Enterprises deploying AI systems with excessive permissions experience 4.5x more security incidents than enterprises that enforce least-privilege controls.

Organizations with over-privileged AI systems have a 76% incident rate, compared to a 17% incident rate for organizations that limit AI to only the privileges needed for the task.

70% of security leaders say AI systems have more access than a human in the same role.

One in five developers grant AI code agents unrestricted access to perform high-risk actions without human oversight.

98% of CISOs expressed that multi-factor authentication (MFA) is not doing enough to protect employees.

38% of Chief Information Security Officers (CISOs) believe zero trust is the future of cybersecurity.

In 2025, 87% of companies plan to increase their investment in Network Access Control (NAC), with 4% expecting to decrease their investment.

19% of Chief Information Security Officers (CISOs) expect a significant increase in new tasks for their IT or security teams due to security risks or vulnerabilities related to AI.

78% of Chief Information Security Officers (CISOs) expect AI to create moderate or significant increases in security workloads as they address new vulnerabilities.

92% of Chief Information Security Officers (CISOs) reported that their company has implemented, begun implementing, or plans to implement passwordless authentication in 2025, a significant increase from 70% in 2024.

67% of organizations expect to complete the shift from legacy VPNs to zero trust alternatives by next year, while 93% plan to do so by 2027.

93% of Chief Information Security Officers (CISOs) reported that their perception of Network Access Control (NAC) has improved over the past yea with 98% attributing this positive change to cloud-based NAC solutions.

96% of CISOs believe that multi-factor authentication (MFA) cannot keep up with evolving threats.

67% of organizations expect to complete their transition from Virtual Private Networks (VPNs) to zero trust access by 2026, reflecting a significant shift in security practices.

The number of completed rollouts of passwordless authentication initiatives doubled in 2025 compared to the previous year, highlighting a rapid increase in implementation.

52% of Chief Information Security Officers (CISOs) identified reduced risk of password reuse, phishing, and exploits as the top benefit of passwordless authentication in 2025.

In 2025, 98% of Chief Information Security Officers (CISOs) expressed doubt over the ability of multi-factor authentication (MFA) to adequately protect employees, showing a slight decrease from 99% in 2024.

22% of Chief Information Security Officers (CISOs) reported having a formal strategy for incorporating AI identities into their organization's zero-trust security architecture, while 78% did not have such a strategy.

59% of Chief Information Security Officers (CISOs) expect a moderate increase in new tasks for their IT or security teams due to security risks or vulnerabilities related to AI.

13% of Chief Information Security Officers (CISOs) believe that zero trust only works for certain organizations in 2025, down from 22% in 2024.