CISOs must consider potential risks before hastily adopting AI technologies.

Organisations are increasingly investing in cloud, AI, and emerging technologies, yet their infrastructure and security strategies often lag behind. A recent Unisys survey of 1,000 senior executives reveals a misalignment between business and IT leaders regarding the necessary preparations for the next wave of technology. From a security perspective, the findings raise concerns about the speed at which organisations advance without addressing core risks. Eighty-five per cent of respondents indicated that their cybersecurity posture is reactive, focusing more on incident response than prevention. This reactive approach leaves organisations vulnerable to attacks that can result in significant downtime. Notably, 41 per cent of respondents reported that an hour of unplanned downtime costs between $100,000 and $500,000. Cloud complexity exacerbates this risk profile, as most organisations utilise a mix of seven different types of cloud platforms, which, while providing flexibility, also introduces management challenges and increases the attack surface.

The urgency surrounding Agentic AI adoption does not align with readiness, as nearly three-quarters of business executives believe that failing to adopt Agentic AI within the next year will harm competitiveness. However, 43 per cent of IT executives assert that their infrastructure cannot support such advancements. This disconnect may lead to rushed deployments that outpace security controls, heightening exposure risks. Quantum readiness is another growing concern, with 71 per cent of organisations admitting they are unprepared to defend against quantum cryptography threats. Only 14 per cent report that their infrastructure is ready for post-quantum security. Many executives perceive security as a barrier to innovation, with two in three business leaders stating that data and cloud security limits the adoption of new technologies. Innovation Leaders, a select group of respondents with advanced approaches, invest in industry-specific cloud platforms and adopt proactive security measures. For Chief Information Security Officers (CISOs), the report underscores the need for security to keep pace with technology adoption, particularly as organisations expand their use of cloud and AI.