NTT DATA Report Reveals C-Suite Divide on GenAI Adoption Readiness

NTT DATA has released a new report titled “The AI Security Balancing Act: From Risk to Innovation”. The research highlights a growing rift among C-Suite executives on the readiness and risk posture of GenAI adoption, underscoring the urgent need for stronger alignment between business ambition and cybersecurity execution.

Based on a survey of more than 2,300 senior GenAI decision-makers across 34 countries—of which 1,500 were C-Suite leaders—the report reveals that while CEOs and business leaders are bullish on GenAI’s promise, CISOs are far more cautious, citing governance, infrastructure, and skill readiness as critical obstacles.

A Strategic Divide Between CEOs and CISOs

The findings reveal that 99% of C-Suite executives plan to increase GenAI investments in the next two years, with 67% of CEOs preparing for significant commitments. At the same time, 95% of CIOs and CTOs believe GenAI will spur greater investment in cybersecurity.

Despite this confidence, 45% of CISOs express negative sentiments toward GenAI adoption. A major friction point lies in governance—54% of CISOs believe their organization’s policies on GenAI responsibility are unclear, while only 20% of CEOs see this as an issue, revealing a critical misalignment at the top.

Even so, security leaders acknowledge GenAI’s potential: 81% of CISOs who express concerns still agree that GenAI can boost efficiency and business outcomes.

Security Leaders Caught Between Vision and Reality

The report highlights a capability gap between strategic vision and operational readiness. While 97% of CISOs identify as decision-makers on GenAI strategy, 69% admit their teams lack the skills to work with the technology effectively. Moreover, only 38% of CISOs say their GenAI and cybersecurity strategies are aligned, compared to 51% of CEOs.

With 72% of organizations lacking a formal GenAI usage policy, and just 24% of CISOs confident in their risk-balancing frameworks, most enterprises are still navigating adoption without a clear roadmap.

Legacy Infrastructure Slows GenAI Deployment

Beyond policy and talent, outdated infrastructure is proving to be a major blocker. 88% of security leaders say legacy systems are hampering business agility and GenAI readiness. Key upgrades in IoT, 5G, and edge computing are now seen as critical to GenAI scalability.

In response, 64% of CISOs are prioritising co-innovation with strategic partners, rather than building standalone AI solutions. Security leaders cite end-to-end GenAI services as their top criterion when selecting technology vendors.

Securing GenAI Starts with Governance and Alignment

“As organizations accelerate GenAI adoption, cybersecurity must be embedded from the outset to reinforce resilience,” said Sheetal Mehta, SVP and Global Head of Cybersecurity at NTT DATA. “While CEOs champion innovation, ensuring seamless collaboration between cybersecurity and business strategy is critical to mitigating emerging risks. A secure and scalable approach to GenAI requires proactive alignment, modern infrastructure, and trusted co-innovation.”

Craig Robinson, Research Vice President of Security Services at IDC, added: “Collaboration is highly valued by line-of-business leaders in their relationships with CISOs. However, disconnects remain, with gaps between the organization’s desired risk posture and its current cybersecurity capabilities. While GenAI clearly provides benefits, security leaders must communicate the need for governance and guardrails more effectively.”

Governance Is the New GenAI Imperative

The report concludes that GenAI’s promise can only be realized with cross-functional alignment and modern infrastructure. As businesses race to deploy AI at scale, bridging the gap between optimism and readiness will be essential for driving long-term value while managing growing risks.