Intelligent CISO Issue 99 | Page 10

Checkmarx report finds 95 % of CISOs face pressure to delay security issues
PagerDuty study finds widespread use of unauthorised AI tools in the workplace

CISO news

Checkmarx report finds 95 % of CISOs face pressure to delay security issues

A new Checkmarx study has found that 95 % of CISOs feel pressure to suppress or delay compliance-related security issues when business deadlines are at stake, while the rapid growth of AI-generated code is creating new security challenges.
early all developers now use AI to write code, but fewer than one in five apply security controls continuously

N during development, according to Checkmarx’ s Future of Application Security 2026 report.

The research, based on responses from 2,350 CISOs, AppSec managers and developers across 14 countries, found that 95 % of CISOs feel pressure to suppress or delay compliance-related security issues when business deadlines are at stake.
The report also highlights growing concerns around AI-generated code. Organisations with 81 – 100 % AI-generated production code were found to be nearly three times more likely to ship software containing known vulnerabilities than organisations with 1 – 20 % AI-generated code production, at 47 % and 14 % respectively.
Checkmarx found that 75 % of organisations knowingly deploy vulnerable code at some point, while 93 % reported experiencing a recent breach linked to their own applications. Despite this, 73 % described their security posture as advanced or highly mature.
“ This report points to a massive disconnect between the security crisis that organisations are facing and the incremental steps that they are taking to address it. A completely new model is required,” said Sandeep Johri, CEO of Checkmarx.
“ Just like the student cannot grade their own exam, AI alone cannot secure code – and, as the research shows, it adds risk. Organisations need security that combines deterministic precision with probabilistic reasoning to identify novel exploitable patterns, while closing the gap between finding a vulnerability and fixing it with better humanguided remediation.”

PagerDuty study finds widespread use of unauthorised AI tools in the workplace

A new PagerDuty survey has found that two-thirds of office professionals have used AI tools at work despite believing such usage was not permitted by company policy.
agerDuty has published research highlighting growing tensions

P between employee adoption of AI tools and corporate governance policies, with many workers using AI applications without formal approval.

The findings underline the challenge organisations face in balancing AI innovation with governance, security and workforce expectations.
The PagerDuty Shadow AI Survey, conducted among 1,250 office professionals working in non-IT and technology roles at organisations with annual revenues exceeding US $ 500 million, found that 66 % had used AI tools or services at work despite believing this was not allowed under company policy.
The research, which covered respondents in Australia, Japan, the UK and the US, suggests employees are increasingly confident in their AI skills but feel restricted by organisational controls.
Among respondents who admitted using potentially unauthorised AI tools, 53 % said they received informal guidance to stop using them, while 48 % faced formal consequences such as warnings or disciplinary action.
The survey also highlighted concerns about employee retention. According to the findings, 77 % of respondents believe company restrictions on AI usage are limiting their professional development or career progression. Meanwhile, 75 % said they would be likely to seek a new employer
offering better AI skills development opportunities, rising to 80 % among workers at organisations with revenues exceeding US $ 1 billion.
“ When over 30 % of employees are putting confidential company data into public models,‘ Shadow AI’ becomes a massive enterprise liability,” said Tim Armandpour, CTO, PagerDuty.
10 WWW. INTELLIGENTCISO. COM