Proofpoint Research: India Leads Global AI Adoption, but 63% of Organisations Have Already Faced AI-Related Security Incidents

April 28, 2026

Inaugural global study finds more than three in five organisations in India have AI security coverage in place, yet about one-fourth (26%) are not fully confident those controls would detect compromised AI

BENGALURU, India, April 29, 2026 – Proofpoint, Inc., a leading cybersecurity and compliance company, today released its 2026 AI and Human Risk Landscape report 2026 AI and Human Risk Landscape report, which explores the widening gap between how quickly organisations are operationalising AI and how prepared they are to secure and investigate the risks that follow. The global study, which surveyed more than 1,400 security professionals across 12 countries, examines how rapid AI adoption is transforming enterprise collaboration and exposing structural weaknesses in security controls and incident response.

AI is increasingly permeating organisations and is now operational across most functions, with deployments spanning customer support, internal messaging, email workflows, and third-party collaboration. India leads the world in AI adoption, where 94% of organisations have deployed AI assistants beyond the pilot stage, and 88% are actively piloting or rolling out autonomous agents. Yet while organisations are investing in AI tools and controls, many cannot confirm those controls are effective—about one-fourth (26%) are not fully confident their AI security controls would detect a compromised AI, and more than three in five (63%) with controls in place have already experienced a confirmed or suspected AI-related incident.

Further, most organisations globally report they are not fully prepared to investigate AI-related incidents that span multiple systems and channels. Confidence in India is stronger, where about 57% say they are fully prepared to investigate one.

“India is leading globally in enterprise AI adoption, but this year’s findings point to a growing gap between rapid AI adoption and security readiness,” said Bikramdeep Singh, India Country Manager, Proofpoint. “While many organisations in India have AI security measures in place, 26% are still not fully confident those controls would detect compromised AI. As AI becomes more deeply embedded in day-to-day workflows—powering assistants and autonomous actions across customers, partners and critical business processes—organisations must ensure they can validate their protections and effectively investigate threats that span multiple collaboration channels. The organisations that will scale AI successfully will be those that build unified visibility and stronger control across the environments where people and AI interact.”

Key India findings from Proofpoint’s 2026 AI and Human Risk Landscape report include:

AI Deployment Has Outpaced Security Readiness. AI adoption has moved into production faster than governance frameworks have matured. India leads the world in AI adoption, with 94% of organisations deploying assistants beyond pilot stage and 88% advancing autonomous agents. Yet over one-third (35%) describe security as catching up, inconsistent or reactive. More than three in five (63%) Indian organisations report experiencing a suspicious or confirmed AI-related incident, indicating that exposure is already present in live environments.
Collaboration Channels Are the Primary AI Attack Surface. AI is expanding the attack surface, enabling threats to spread at machine speed and impact connected workflows. While email remains the most common threat vector at 70% in India, exposure now extends across SaaS and cloud applications (59%), SMS or text (55%), and collaboration tools, e.g. Teams or Slack (54%). Among organisations that experienced an AI-related incident, exposure increases across every channel, 73% in email, and 65% on third-party SaaS and cloud applications.
Confidence Exceeds Control Effectiveness. While many organisations in India have security controls in place, they also lack assurance. More than three in five (63%) organisations in India report having AI security coverage in place, yet about one-fourth (26%) are not fully confident those controls would detect compromised AI. Further, more than two-thirds (69%) of organisations with controls still reported an AI-related incident. In India, gaps persist in visibility into AI or agent activity (57%), training (50%), and governance alignment across teams (41%).
Investigation Readiness Lags Behind Incident Reality. When AI-related incidents occur, many organisations in India struggle to investigate them effectively. Only 57% of respondents say they are fully prepared to investigate an AI- or agent-related incident, and close to half (47%) report difficulty correlating threats across channels. As AI-related activity spans email, collaboration platforms and cloud systems, the ability to reconstruct events depends on visibility across connected environments, which many organisations do not yet have.
Tool Sprawl is a Structural Barrier. Fragmentation across security stacks is compounding the challenge, limiting visibility and slowing response when incidents move across systems at machine speed. Almost all (96%) organisations in India say managing multiple security tools is at least moderately challenging, and 71% describe it as very or extremely difficult. Respondents cite integration challenges (48%), operational cost pressures (47%), and difficulty correlating threats (47%).
Security Architecture Becomes a Strategic Priority as AI Scales. Close to three in five (57%) organisations in India are actively pursuing vendor and tool consolidation, and 62% believe a unified platform is more effective than point solutions. Over the next 12 months, more than two-thirds (67%) plan to expand AI protections, 71% intend to extend collaboration channel coverage, and 58% expect to move toward a unified platform approach.

"While AI has introduced new risks, such as prompt engineering, its bigger impact has been amplifying the risks we've always had," said Ryan Kalember, Chief Strategy Officer at Proofpoint. "Running untrusted code, mishandling sensitive data, and losing control of credentials are the same challenges that humans have created for decades. AI executes them at machine speed and scale. When organisations hand AI the keys to act on their behalf—across customers, partners, and internal systems—the blast radius of any one of those failures grows dramatically. The answer isn't to treat AI as a novel threat category, but to apply rigorous, proven controls to what AI touches, what it runs, and what it's allowed to authenticate as. Organisations that get that foundation right early will scale AI confidently. Those that don't are just automating their own exposure."

To download the 2026 AI and Human Risk Landscape report, please visit: https://www.proofpoint.com/us/resources/threat-reports/ai-human-risk-landscape-report

Methodology

The 2026 AI and Human Risk Landscape report provides a global view into how organisations are adopting AI and managing the security risks that follow. The research examines AI deployment maturity, control effectiveness, incident experience, collaboration channel exposure, and investigation readiness as AI assistants and autonomous agents become embedded in enterprise workflows. In January 2026, more than 1,400 full-time security professionals across organisations of varying sizes and industries were surveyed. Respondents represented 20 industries and spanned 12 countries, including the U.S., the U.K., France, Germany, Italy, Spain, the UAE, Australia, Japan, Singapore, India, and Brazil.

About Proofpoint, Inc.

Proofpoint, Inc. is a global leader in human- and agent-centric cybersecurity, securing how people, data and AI agents connect across email, cloud and collaboration tools. Proofpoint is a trusted partner to over 80 of the Fortune 100, over 10,000 large enterprises, and millions of smaller organisations in stopping threats, preventing data loss, and building resilience across people and AI workflows. Proofpoint’s collaboration and data security platform helps organisations of all sizes protect and empower their people while embracing AI securely and confidently. Learn more at www.proofpoint.com.

Connect with Proofpoint on LinkedIn.

Proofpoint is a registered trademark or tradename of Proofpoint, Inc. in the U.S. and/or other countries. All other trademarks contained herein are the property of their respective owners.

Cybersecurity for the agentic workspace starts with Proofpoint’s human and agent-centric security platform.

Join a live Protect event—learn how to protect people, data, and AI

Stop cyber threats with AI-driven multichannel protection.

Experience Core Email Protection in action—block 99.99% of email threats

Transform data security with a unified, omnichannel approach.

Understand the top data security risks organisations face — and how to stay ahead

Proofpoint technologies powering human and agent-centric security.

Explore Proofpoint packages

Optimise Proofpoint solutions with expert services.

"The partnership with Proofpoint, it's an extention of our team." –Celesta Capital

Comprehensive solutions for today’s cybersecurity threats.

Learn about new AI risks—and how to build a secure foundation for enterprise adoption

Superior protection for every industry, from small business to large enterprise.

Discover the security risks healthcare organisations can't afford to ignore

More than 80 of the Fortune 100 choose Proofpoint to protect their people, data, and AI.

Evaluating security vendors? Compare us by checking out side-by-side comparisons.

Research, insights and resources from Proofpoint experts.

New Agents, New Attacks: Securing Collaboration in the Agentic Era

Learn from our expert threat intelligence and insights that you won’t find anywhere else.

Proofpoint DISCARDED Tales from the threat research trenches

Learn more about the team driving human and agent-centric security.

Ready to join a company redefining cybersecurity?