Cybersecurity firm Proofpoint revealed that companies are racing ahead with AI adoption while many of the security controls meant to protect those systems remain too fragmented, too reactive or too poorly understood to keep pace with emerging risks.
In its 2026 AI and Human Risk Landscape report, the cybersecurity company said 87 percent of organizations have already moved AI assistants beyond the pilot stage, while 76 percent are piloting or rolling out autonomous agents, underscoring how quickly AI has shifted from experimental tool to operational backbone inside the workplace.
The main concern is that security has not moved at the same speed. Proofpoint said only 48 percent of organizations embedded security from the start of their AI strategy, while 52 percent described their approach as catching up, inconsistent or reactive. That gap is already showing up in live environments, with 42 percent of respondents reporting a suspicious or confirmed AI-related security incident.
The report, based on a January 2026 survey of 1,453 full-time security professionals across 20 industries and 12 markets, said the issue is not simply whether companies are buying AI security tools, but whether those tools can actually detect what matters when AI begins acting across trusted business channels.
AI controls are in place, but confidence is missing
Proofpoint said 63 percent of organizations report having AI security controls in place, but 52 percent are not fully confident those controls would detect a compromised AI system. Among organizations that already have controls, half still reported a suspicious or confirmed AI-related incident, a finding that points to a widening gap between security coverage and real-world effectiveness.
The company said the concern reflects a broader shift in the attack surface. AI assistants and agents are no longer sitting in isolated environments, as they are drafting emails, summarizing Slack and Teams chats, supporting customers, working with suppliers and moving through the same channels where sensitive company data is shared every day.
That has turned collaboration tools into a security battleground. Among organizations that experienced an AI-related incident, 71 percent reported threat activity in email, 72 percent in SaaS or cloud apps and 63 percent in AI assistants or agents. Proofpoint said that pattern shows AI-related threats do not remain in one channel, but travel across the digital workspace where people, data and automated systems now interact.
Attackers are targeting the AI layer itself
The report also highlighted how attackers are beginning to exploit AI directly, including through prompt injection hidden inside routine phishing emails.
In one example, Proofpoint researchers observed a fake Gmail-style notice that appeared ordinary to the recipient but contained invisible instructions designed to overwhelm an AI-based detection system and potentially cause it to time out before reaching a verdict.
Proofpoint also said AI tools are lowering the barrier for more convincing attacks, citing a campaign in which attackers used an AI website builder to create a fake YouTube appeal center that used real-time channel metadata before delivering malware through a deceptive workflow.
The broader warning for AI defenses
The findings suggest that many organizations now face a double challenge: AI is expanding the speed and reach of attacks, while the tools used to investigate those attacks remain scattered. Proofpoint said 41 percent of organizations cannot correlate threats across multiple channels, while about 68 percent are not fully prepared to investigate an AI- or agent-related incident.
The report’s broader message is that AI has fused older security problems into a more complex operating reality, where compromised accounts, malicious links, prompt injection and data exposure can move together through the same collaboration systems that modern businesses rely on to get work done.