While CEOs are gung-ho about the use of AI, CISOs are far more cautious, with nearly half having a negative attitude about generative AI rollouts.
According to a survey from NTT Data, there's a big misalignment between C-suite leaders when it comes to business goals and operational readiness for generative AI deployment.
Virtually all – 99% – of C-suite executives told researchers that they were expecting further generative AI investments over the next two years, with two-thirds (67%) of CEOs planning significant commitments. Nearly nine-in-ten (89%) reckoned that AI was the top technology they needed to ensure their competitiveness and profitability.
However, CISOs aren't exactly enthusiastic, with 45% expressing negative sentiments toward generative AI adoption. More than half (54%) said internal guidelines or policies on responsibilities were unclear, compared with only 20% of CEOs, who tended to think their policies were fine.
"Collaboration is highly valued by line-of-business leaders in their relationships with CISOs. However, disconnects remain, with gaps between the organization's desired risk posture and its current cybersecurity capabilities," said Craig Robinson, research vice president for security services at IDC.
"While the use of generative AI clearly provides benefits to the enterprise, CISOs and global risk and compliance leaders struggle to communicate the need for proper governance and guardrails, making alignment with business leaders essential for implementation."
95% of CIOs and CTOs reported that generative AI is driving greater cybersecurity investments, ranking improved security as one of the top three business benefits realized from the technology in the last 12 months.
However, only 38% of CISOs said their generative AI and cybersecurity strategies were aligned, compared with 51% of CEOs. Meanwhile, 72% of organizations still lack a formal generative AI usage policy, and just 24% of CISOs strongly agree that their organization has a robust framework for balancing risk with value creation.
"As organizations accelerate generative AI adoption, cybersecurity must be embedded from the outset to reinforce resilience. While CEOs champion innovation, ensuring seamless collaboration between cybersecurity and business strategy is critical to mitigating emerging risks," said Sheetal Mehta, senior vice president and global head of cybersecurity at NTT Data.
"A secure and scalable approach to generative AI requires proactive alignment, modern infrastructure, and trusted co-innovation to protect enterprises from emerging threats while unlocking AI's full potential."
One big problem for security leaders is legacy infrastructure, with 88% saying it's having a significant effect on business agility and generative AI readiness, with modernizing IoT, 5G, and edge computing seen as essential for future progress.
And two-thirds (64%) of CISOs are handling this by working with strategic IT partners, rather than relying on standalone AI solutions – indeed, their top criterion when assessing generative AI technology partners is end-to-end service offerings.
The report echoes research from Experio last month which found that more than one-third (39%) of UK technology leaders think their board has unrealistic expectations over the potential of generative AI tools. More than four-in-ten (41%) said governance and ethics were a leading obstacle to implementing AI in their organization.
-
Will AI eat the internet?In-depth Large language models (LLMs) risk creating a self-perpetuating loop of producing and referencing their own content online
-
HackerOne names Nidhi Aggarwal as its new chief product officerNews The former Google and Tamr executive will lead the cyber security vendor's product strategy as it doubles down on AI
-
Microsoft says workers should believe the hype with AI tools: Researchers found Copilot users saved three hours per week sifting through emails, gained more focus time, and completed collaborative tasks 20% fasterNews Using AI tools paid dividends for some workers, but alternative research shows it could create problems for others down the line.
-
Meta executive denies hyping up Llama 4 benchmark scores – but what can users expect from the new models?News A senior figure at Meta has denied claims that the tech giant boosted performance metrics for its new Llama 4 AI model range following rumors online.
-
DeepSeek and Anthropic have a long way to go to catch ChatGPT: OpenAI's flagship chatbot is still far and away the most popular AI tool in offices globallyNews ChatGPT remains the most popular AI tool among office workers globally, research shows, despite a rising number of competitor options available to users.
-
Productivity gains, strong financial returns, but no job losses – three things investors want from generative AINews Investors are making it clear what they want from generative AI: solid financial and productivity returns, but no job cuts.
-
Legal professionals face huge risks when using AI at workAnalysis Legal professionals at a US law firm have been sanctioned over their use of AI after it was found to have created fake case law.
-
Future focus 2025: Technologies, trends, and transformationWhitepaper Actionable insight for IT decision-makers to drive business success today and tomorrow
-
Looking to use DeepSeek R1 in the EU? This new study shows it’s missing key criteria to comply with the EU AI ActNews The DeepSeek R1 AI model might not meet key requirements to comply with aspects of the EU AI Act, according to new research.
-
The DeepSeek bombshell has been a wakeup call for US tech giantsOpinion Ross Kelly argues that the recent DeepSeek AI model launches will prompt a rethink on AI development among US tech giants.
