As AI raises the stakes, app modernization and security are becoming inseparable

Security leaders are under pressure to support AI programs that move from pilots into production. New Cloudflare research suggests that success depends less on experimentation and more on disciplined application modernization tied closely to security strategy. The survey examines how application architecture, decision structures, and security alignment affect AI readiness at scale.

Modernized application stacks enable broader AI integration

The findings show that enterprises further along in application modernization report stronger progress with AI. These groups describe modernization as a prerequisite for scaling AI workloads across production systems. AI initiatives rely on applications that can integrate new services quickly, handle real time data flows, and operate consistently across distributed environments.

Modernized application stacks offer the flexibility to embed AI capabilities into existing products and workflows. Practitioners report AI embedded within core applications, internal operations, and customer facing services. AI functions as part of ongoing application evolution, affecting how systems are updated and extended over time.

Firms that lag in modernization describe a different experience. AI projects tend to stall while teams work through foundational issues such as legacy architectures, fragmented infrastructure, and inconsistent controls. These conditions slow deployment and raise operational risk, especially when AI systems interact with sensitive data or external services.

“If you aren’t modernizing your business to embrace AI and prevent the next wave of cyberattacks, you aren’t just standing still, you’re rapidly falling behind. The winners of this era of the internet will ultimately be defined by their infrastructure,” said Matthew Prince, CEO of Cloudflare.

Security alignment accelerates modernization outcomes

One recurring pattern in the research is the relationship between security alignment and modernization success. Organizations that coordinate security and application efforts report smoother modernization timelines and improved AI outcomes. Security functions in these environments are involved earlier in design decisions and infrastructure planning.

This alignment reduces the need for late stage fixes and reactive controls. Security policies are built into application workflows, deployment pipelines, and access models. As a result, companies spend less time remediating issues after deployment and more time supporting new capabilities.

Enterprises with close coordination between security and application functions express greater trust in their infrastructure and staff when pursuing AI initiatives. That confidence supports broader AI adoption across the business, including new applications designed specifically for AI use.

Security leadership

Groups that report progress with modernization tend to centralize decisions among a small set of leaders. This structure enables faster approvals, defined accountability, and more consistent priorities.

Defined ownership allows security requirements to be addressed alongside architectural changes rather than introduced later. It also helps align budgets, timelines, and risk tolerance across departments.

Environments with fragmented decision processes describe slower progress and higher internal strain. Security executives in these settings often spend time negotiating priorities, responding to urgent issues, and managing exceptions. This dynamic limits their ability to support long term initiatives such as AI driven application development.

Security operations scale more predictably

The study also examines how application security events are managed. While incidents remain common across the industry, organizations further along in modernization report better control over response efforts. Time spent on remediation grows more slowly, even as application environments expand.

This outcome reflects better visibility across application stacks and more consistent enforcement of controls. Teams can identify issues earlier, respond with standardized processes, and avoid repeated manual intervention. These capabilities become more important as AI workloads increase system complexity.

Organizations operating on less mature foundations report higher operational strain. More time goes into patching vulnerabilities, restoring systems, and addressing compliance gaps. These activities consume resources that could otherwise support modernization and AI initiatives.

AI readiness shifts security leadership priorities

The research suggests that AI readiness is becoming a core security leadership concern. AI workloads increase demand for reliable identity controls, API security, data protection, and observability. Weaknesses in these areas slow AI adoption and increase exposure to risk.

CISOs in environments with modernized foundations operate with greater influence over application strategy. Security considerations shape architectural choices, deployment models, and vendor selection. This position allows leaders to support innovation while maintaining operational discipline.

Teams that trust their ability to manage AI related risks move faster. An understanding of AI architectures and data flows helps guide development without creating bottlenecks.

Webinar: Redefining Attack Simulation through AI