A recent study presented at Infosecurity Europe 2026 has revealed that the most pressing concern among cybersecurity professionals today is the rising threat of AI-powered attacks. The research, conducted by Filigran during the three-day event, surveyed 168 cybersecurity leaders from various sectors and yielded significant insights into the current state of security challenges.
According to the findings, a striking 41% of the respondents identified AI-powered attacks as their top concern—a figure that is notably double the 21% who expressed worries regarding supply chain risks and the same percentage who were apprehensive about unidentified threats. This indicates a clear shift in the landscape of cybersecurity challenges, where the capabilities of artificial intelligence are rapidly evolving, leading to an uptick in sophisticated cyber threats.
In addition to concerns about AI threats, the study also delved into the internal challenges faced by security teams. The respondents indicated that a substantial amount of their time is consumed by the need to chase false positives and low-priority alerts, with 26% highlighting this as their primary issue. This suggests that a significant proportion of professional resources is being squandered on validating information that may not pose a real risk, thereby detracting from more critical tasks. Following closely behind, 25% of respondents noted the time spent validating whether indicated risks are genuine. Other responses included 17% who mentioned the manual process of stitching together data from various security tools, while 13% cited delays due to awaiting actions from other teams based on their findings.
Julien Richard, the Chief Technology Officer at Filigran, commented on these findings, stating, “Organizations have access to more security data than ever before, but turning that information into action remains difficult.” He emphasized that the core challenge lies in discerning which exposures are genuinely significant, which of these vulnerabilities might be exploited in their specific environment, and whether existing security measures would effectively mitigate these risks. Richard’s observations underline a persistent struggle within organizations to convert data into actionable defense strategies.
The study also touched upon the effectiveness of threat intelligence. While such intelligence is considered vital for effective security operations, many organizations grapple with translating this vast array of data into clear, actionable directives. A mere 19% of participants expressed full confidence in their threat intelligence systems to prioritize necessary fixes. More than half (52%) reported that this intelligence informs their decisions but still requires extensive human judgment, while 21% acknowledged that the sheer volume of data can sometimes create confusion rather than clarity.
Moreover, cybersecurity professionals exhibited a cautious stance toward the adoption of AI in decision-making processes, with only 8% indicating they would trust AI to make security-related decisions autonomously. This reticence highlights a broader hesitance in the field regarding the placement of significant trust in automated systems without human oversight.
The study further explored the adoption of Continuous Threat Exposure Management (CTEM), an emerging framework designed to prioritize and validate cyber risks. Alarmingly, only 28% of respondents indicated that their organizations had implemented a proactive exposure management program, illustrating the need for greater awareness and integration of modern practices within cybersecurity strategies.
On a strategic level, board members are increasingly concerned about how AI may impact the threat landscape. Respondents were asked which issues board members inquire about most frequently, with 32% citing AI-driven threats and the organization’s readiness to confront such challenges. This concern for AI has now eclipsed previously dominant boardroom priorities, including regulatory compliance initiatives like NIS2 and DORA (19%), as well as issues related to supply chain and third-party risk (16%) and cloud and infrastructure vulnerabilities (15%).
In summary, the findings from the Infosecurity Europe 2026 study illuminate a critical landscape where AI not only poses significant threats but also complicates existing cybersecurity endeavors. As professionals grapple with managing time-consuming validation processes and the challenges posed by unreliable threat intelligence, the need for proactive measures and effective communication within organizations becomes increasingly vital. The reported concerns at the board level underscore a growing awareness of the implications of AI on organizational security, a trend that is likely to shape future cybersecurity strategies significantly. The evolving threat posed by AI, coupled with the need for a more organized and effective response, showcases an urgent call to action within the cybersecurity community.