Why Cybersecurity Teams Are Struggling to Keep up with AI Adoption

The rapid diffusion of generative AI tools has transformed everyday workflows, but it has also created a blind spot for many security operations. A McKinsey 2025 study shows virtually every surveyed enterprise now uses AI in some capacity, yet Fortinet’s 2026 Skills Gap report finds only half of board members feel fully aware of the associated risks. As employees experiment with dozens of chat‑based assistants, code‑generation services, and image‑creation platforms, security teams are forced to chase unknown data flows, stretching already thin analyst resources.

Fortinet is betting on ‘agentic AI’ to relieve that pressure. By automatically pulling telemetry from firewalls, secure‑access service edge (SASE) gateways, and other Forti products, the technology builds a consolidated view of AI‑generated activity and triages alerts before a human analyst intervenes. The approach hinges on tight integration; a SOC littered with fifty disparate tools can dilute the benefit, turning AI into just another overlay. Fortinet’s long‑standing AI engine, now extended to investigative automation, promises to cut investigation time dramatically, giving understaffed NOCs and SOCs a scalable assistant.

The broader lesson for enterprises is two‑fold: first, they must establish clear visibility and governance over every AI application, especially where sensitive code or customer data traverses public clouds or on‑premise servers. Second, they should leverage AI itself to reinforce security controls, creating a feedback loop of “security for AI” and “AI for security.” Fortinet’s emphasis on data sovereignty—allowing customers to run AI workloads in chosen regions—addresses regulatory pressures while maintaining consistent protection. As AI becomes a competitive differentiator, organizations that embed these dual safeguards will stay ahead of the threat curve.