Pentera Warns of Growing AI Security Gap in 2026 CISO Benchmark

New updates have been reported about Pentera.

Pentera has released its 2026 AI Security & Exposure Benchmark, positioning the company at the center of a widening gap between aggressive enterprise AI adoption and underdeveloped security controls. Based on responses from 300 U.S. CISOs and North American security leaders, the survey underscores that while AI is now embedded across business operations, 67% of CISOs report poor visibility into how AI is actually used, and 44% say their AI security posture already trails their broader cyber program.

For Pentera, a provider of AI-powered security validation, the findings validate demand for continuous, adversarial testing of AI-driven environments as enterprises layer AI onto already fragmented IT and security stacks. CEO Amitai Ratzon cautions that AI is reshaping how data and systems interact and expanding exposure in ways security teams have not fully mapped, reinforcing the need for tools that emulate attacker behavior, pinpoint exploitable gaps, and prioritize remediation by business impact.

The benchmark highlights structural, not budgetary, constraints around AI security, with 50% of CISOs citing lack of internal expertise, 48% pointing to limited visibility into AI usage, and 36% noting an absence of AI-specific security tools, all of which signal a growing advisory and enablement opportunity for Pentera. Despite broad recognition of the risk, 75% of enterprises still rely on legacy controls originally built for other attack surfaces, and only 11% report using tools purpose-built to protect AI systems, indicating a nascent but potentially large addressable market for Pentera’s validation platform.

Funding models are also in transition: 78% of organizations currently finance AI security from existing security budgets, while only 1% maintain a dedicated AI security line item and 21% plan to introduce one, suggesting a maturing category that could support more direct spend on Pentera-like solutions. The survey further shows that AI is shaping strategic conversations about tool consolidation, with 58% of CISOs saying AI influences their consolidation strategy, yet only 3% have executed consolidation specifically because of AI and another 11% consolidating for unrelated reasons, leaving most security stacks fragmented and difficult to validate end to end.

For executives, the report positions Pentera as a beneficiary of three converging trends: accelerating AI deployment, rising regulatory and board scrutiny of AI-related risk, and a shift toward Continuous Threat Exposure Management frameworks that require ongoing validation rather than periodic assessments. By quantifying gaps in expertise, tooling, and budget structures, Pentera’s benchmark supports its go-to-market narrative that automated, AI-powered adversarial testing is becoming a critical operational layer for securing AI workflows and infrastructure.

The company is likely to leverage these insights in product roadmap decisions and sales messaging, emphasizing capabilities that help CISOs discover unknown AI use, measure control efficacy, and orchestrate remediation at scale. As more enterprises move toward dedicated AI security budgets and recognize the inadequacy of repurposed legacy tools, Pentera is positioned to capture incremental spend from organizations looking to operationalize AI risk management and reduce their exposure before sophisticated threat actors exploit emerging weaknesses.