AI coding assistants are no longer experimental. 67% of organizations report they're already widely adopted across development teams, and the productivity gains are real. But adoption has outpaced governance, and with 9 in 10 security leaders actively concerned about AI-generated code, the risks are mounting faster than most teams can manage.
This report, based on research across 100 IT security leaders in the UK and USA, reveals where the gaps are and what to do about them. From the dominance of manual review in a machine-speed world, to the specific risks that keep security leaders up at night, it outlines five concrete priorities for building governance that actually scales with AI.
In the report, you’ll find:
- The governance gap: AI adoption has outpaced security controls, and why the organizations that act now will have a structural advantage.
- Where manual review breaks down: The specific failure modes of human-led validation when AI generates code at machine speed and volume.
- Five priorities for security leaders: Actionable steps to close the gap, from visibility into the AI layer to supply chain governance.
- International guidance alignment: How NCSC, CISA, and NSA guidance maps to what's happening inside your development pipelines today.
Download the report to get the complete findings for security leaders, and the governance framework your organisation needs.