AI has moved from enabling attackers to operating attacks, running live intrusions with minimal human direction, compressing the time defenders have to respond and opening new attack surfaces across an enterprise, even as companies adopt technology at a pace that outstrips that of governance controls.
Check Point Software Technologies’ Annual AI Security Report 2026 from Check Point Research also found that in the face of this decisive shift, user identity can no longer be trusted as standalone security control.
Voice, face, documents and real-time video can now be convincingly synthesised, with highly trained reviewers only correctly detecting approximately 41% of AI-generated faces, the survey found.
At the same time, high-risk enterprise AI prompts doubled over the year, from roughly one in every 50 interactions to one in every 25. The survey found that the average organisation now runs ten AI applications a month, many without formal approval, while between 87% and 93% experience at least one high-risk AI interaction, monthly.
As a result, most enterprise data exposure comes from ordinary, approved use, not from attacks, as employees share more context than they realise to get a useful answer.
“A year ago, we described AI as a force multiplier for attackers. What we documented this year is more significant: AI has crossed into the live attack chain and is now running operations as a sole operation, that once required a skilled team,” said Check Point Research Vice President Lotem Finkelstein.
“The expertise barrier that separated capable attackers from the rest is disappearing, and defenders can no longer assume a human is setting the pace on the other side.”
Said Mr Finkelstein, “The organisations that stay ahead will be the ones that govern how AI is used, secure the AI systems they now depend on and defend at machine speed rather than human speed.”
Risk mitigation
The report framed a risk mitigation response around three imperatives:
- Security for AI: Protect the AI systems depended on. AI agents and applications are targets as much as tools.
- Security by AI: Match the speed of AI-powered attacks. Intrusions now span dozens of targets at once, with AI handling the work between check-ins.
- Security with AI: Govern how AI is used across the workforce. Much of the exposure the survey noted never came from an attack.
The full report can be accessed here.