36% of CISOs report insufficient AI-specific security tools as a top challenge.

61% of organizations report the use of unsanctioned AI tools, creating significant visibility and governance gaps.

95% of surveyed organizations reported using AI tools in software development.

28% of organizations reported that cybersecurity AI tools improved their detection and response capabilities.

56% of employees are unhappy with their company's approach to AI tools, which can drive them toward unsanctioned platforms and creating 'shadow AI' risks.

23% of organizations admitted to having no controls for AI prompts or outputs.

In 2025, 28% of cybersecurity professionals reported having already integrated AI tools into their operations.

13% of organizations reported having strong visibility into how AI systems handle sensitive data.

76% of respondents reported that autonomous AI agents are the hardest systems to secure.

57% of organizations reported lacking the ability to block risky AI actions in real time.

66% of organizations reported catching AI tools over-accessing sensitive information.

The average organization used 27 distinct AI tools in Q3 2025, down from 23 new tools introduced in Q2 2025.

1% of education institutions ban AI tools entirely for faculty and staff.

74% of education institutions allow AI tools with guidelines for faculty and staff.

10% of education institutions discourage but do not ban AI tools for students.

73% of education institutions allow AI tools with guidelines for students.

60% of students use AI for brainstorming.

49% of students use AI for language assistance.

86% of education institutions permit students to use AI tools.

62% of students use AI for research.