Why cybersecurity still needs real-world classrooms
Why cybersecurity still needs real-world classrooms
Read More
AI governance is now a day-to-day operational problem for security teams.
Jamf’s latest AI governance survey, based on responses from 687 IT and security leaders across Apple enterprises, found that 72.9% of organisations have already deployed AI in some form. Some are still at the team-level pilot stage. Some have made AI broadly available across the organisation. And a smaller but significant group (10.3%) say AI is already deeply integrated into workflows.
The problem is that AI risk doesn’t appear to shrink as organisations mature. Instead, it rises.
According to Jamf, 22.0% of organisations have already experienced an AI-related cost or security incident. Another 59.7% see one as a near-term risk – so Jamf classifies 81.7% of organisations as exposed to AI risk.
Adoption is moving faster than AI governance.
Everyone in security knows that AI creates risk. But the important finding from the Jamf study is that risk increases with depth of deployment.
Among organisations still exploring AI, 19.4% report an AI-related incident. Among organisations where AI is deeply integrated into workflows, that rises to 27.1% – a 40% increase in incident rate, according to Jamf.
This cuts against the reassuring idea that maturity automatically creates safety. In AI, maturity may also mean more exposure: more users, more tools, more integrations, more data flows, more automation and more places where governance can fail.
The incidents are not limited to classic security breaches. Jamf breaks them into three buckets:
So AI risk hits both the security team and the budget. A poorly governed AI rollout can leak data, inflate cloud spend and create a mess of overlapping tools that nobody fully owns.
Jamf’s survey shows three priorities converging. The top AI priority among respondents is automating IT operations, selected by 44.4%. Close behind are deploying AI productivity tools at 41.0%, followed by establishing AI governance at 36.7%.
That suggests that security and IT leaders are not ignoring governance – but the problem is that governance is being forced to run alongside adoption, not ahead of it.
Jamf identifies four recurring challenge areas from open-ended survey responses:
Shadow AI is the obvious one. Employees create personal accounts, test tools without approval and may paste sensitive information into systems IT can’t see.
Vendor sprawl is harder to contain. AI is no longer just something organisations buy as a standalone platform. It’s being embedded into software they already use. That means every vendor update can become a governance question.
And agentic and developer AI raise the stakes again. AI tools are helping write code, trigger workflows, interact with development environments and, in some cases, act with permissions inside business systems.
That changes the job of governance. Policies are not enough – security teams need visibility into tools, traffic, data access, runtime behaviour and the permissions AI systems are granted.
Jamf’s findings show what AI risk looks like inside organisations. A different piece of research, FIRST’s 2026 vulnerability forecast update, shows why the broader environment is becoming harder to manage.
FIRST says vulnerability volumes are currently tracking 46.3% above its original forecast, an excess of 6,420 CVEs, leading to a revised 2026 projection of around 66,000 CVEs.
AI-assisted discovery is one driver. The research points to the first major wave of AI-assisted bug hunting, including a reported 164% spike in Q1 disclosures at Mozilla linked to AI-assisted vulnerability discovery work, and notes that Mozilla’s AI-assisted hardening activity identified and fixed 271 bugs for Firefox 150.
But FIRST is careful not to blame everything on AI. It also points to structural changes: more open source projects receiving attention, broader software growth and expanded vulnerability cataloguing. GitHub Security Advisories volume is up 449% year on year, while VulnCheck is up 3,119% year on year as a CNA of Last Resort absorbing unassigned backlog.
The result is a strange new reality. More vulnerabilities are being found, but not all of them represent immediate exploitable danger.
FIRST argues that while total disclosure volume is surging, actionable exploitability (vulnerabilities in CISA’s Known Exploited Vulnerabilities catalogue or with an EPSS score above 10%) remains flat or stable.
That’s a useful reminder that the sky is not necessarily falling. But it is raining harder – and security teams still need to work out which leaks are dangerous.
One of FIRST’s key warnings concerns what it calls ‘ephemeral instant software’: AI-generated code or applications created and deployed on demand.
These may never appear in a traditional CVE registry. They might not belong to a recognised vendor. They may be built by employees using AI tools, stitched together from packages, scripts and generated code – then used inside a specific business process.
The research warns that these ‘micro-vulnerabilities’ can create localised systemic risk even if they’re never tracked in national vulnerability databases.
This connects directly to Jamf’s concern about agentic and developer AI. When non-technical users can ‘vibe-code’ internal tools, or developers can generate code at speed inside complex environments, the governance challenge changes.
Instead of just approving applications, security teams are trying to govern a moving layer of AI-assisted software creation. And that’s a very different problem from blocking an unsanctioned chatbot.
Both reports point towards the same conclusion: AI does not remove work from security teams as neatly as many business leaders hope.
It changes the work.
Jamf’s respondents are trying to automate IT operations, deploy productivity tools and build governance at the same time. FIRST argues that the bottleneck in vulnerability management is shifting from discovery to the human capacity to verify, coordinate and patch.
AI can help find issues faster, help generate code faster, help employees move faster. But speed without governance creates more signals, more tools, more exceptions, more data flows and more decisions for already stretched teams.
So the challenge isn’t just whether AI will create more vulnerabilities (it will), or whether AI will solve vulnerability management (it could) – it’s both.
AI will discover more problems. And AI will create new ones. AI will help fix some of them. And humans will still be left deciding what’s really important.
We need to:
• Treat every AI deployment as a governance decision, not just a productivity upgrade. If a tool touches data, code, identity or workflows, security needs visibility before it scales.
• Prioritise visibility over blanket bans. Shadow AI grows when employees have demand but no approved route. Governance works better when teams can see tools, traffic, data access and permissions.
• Separate vulnerability noise from exploitable risk. FIRST’s forecast shows why exploitability overlays, asset context and prioritisation are becoming more important as vulnerability volumes rise.
The lesson from both reports is that AI enablement and AI governance now have to be the same project. If an organisation treats governance as an afterthought, it may move quickly at first – but it’s also more likely to discover that deeper AI deployment means deeper exposure.
Join the newsletter to receive the latest updates in your inbox.
Why cybersecurity still needs real-world classrooms
Read More
Modern cybercrime is powered by specialist providers, from Initial Access Brokers to ransomware affiliates. Explore the Crime-as-a-Service ecosystem and its impact on defenders.
Read More
Researchers are tracking new ransomware programmes that rely on a legacy of expertise, and a business model that attracts threat actor talent.
Read More