AI agent adoption is driving increases in opportunities, threats, and IT budgets

In an AI-powered economy, data security is not just a box-checking exercise. Instead, security is the catalyst for trust and innovation within your organization and with your customers.

That’s the conclusion from the State of IT report from Salesforce, which surveyed over 4,000 IT decision-makers worldwide, including more than 2,000 professionals specializing in security, privacy, or compliance. The survey aimed to understand fast-evolving cyber threats and security priorities, suggesting how to build customer trust in an AI-driven world and use AI to improve security postures. Here are the key takeaways from the report: 

1. Security budgets on the rise: Three-quarters of organizations anticipate budget increases to address everything from data poisoning to more advanced threat detection. 
2. Trust is paramount: Almost two-thirds (64%) of customers feel that companies are being reckless with their data, and 61% believe that AI advancements make it more important than ever for companies to protect their data, underscoring the importance of organizations prioritizing data stewardship. 
3. Compliance is complex: More than two-thirds (68%) of security leaders say compliance has become more difficult as the regulatory environment changes swiftly, and 43% feel underprepared for potential AI-related regulations. 
4. AI can strengthen defenses: While 79% of security leaders believe that AI agents will introduce new security and compliance challenges, 80% suggest AI agents will introduce new security opportunities.

IT security budgets are increasing

According to the State of IT survey, the top five most concerning security threats are cloud security, data poisoning, malware, phishing, and ransomware. The top five most effective security tactics are data encryption, data backup and restore, identity and access management, zero-trust strategies, and data masking. 

Also: The death of spreadsheets: 6 reasons why AI will soon be the dominant business reporting tool

The survey found that 75% of IT organizations expect to increase their IT security budgets, with only 2% anticipating a decrease in budgets. Compliance is also more difficult to manage, with 68% of security leaders saying compliance is more difficult amid evolving regulations. Almost half (43%) of security leaders don’t feel prepared for potential regulatory changes around AI.

AI creates opportunities and threats

The use of AI agents in business is rising quickly. AI agents can autonomously take action and serve as digital labor. However, security leaders acknowledge that, without proper governance, AI agents may introduce new security and compliance challenges. Therefore, it’s no surprise that CIOs rank security and compliance as their top AI concern and the top criteria when selecting AI vendors. 

Security leaders also see AI agents offering powerful advantages and new opportunities for security and compliance. More than three-quarters (79%) of security leaders believe AI agents introduce new security challenges. The survey found that 80% of security leaders believe that AI agents introduce new security opportunities. AI agents with properly programmed skills can enhance threat detection, automate vulnerability management, and support compliance efforts at scale.

Security in the age of agentic AI

AI has fundamentally changed the cybersecurity landscape. The report found that 75% of security leaders believe AI-driven cyber threats will soon outpace traditional defenses, and 79% believe their security practices must transform as AI use increases. 

Also: AI agents bring big risks and rewards for daring early adopters, says Forrester

IT leaders see the following threats from AI: data breaches, privacy concerns, data poisoning, AI-powered threats, model supply chain attacks, adversarial attacks, and bias and discrimination. The report also noted that most security leaders believe AI-driven cyber threats could soon outpace traditional defenses, underscoring the need for new tactics and continuous vigilance.

So, how can AI agents improve organizational security postures? Here are a few ways agents can help: 

• Threat detection and response: Flagging unusual activity and coordinating incident remediation with minimal delay
• Model bias identification: Continuously auditing AI models for biases and vulnerabilities, ensuring fairness and reliability
• Compliance automation: Tracking policy adherence across systems, reducing manual oversight

A powerful realization from the IT report is that 100% of security leaders believe AI agents can improve at least one security concern. By offloading repetitive or high-volume tasks to agents, teams can redirect their focus toward higher-level strategy — an essential shift when threats proliferate faster than most security teams can keep up.

AI agent compliance and governance 

Organizations have room to improve in this area. The survey found that 55% of security leaders don’t feel fully confident that they can deploy AI agents with the right guardrails, and 53% aren’t fully confident they can deploy AI agents that comply with regulations and standards. 

Even though accountability for AI governance is a work in progress, over 70% of security leaders say they already have AI security and privacy protocols, and 64% have clearly defined roles and responsibilities around AI development and governance. 

Also: Why remote work is still the secret sauce behind small business success

The path to progress with compliance is transparency. According to Salesforce research, 42% of customers say transparency in how AI is used would increase their trust in AI. Another 31% say that the explainability of AI outputs would boost trust. 

IT leaders recognize the importance of transparency with customers. Over three-fourths (77%) of security leaders believe customers are aware when they engage with AI versus a person, and 81% believe customers understand how their information can be used by an organization’s AI systems and applications. 

Another key foundational element for establishing trust is explainability. Among organizations actively using AI, 70% of security leaders feel AI accuracy and explainability are a concern, and less than half are fully confident that they can explain AI outputs.

Building customer trust in agents

The survey suggested that trust with customers is eroding. Almost three-quarters (71%) of customers say their trust in companies is decreasing, up from 52% in 2023 and 47% in 2022. Customers say that as organizations build protections for AI products, are transparent about AI usage, improve the accuracy of AI outputs, and take customer feedback, their trust in AI will increase. 

IT leaders view trust as the key adoption requirement for customers. The survey found 64% of security leaders believe customers hesitate to adopt AI services due to security or privacy concerns. 

Also: Tech leaders are seemingly rushing to deploy agentic AI – here’s why

An important finding of the report was the gap between industry standards for privacy and their ability to explain AI-produced outcomes. While over 90% of security leaders feel like their organizations are on par with or above industry standards when it comes to privacy policies and their cultures around security, transparency, and trust, less than half feel like their organizations are excellent at providing explainability of AI outputs, accurate AI outputs, and transparency to customers on how their data is being used in AI systems.

The research concluded with the following forecast on key trends and considerations:

• Ongoing regulatory complexity: Compliance management will be a continuous process as AI regulations emerge across different regions
• Proactive AI adoption: Companies that embrace AI agents as a security ally, rather than fearing it, will discover new efficiencies and opportunities for differentiation
• Continual skill evolution: Security roles will keep transforming, demanding new proficiencies in AI oversight, data governance, and ethical decision-making

To learn more about the State of IT: Security report, you can visit here.

READ MORE HERE