Original Post: Secure AI tool adoption: Perceptions and realities
In Snyk’s latest report, a survey of 459 security and software development technologists, ranging from CTOs to application developers, evaluated organizational preparedness for generative AI coding tools. While management felt confident and believed in the safety of AI tools, many organizations skipped basic security measures like proof of concept (POC) exercises, with less than 20% conducting them. This lack of comprehensive security adoption was a surprising oversight given the transformative nature of AI-generated code.
Notably, a disparity exists between C-suite confidence and the skepticism among developers and AppSec teams. While 40.3% of C-suite members felt “extremely ready,” only 26% of AppSec and 22.4% of developers shared this sentiment. AppSec teams, in particular, were more concerned about the security of AI-generated code, with significant percentages rating it poorly and criticizing their organization’s AI security policies as inadequate.
Security fears emerged as the largest obstacle to AI adoption, cited by roughly 58% of respondents, suggesting a paradox where AI is seen as both inevitable and risky. The report underscores the necessity for robust AI adoption strategies, including formal POC processes, comprehensive training, continual feedback from AppSec teams, analysis of flawed AI code, and regular surveys to align perceptions of AI readiness and security.
For further insights and detailed findings, Snyk’s interactive webpage and full report are available for download.
Go here to read the Original Post