Overview
- Check Point’s late-May 2026 Cloud Security Report, based on 1,042 IT and security pros, found 77% of organisations updated AI security strategy but only 26% have an architecture that can enforce those policies.
- Only 5% of firms report full visibility into which AI tools employees use and where data flows, and 78% have either confirmed or suspect AI-related incidents such as shadow AI use, AI-driven phishing, or sensitive data leaks.
- Network and inspection tools struggle with API-heavy AI traffic: only 24% can fully inspect AI traffic without harming performance and 67% report fragmented policies across hybrid environments.
- Prevention controls are scarce at key enforcement points: 13% can block malicious prompts, 16% can stop sensitive data reaching AI services, 5% can block unsafe AI outputs, and only 17% broadly deploy runtime LLM controls.
- Report authors urge an architecture-first fix that inventories AI assets, governs access, installs prevention at runtime, centralises policy authority, and unifies hybrid security to reduce agent-driven and data-exfiltration risks.