Ivanti report: 87 percent of IT pros see adopting AI as a priority

IT professionals are warming up to artificial intelligence, according to a new report from Salt Lake City-based Ivanti, a global enterprise IT and security software company. 

Ivanti’s research, titled “2026 State of Cybersecurity Report: Bridging the Divide,” which draws on insights from more than 1,200 cybersecurity professionals worldwide, said that 87 percent have made adopting AI a priority. The report also reveals a rapidly widening divide between escalating cyberthreats and organizations’ ability to defend against them.

AI is reshaping cybersecurity for both its defenders and attackers, but defenders believe they are gaining the edge, the research found. It finds that security professionals are 2.4 times more likely to believe defenders use AI as effectively as threat actors, if not more effectively. Additionally, that confidence level grows to 5.5 times in favor of defenders using AI as effectively or more effectively than threat actors over the next 24 months.

However, to effectively gain their edge, defenders must operationalize AI and automation in cybersecurity, but that remains limited. Although nearly all respondents (92 percent) say automation reduces their team’s mean time to respond, the use of AI across critical security functions varies. Fifty-three percent of security teams utilize AI for cloud security policy enforcement, 44 percent employ it for incident response workflows, 43 percent for threat intelligence correlation and just 42 percent for vulnerability response and remediation.

Organizations are actively exploring how best to utilize these technologies, yet there remains a degree of caution. Agentic AI — autonomous systems capable of making real-time decisions and acting independently — has not yet earned universal trust. In addition to security professionals saying integrating agentic AI is a priority for their teams, 77 percent report at least some comfort with allowing autonomous AI systems to act without human oversight. This marks a growing, albeit cautious, trust in automated cybersecurity defenses and signals a shift toward greater acceptance of agentic AI solutions, even as challenges persist, study authors said.

“Although defenders are optimistic about the promise of AI in cybersecurity, Ivanti’s findings also show companies are falling further behind in terms of how well prepared they are to defend against a variety of threats. This is what I call the ‘cybersecurity readiness deficit’ — a persistent, year-over-year widening imbalance in an organizations’ ability to defend their data, people and networks against the evolving threat landscape,” said Daniel Spicer, chief security officer at Ivanti. “This challenge is intensified by the accelerating pace of technological change, particularly as organizations advance their SaaS transformation initiatives and the speed at which new technologies are adopted. Security leaders understand that time and people are their most valuable assets.”

The study also concluded that there is a growing IT security rift as teams clash over cyber risk priorities. Nearly half (48 percent) of security professionals say IT teams do not respond urgently to cybersecurity concerns, while 40 percent believe IT lacks an understanding of their organization’s risk tolerance. This disconnect is particularly damaging for exposure management, which relies on collaboration between security and IT to connect technical exposure to business expectations, the study said.

Study respondents said the majority of companies have already faced deepfake attacks and employees are the new front line. A staggering 77 percent of organizations have already been targeted by deepfake attacks, with over half (51 percent) facing sophisticated, personalized phishing emails powered by deepfake technology. These threats extend well beyond traditional office roles; executives are equally vulnerable. Just 30 percent of security professionals are confident that their CEOs could reliably identify a deepfake, underscoring a critical gap in organizational readiness and awareness.

Human burnout is also a concern to IT professionals. Cybersecurity teams face unsustainable stress, creating a second systemic vulnerability. Ivanti’s findings reveal 43 percent of security pros report high stress and 79 percent say it harms their physical and mental health. When companies cannot access the right skills, it has a significant negative effect on human burnout, security preparedness and business outcomes. Lack of skilled talent is the No. 1 barrier to cybersecurity excellence, according to survey respondents.

Ivanti’s report can be seen on its website at www.ivanti.com.