As AI technology rapidly advances and cyber threats grow more complex, new research from Salesforce underscores a stark truth: most enterprise IT security leaders are unprepared for secure deployment of autonomous AI agents.
According to the latest State of IT report from Salesforce, 100% of surveyed IT security leaders identified at least one area where AI agents could enhance their cybersecurity posture. Yet, nearly 80% of respondents admitted that their current security strategies need transformation to meet the demands of the agentic AI era.
Despite strong enthusiasm for the potential of AI, the survey — which included responses from more than 2,000 IT security leaders across 30 countries — reveals deep concerns about readiness. Nearly half (48%) fear their data infrastructure is insufficient to support agentic AI, and 55% lack full confidence in their ability to implement AI agents with appropriate safeguards.
“Trusted AI agents are built on trusted data,” said Alice Steinglass, EVP and GM of Salesforce Platform, Integration, and Automation. “IT security teams that prioritize data governance will be able to augment their capabilities while protecting data and remaining compliant.”
Rising Threats, Growing Budgets
The evolving threat landscape is prompting action. While traditional risks like phishing and malware remain top of mind, emerging challenges such as data poisoning — where attackers manipulate AI training datasets — are gaining prominence. In response, 75% of organizations expect to increase their cybersecurity budgets over the next year.
Compliance: An Opportunity and a Hurdle
AI agents could help companies navigate regulatory complexities by improving compliance with data privacy laws. But that potential is complicated by real-world challenges. While 80% of leaders see AI as a compliance enabler, 79% also recognize it as a compliance risk. Less than half (47%) feel confident in their ability to deploy AI agents in full compliance with regulations, and a staggering 83% have yet to fully automate compliance processes.
Trust Gap Widening
Trust remains a cornerstone of effective AI deployment — yet both consumer confidence and internal confidence are faltering. Only 42% of consumers trust companies to use AI ethically, down from 58% in 2023. Meanwhile, internally, 57% of IT security leaders doubt the accuracy or explainability of their AI systems, and 60% admit they don’t offer full transparency into how customer data is used.
Data Governance: The Key to Agentic Maturity
The research finds that nearly half of security leaders are uncertain about their data quality or their ability to enforce proper AI governance. However, there are signs of progress. A separate survey of CIOs shows that companies are investing four times more in data infrastructure and management than in AI itself — a promising sign that many are laying the necessary groundwork.
Adoption Rising, But Preparation Lags
AI agent adoption is already underway, with 41% of IT security teams using them in daily operations — a figure expected to rise to 75% within two years. These agents are expected to support everything from threat detection to audit capabilities for AI models.
Still, only 47% of leaders believe their current security and compliance practices are fully ready to support AI agents — underscoring the need for widespread tactical overhauls.
Real-World Example: ASU Embraces Agentic Future
Arizona State University (ASU) is among early adopters, using Salesforce’s Agentforce platform to embed trusted AI agents into daily operations. ASU has emphasized the importance of data relevancy in their AI efforts, implementing robust data backup and compliance tools through Salesforce-acquired Own to support innovation securely.