CISOs flag gaps in GenAI strategy, skills, and infrastructure

95% of C-suite leaders say that GenAI is driving a new level of innovation in their organizations, according to NTT DATA.

While CEOs and business leaders are committed to GenAI adoption, CISOs and operational leaders lack the necessary guidance, clarity and resources to address security risks and infrastructure challenges associated with deployment.

The C-Suite disconnect

99% of C-Suite executives are planning further GenAI investments over the next two years, with 67% of CEOs planning significant commitments.

In parallel, 95% of CIOs and CTOs report that GenAI has already driven, or will drive, greater cybersecurity investments, with organizations ranking improved security as one of the top three business benefits realized from GenAI deployment in the last 12 months.

Yet, even with this optimism, there is a notable disconnect between strategic ambitions and operational execution with 45% of CISOs expressing negative sentiments toward GenAI adoption. 54% of CISOs say internal guidelines or policies on GenAI responsibility are unclear, yet only 20% of CEOs share the same concern – revealing a stark gap in executive alignment.

Despite feeling cautious about the deployment of GenAI, security teams still acknowledge its business value. In fact, 81% of senior IT security leaders with negative sentiments still agree GenAI will boost efficiency and impact the bottom-line.

Leadership’s GenAI vision outpaces team skills

NTT DATA’s research further reveals a critical gap between leadership’s vision and the capabilities of their teams. While 97% of CISOs identify as decision makers on GenAI, 69% acknowledge that their teams lack the necessary skills to work with the technology.

In addition, only 38% of CISOs say their GenAI and cybersecurity strategies are aligned compared to 51% of CEOs.

Adding to the complexity, 72% of organizations surveyed still lack a formal GenAI usage policy and just 24% of CISOs strongly agree that their organization has a robust framework for balancing risk with value creation.

Legacy tech limiting GenAI adoption

Beyond internal misalignment, 88% of security leaders said legacy infrastructure is greatly affecting business agility and GenAI readiness, with modernizing IoT, 5G and edge computing identified as essential for future progress.

To navigate these obstacles, 64% of CISOs are prioritizing co-innovation with strategic IT partners rather than relying on standalone AI solutions. Notably, security leaders #1 top criteria when assessing GenAI technology partners is end-to-end GenAI service offerings.

“As organizations accelerate GenAI adoption, cybersecurity must be embedded from the outset to reinforce resilience. While CEOs champion innovation, ensuring seamless collaboration between cybersecurity and business strategy is critical to mitigating emerging risks,” said Sheetal Mehta, SVP and Global Head of Cybersecurity at NTT DATA. “A secure and scalable approach to GenAI requires proactive alignment, modern infrastructure and trusted co-innovation to protect enterprises from emerging threats while unlocking AI’s full potential.”