Mumbai — A new study by NTT DATA has found a disconnect among top corporate executives over the adoption of Generative Artificial Intelligence (GenAI), particularly between chief executive officers (CEOs) and chief information security officers (CISOs).
The report, titled “The AI Security Balancing Act: From Risk to Innovation,” draws from a global survey of over 2,300 senior decision-makers in 34 countries. The findings indicate that while a majority of CEOs support expanded GenAI use, many CISOs continue to express concerns about security risks and infrastructure readiness.
Contrasting Views Within the Executive Team
According to the survey, 99% of C-suite executives plan to increase GenAI investment over the next two years, with 67% of CEOs indicating plans for significant commitments. Similarly, 95% of CIOs and CTOs report that GenAI adoption has either led or will lead to increased cybersecurity investment, with improved security ranking among the top three perceived benefits.
However, 45% of CISOs expressed negative views about GenAI implementation. A majority (54%) of CISOs also reported a lack of clarity in internal policies regarding GenAI responsibility. In contrast, only 20% of CEOs reported the same concern.
Despite their reservations, 81% of senior IT security leaders who expressed concern about GenAI still acknowledged its potential to enhance efficiency and contribute to organizational performance.
Operational Gaps in GenAI Readiness
The report also highlights capability challenges in implementing GenAI initiatives. Although 97% of CISOs identified themselves as decision-makers for GenAI, 69% acknowledged that their teams lacked the necessary skills to effectively use the technology.
Only 38% of CISOs said their GenAI and cybersecurity strategies were aligned, compared to 51% of CEOs. Additionally, 72% of organizations surveyed reported not having a formal GenAI usage policy, and just 24% of CISOs strongly agreed that their organization has a framework to balance risk and value creation.
Technology Infrastructure Cited as Barrier
A significant number of security leaders (88%) identified legacy infrastructure as a limiting factor in business agility and readiness for GenAI. Areas identified for modernization included IoT, 5G, and edge computing systems.
In response to these challenges, 64% of CISOs are opting to work with strategic IT partners, rather than rely solely on standalone AI solutions. The most important factor for CISOs when evaluating GenAI partners was the availability of end-to-end service offerings.
Call for Governance and Collaboration
NTT DATA’s cybersecurity leadership emphasized the importance of integrating security considerations into GenAI development from the start. According to the report, aligning business objectives with cybersecurity capabilities is seen as a requirement for secure implementation.
Craig Robinson, Research Vice President for Security Services at IDC, stated that while the benefits of GenAI are recognized, risk and compliance leaders face challenges in communicating the importance of governance frameworks. The report calls for improved coordination among business and security leadership to support effective implementation.
Research Methodology
The findings are based on a survey conducted by Jigsaw Research for NTT DATA. The survey included 2,300 senior GenAI decision-makers. Of these, 68% held C-suite positions, while the remainder included vice presidents, directors, and senior managers.