A new report by NTT DATA, The AI Security Balancing Act: From Risk to Innovation, reveals a sharp divide among C-Suite leaders over GenAI adoption. While 67% of CEOs plan significant GenAI investments over the next two years, nearly half of CISOs (45%) express concerns due to unclear governance, security risks, and outdated infrastructure.
NTT DATA surveyed 2,300+ senior decision-makers across 34 countries. Findings show that although 99% of C-Suite leaders expect to invest further in GenAI, many organizations lack operational readiness. Just 38% of CISOs report alignment between GenAI and cybersecurity strategies, compared to 51% of CEOs.
Despite these concerns, 81% of CISOs with negative sentiments still believe GenAI will improve efficiency and business impact. However, 72% of organizations lack formal GenAI usage policies, and only 24% of CISOs feel confident about existing frameworks for balancing innovation with risk.
Legacy tech and skill gaps hinder progressA majority (88%) of CISOs cite aging infrastructure as a major obstacle to GenAI adoption. While nearly all CISOs (97%) consider themselves decision-makers in GenAI strategy, 69% admit their teams lack the skills to fully support implementation.
To address these gaps, 64% of CISOs are turning to co-innovation with strategic IT partners over standalone solutions. End-to-end GenAI service offerings are the top priority in partner selection.
“Cybersecurity must be embedded from the outset,” said Sheetal Mehta, SVP & Global Head of Cybersecurity at NTT DATA. “A secure and scalable approach to GenAI hinges on alignment, modern infrastructure, and trusted collaboration.”
IDC’s Craig Robinson added: “While GenAI’s benefits are evident, the disconnect between business vision and cybersecurity capability highlights the urgent need for governance and cross-functional coordination.”