Utimaco Survey: 78% of US Companies Say Data Breaches Are the Top GenAI Risk, But Most Haven’t Acted

The rapid integration of generative AI into daily workflows has outpaced security planning, leaving a majority of large U.S. firms vulnerable to data breaches. Utimaco’s survey shows that while 78% of respondents recognize breach risk, more than half have not instituted any defensive controls. This inertia stems from a combination of legacy infrastructure, limited security talent, and the perceived complexity of AI‑specific safeguards. As AI models become repositories for sensitive customer and proprietary data, a single leak can erode brand trust and trigger costly litigation, underscoring the urgency for proactive risk‑management frameworks.

Equally pressing is the looming quantum threat. The “harvest‑now‑decrypt‑later” (HNDL) scenario, cited by 72% of participants, exploits today’s encrypted traffic, banking on future quantum computers to break the cipher. Yet 75% of firms have not adopted post‑quantum cryptography or hardware‑based key‑management solutions, leaving critical data exposed for years. Vendors like Utimaco, which specialize in hardware security modules (HSMs) and quantum‑resistant key‑management, are positioned to bridge this gap, but adoption remains limited due to cost concerns and uncertainty about migration pathways.

For executives, the report signals a clear mandate: embed comprehensive encryption strategies that address both current AI‑related vulnerabilities and future quantum risks. Integrating on‑premises HSMs with cloud‑native key services can provide the flexibility needed to protect data across hybrid environments. Moreover, as U.S. privacy legislation evolves, demonstrating robust data‑protection measures will become a competitive differentiator. Companies that act now will not only mitigate immediate breach threats but also future‑proof their security posture against the quantum era.