report finds adoption has outrun security controls by roughly two to one.

The survey also records a counterintuitive pattern: the teams that see their AI use most clearly are the most concerned about it, not the least.

Heimdal’s report describes visibility as the diagnosis rather than the cure.

In an incident publicly disclosed in January 2026, the acting director of CISA, the United States cybersecurity agency, uploaded documents marked “For Official Use Only” to public ChatGPT in mid-2025.

The agency’s own monitoring flagged the activity within a week, but the use policy had not prevented it.

Key findings

  • Executive confidence outruns the frontline. In the US, 29% of executives say AI risk is under control, against 7% of practitioners. In the UK, 18% against 11%.
  • AI is already embedded. ChatGPT runs in 72% of UK IT environments and 69% of US environments, and Microsoft Copilot in 68% of UK and 59% of US.
  • Readiness lags adoption. Only around 4 in 10 teams rate their security stack as ready for AI-related risk.
  • Concern rises with visibility. Among UK teams with full visibility into AI use, 56% flag data leakage as a top concern, against 27% of teams with none. In the US the figure is 59% among teams with full visibility.
  • Operational load is high. Nearly three-quarters of IT and security teams lose at least a quarter of their week to repetitive, low-value work, and around one in three lose more than half.
  • The most overloaded teams are the most optimistic about AI. 59% of the most overloaded US teams, and 55% in the UK, expect AI to ease the load.

Misplaced confidence is one of the most dangerous things in security. This data shows executives are far more confident that AI risk is under control than the evidence supports.

Most of the conversation right now is about productivity, when the bigger question is how AI can be turned against the business. The report shows the gap between how secure leaders feel and how secure they actually are,

said Adam Pilton, Cybersecurity Advisor at Heimdal.

Independent security researcher Rafay Baloch, CEO and Founder of REDSECLABS, added:

The risk that concerns me most is not AI itself but the blind spots it can create. When teams use AI tools without clear oversight, sensitive information, intellectual property, and business data can end up in places leaders never intended.

Many organizations believe having an AI policy means they are prepared, but a policy alone does not create visibility. The companies seeing the best results are not the ones trying to restrict AI. They are the ones creating clear guardrails while helping employees use AI responsibly.

The report concludes that organizations should treat AI as part of the core IT estate, applying the same scrutiny to AI services as to any other critical supplier, including procurement review, contractual data-handling terms, a current inventory of sanctioned and unsanctioned AI tools, and technical controls over access, execution, action chains, and privilege.

Read the full report: https://heimdalsecurity.com/blog/state-ai-risk-management/

About the research

The State of AI Risk Management in 2026 is based on a survey of 1,000 IT professionals (500 UK, 500 US), conducted via Pollfish from 1 to 8 May 2026. The sample spans six seniority tiers from entry-level through C-suite and VP.

About Heimdal

Heimdal is a global cybersecurity provider offering a unified security and compliance platform across endpoint, identity, email, network, and access security. More than 17,000 customers in over 40 countries use its 12-plus integrated products to prevent threats, detect breaches, and automate response.

Media contact

Madalina Popovici

Media Relations Manager, Heimdal

mpo@heimdalsecurity.com

If you liked this article, follow us on LinkedIn, Reddit, X, Facebook, and Youtube for more cybersecurity news and topics.

Author Profile

linkedin icon

Madalina, a seasoned digital content creator at Heimdal®, blends her passion for cybersecurity with an 8-year background in PR & CSR consultancy. Skilled in making complex cyber topics accessible, she bridges the gap between cyber experts and the wider audience with finesse.