The AI Security Adoption Gap

by | Feb 19, 2026 | Uncategorized | 0 comments



Structural Vulnerabilities, Strategic Outlook, and Economic Impact Among Singapore Enterprises
February 2026 • Based on CSA Singapore, IMDA, Proofpoint, Hitachi Vantara, IDC, and Pentera Research

Executive Summary
Singapore occupies a structurally distinctive position in the global AI adoption landscape. As a high-income, digitally advanced city-state with an explicit national strategy to become an AI-ready economy, its enterprises are deploying artificial intelligence at rates that outpace much of the Asia-Pacific region. Yet this velocity of adoption has produced a pronounced and measurable security gap: the security infrastructure, governance frameworks, and human expertise required to protect AI-driven systems lag materially behind the pace at which these systems are being integrated into enterprise operations.
This case study examines the nature and dimensions of that gap within the Singapore enterprise context, drawing on data from multiple independent research sources published in 2025 and early 2026. It analyses the structural drivers of the gap, characterises its sectoral and organisational manifestations, assesses the near-term outlook given Singapore’s Budget 2026 policy commitments, and evaluates the multidimensional impacts — operational, financial, regulatory, and strategic — that the gap produces.

96%
AI Adoption Rate
Singapore enterprises using AI 52%
Security Visibility Gap
Data complexity impedes breach detection 40%
GenAI Data Loss Concern
Top concern among Singapore security teams 93%
Supply Chain Impact
Experienced cyber incident via third parties

  1. Context: Singapore’s AI Adoption Trajectory
    1.1 National Strategic Posture
    Singapore’s AI strategy is not incidental but explicitly engineered. The National AI Strategy 2.0 (NAIS 2.0), launched in 2023, set out a framework for embedding AI across the economy while retaining regulatory agility. Singapore Budget 2026 further reinforced this posture with the announcement of National AI Missions across key economic sectors, the establishment of a Prime Minister-chaired National AI Council, an SGD 37 billion commitment to research, innovation, and enterprise development, and the “Champions of AI” programme to support comprehensive enterprise transformation.
    This institutional scaffolding has contributed to an enterprise adoption rate that is, by any measure, exceptionally high. Survey data from Hitachi Vantara’s State of Data Infrastructure 2025 report found that 96% of Singapore respondents report some level of AI use — a figure that positions the city-state among the most advanced adopters globally.

Regulatory Note
Unlike the European Union, Singapore does not have prescriptive AI-specific legislation. The government’s stated preference is regulatory agility — updating frameworks as technology evolves rather than enacting static legislation. Governance is currently delivered primarily through voluntary instruments: the Model AI Governance Framework (IMDA/PDPC), the GenAI Model Framework, and CSA’s Guidelines on Securing AI Systems, supplemented by technology-agnostic existing laws.

1.2 The Adoption-Security Asymmetry
The critical structural issue is not adoption per se, but the rate differential between AI deployment and AI security readiness. Across global enterprise surveys — including Pentera’s AI Security & Exposure Benchmark 2026 (n=300 CISOs, North America) and Proofpoint’s Data Security Landscape 2025 (n=1,000, including Singapore) — a consistent pattern emerges: enterprises are deploying AI faster than they can establish governance, visibility, or dedicated security controls around it.
In the Singapore context, this asymmetry is particularly acute because of two reinforcing dynamics. First, the government’s growth-oriented AI agenda creates institutional pressure to adopt at speed. Second, Singapore’s role as a regional financial and technology hub means that many enterprises are deploying AI in high-stakes operational contexts — financial services, healthcare, logistics — where security failures carry systemic consequences.

  1. Dimensions of the Security Gap
    2.1 Visibility Deficits
    The most foundational dimension of the AI security gap is the absence of adequate visibility into how AI is being deployed and used within the enterprise. Globally, 67% of CISOs surveyed by Pentera report limited visibility into how AI is being used across their environments. Singapore-specific data from Hitachi Vantara confirms a parallel problem: 52% of Singapore respondents state that the complexity of their data makes it more difficult to detect a security breach.
    This visibility deficit is not primarily a tooling problem — it is an architectural and governance problem. As AI is integrated into existing IT systems, it creates new data flows, new inter-system dependencies, and new categories of sensitive information processing that existing monitoring infrastructure was not designed to capture. The result is that security teams may have robust visibility into conventional attack surfaces while remaining substantially blind to AI-related risk vectors.
    2.2 Reliance on Legacy Security Controls
    A second structural dimension of the gap is the widespread reliance on security controls designed for pre-AI architectures. Pentera’s global survey found that 75% of CISOs report their enterprises rely on extending controls originally designed for other attack surfaces to cover AI-driven workflows. Only 11% of enterprise CISOs report having security tools specifically designed to protect AI systems.
    The implications for Singapore are significant. Many Singapore enterprises are operating in regulated sectors (financial services, healthcare, government services) with legacy security stacks that predate the current generation of AI deployment. Applying perimeter-based, signature-based, or network-centric security controls to AI systems — which are data-intensive, model-based, and often cloud-native — produces systematic coverage gaps that are difficult to detect precisely because legacy tools do not generate alerts for threat vectors they were not designed to recognise.
    2.3 The Agentic AI Inflection Point
    A third and rapidly emerging dimension concerns agentic AI — systems capable of autonomous multi-step action, environmental interaction, and goal-directed behaviour without continuous human oversight. The Cyber Security Agency of Singapore (CSA) published an Addendum to its AI security guidelines specifically addressing agentic AI risks in October 2025, and IMDA released the world’s first governance framework for agentic AI in January 2026 — reflecting both the urgency and the novelty of the challenge.
    Agentic AI systems introduce qualitatively different security risks relative to conventional AI or generative AI tools. They can execute actions across enterprise systems autonomously, interact with third-party services, and process sensitive data without direct human review. The CSA addendum specifically warned of risks arising from unauthorised or erroneous actions taken by AI agents, automation bias among human operators, and the expanded lateral movement potential for threat actors who compromise an agentic system.

Case in Point: The Agentic Workspace
Proofpoint’s 2025 Data Security Landscape report found that agentic AI is emerging as a new class of insider risk rivalling human error. Two in five (40%) organisations in Singapore cite data loss via public or enterprise GenAI tools as a top concern, while 39% worry about sensitive data being inadvertently processed by AI agents. These findings predate widespread deployment of autonomous agents — the risk profile is expected to intensify significantly as agentic systems move from pilot to production.

2.4 Data Infrastructure Inadequacy
The security gap is further compounded by underlying data infrastructure weaknesses that AI workloads both expose and exacerbate. Proofpoint platform data shows that 27% of cloud storage in Singapore enterprises is effectively abandoned — unused data that inflates costs and widens the attack surface. Additionally, 42% of Singapore organisations cite cloud and SaaS data sprawl as a top security challenge, and 35% identify redundant or obsolete data as posing significant risk.
More than one-fifth of Singapore organisations (21%) saw their data grow by 30% or more over the past year. This data proliferation, driven in part by AI workloads that generate and consume large volumes of data, is outpacing governance and security controls. The result is an expanding, poorly mapped attack surface that security teams lack the tools and capacity to monitor comprehensively.
2.5 Human Capital Constraints
Underlying all of the above dimensions is a structural human capital deficit. The Pentera survey identifies lack of internal expertise (50%) and insufficient AI-specific security tools (36%) as the leading barriers to AI security — ranking above budget constraints. Singapore’s tight labour market and the novelty of AI security as a discipline compound this challenge.
IDC survey data from early 2025 identifies the top five in-demand cybersecurity roles in Singapore as security data scientists, threat intelligence analysts, AI security engineers, AI security researchers, and AI-specific incident response professionals. These are specialist roles that require the intersection of AI/ML expertise and deep security domain knowledge — a combination that the current talent pool does not supply in sufficient volume.

Gap Dimension Evidence / Metric
Visibility Deficit 52% report data complexity impedes breach detection (Hitachi Vantara, 2025)
Legacy Controls Reliance 75% of enterprises rely on non-AI-specific security controls (Pentera, 2026)
Dedicated AI Security Tools Only 11% have security tools specifically designed for AI systems
GenAI Data Loss Concern 40% of Singapore organisations cite GenAI data loss as a top concern (Proofpoint, 2025)
Agentic AI Risk CSA and IMDA issued new frameworks in Oct 2025 and Jan 2026 respectively
Supply Chain Cyber Impact 93% of Singapore organisations affected by supply chain cyber incidents in 2025 (BlueVoyant)
Human Capital Gap Top 5 security roles in demand are all AI-specific specialisations (IDC, 2025)

  1. Strategic Outlook
    3.1 Government Policy Momentum: Budget 2026
    Singapore Budget 2026 represents the most significant public policy intervention in AI adoption and governance to date. Key provisions relevant to the AI security gap include the National AI Council providing national coordination on AI strategy; National AI Missions targeting specific high-value sectors; the Champions of AI programme providing structured enterprise support for adoption; expanded R&D commitment of SGD 37 billion over five years; and enhanced tax incentives for AI adoption and workforce transformation.
    Cybersecurity industry commentators have broadly welcomed the Budget’s AI provisions but have flagged execution risk as the primary concern. The consensus among technology executives is that the policy scaffolding is sound, but that closing the adoption-security gap requires sustained public-private collaboration on workforce development, governance operationalisation, and security tooling investment — none of which can be delivered solely through fiscal incentives.
    3.2 Regulatory Trajectory
    Singapore’s regulatory approach to AI security is evolving rapidly, though it remains predominantly voluntary in character. The CSA’s Guidelines on Securing AI Systems, the IMDA’s Model AI Governance Framework, and the new Agentic AI Governance Framework collectively constitute a comprehensive voluntary guidance architecture. The government has explicitly stated its intention to retain regulatory agility rather than enacting prescriptive AI legislation in the near term.
    This approach contrasts with the EU AI Act’s risk-tiered mandatory compliance model. In the Singapore context, the voluntary nature of current frameworks is both a strength — enabling rapid iterative updates, as demonstrated by the October 2025 and January 2026 framework releases — and a limitation, in that compliance is not structurally enforced and sector-specific regulators (MAS, MOH, etc.) apply varying degrees of supervisory pressure on AI security practices.
    3.3 Market and Technology Dynamics
    Several market and technology trends will shape the near-term outlook for Singapore’s AI security gap. IDC data from 2025 found that more than four in five Singapore organisations are already using AI in their cybersecurity environment, with adoption advancing from AI-powered detection toward automated response, predictive threat modelling, and behavioural analytics. This suggests a positive trajectory — AI is being used defensively as well as deployed operationally.
    However, the same data indicates that trust in autonomous action remains limited. Auto-remediation and guided remediation use cases are not widely deployed, and cybersecurity budget increases are modest: 68% of organisations report increases of less than 5%, and only 18% report increases in the 5-10% range. This suggests that while directional intent is positive, investment velocity is insufficient to close the gap at pace with the threat environment.

Outlook Assessment
Near-term (2026–2027): The gap is likely to widen before it narrows, as agentic AI deployment accelerates faster than security infrastructure can adapt. The CSA and IMDA frameworks provide a governance architecture, but operationalisation at the enterprise level — particularly for SMEs — will lag. Medium-term (2027–2029): If Singapore’s public-private investment in AI security talent and tooling is sustained at Budget 2026 commitments, a measurable narrowing of the gap is plausible, particularly in regulated sectors. Long-term structural risk: Enterprises that fail to close the gap early will accumulate technical and governance debt that becomes increasingly costly to remediate as AI systems become more deeply embedded in critical operations.

  1. Impact Analysis
    4.1 Operational Impact
    The most immediate operational impact of the AI security gap is the expansion of exploitable attack surface without corresponding protective coverage. As AI systems handle sensitive data, interface with core enterprise systems, and increasingly operate autonomously, a security failure can propagate through an organisation in ways that conventional incident response is poorly equipped to contain.
    BlueVoyant’s research underscores the severity of this risk in the Singapore context: 93% of Singapore organisations experienced negative impacts from a supply chain-related cyber incident in the year to 2025, up sharply from 70% in 2024. As AI systems are integrated into supply chain operations and create new inter-organisational data flows, this vector is expected to intensify. The same research notes that 60% of Singapore organisations have established or optimised third-party risk management programmes — a relatively mature posture — yet maturity in programme design has not translated into protection from incidents.
    4.2 Financial Impact
    The financial dimensions of the AI security gap operate on both the cost and revenue sides of the enterprise. On the cost side, security incidents driven by AI-related vulnerabilities are more costly to remediate than conventional incidents due to the data volumes involved, the complexity of root-cause identification in AI systems, and the potential for model poisoning or data exfiltration that may not be immediately detectable.
    On the revenue and value side, the gap threatens to erode the AI investment returns that Singapore enterprises are beginning to realise. SAP research cited by The Edge Singapore found that local organisations have invested an average of SGD 18.9 million in AI over the past year, generating an average ROI of 16%, with expectations of reaching 29% within two years. However, Hitachi Vantara’s data shows that only 23% of Singapore respondents rate their organisation as industry-leading in achieving ROI from AI — suggesting that the majority are already experiencing a gap between AI investment and AI value realisation, to which security-driven disruptions may contribute.
    4.3 Regulatory and Reputational Impact
    While Singapore does not yet have prescriptive AI-specific legislation, enterprises operating in regulated sectors are subject to increasing supervisory scrutiny of their AI governance and security practices. The Monetary Authority of Singapore (MAS) and other sector regulators have issued guidance on responsible AI adoption that, while not mandating specific security architectures, creates an expectation of demonstrable governance maturity.
    As AI-related incidents become more prevalent globally, and as Singapore’s National AI Council develops national standards, it is reasonable to anticipate a tightening of expectations around AI security practices. Enterprises that have not made credible investments in closing the security gap will face increasing reputational risk — both in terms of customer trust and in the context of Singapore’s ambition to position itself as a trusted AI hub in the region.
    4.4 Strategic and Competitive Impact
    At the strategic level, the AI security gap creates differentiation risk: enterprises that successfully close the gap will be able to scale AI-driven operations with confidence, while those that do not will face growing constraints on their ability to deploy AI in high-stakes contexts. As Oliver Jay of OpenAI has noted in the context of Singapore’s Budget 2026, the opportunity lies in closing what he terms the ‘capability overhang’ — the gap between what AI can do and how it is typically used. The security gap is a significant constraint on realising that potential.
    For Singapore as a whole, the strategic stakes are higher than for any individual enterprise. The city-state’s aspiration to be among the world’s first AI-ready nations depends not merely on adoption velocity but on the ability to demonstrate that AI can be deployed at scale in a manner that is secure, governed, and trusted. The current security gap — if not systematically addressed — poses a reputational risk to Singapore’s positioning as a trusted AI hub in the regional and global economy.
  2. Conclusions and Recommendations
    5.1 Conclusions
    The evidence base reviewed in this case study supports the following conclusions:
    Singapore enterprises have achieved near-universal AI adoption, but the security infrastructure and governance practices required to protect AI-driven systems lag materially behind deployment pace.
    The security gap is multidimensional: it encompasses visibility deficits, legacy control reliance, emerging agentic AI risks, data infrastructure inadequacy, and structural human capital constraints.
    Singapore’s policy environment is responsive and sophisticated — the CSA, IMDA, and government budgetary commitments provide a strong governance architecture — but operationalisation at the enterprise level, particularly for SMEs, remains uneven.
    The gap is likely to widen in the near term as agentic AI deployment accelerates, before narrowing if sustained investment in security talent, tooling, and governance is realised.
    The impacts of the gap are already materialising: supply chain cyber incidents have increased sharply, AI investment ROI is below potential, and the talent market for AI security specialists remains severely constrained.

5.2 Recommendations
For Enterprise Security Leaders
Establish dedicated AI asset inventory practices to address visibility deficits, treating AI systems as a distinct category of enterprise asset requiring specialised monitoring.
Invest in AI-specific security tooling rather than extending legacy controls; prioritise vendors with native AI/ML security capabilities aligned to CSA’s Guidelines on Securing AI Systems.
Develop agentic AI security frameworks in advance of broad deployment, incorporating the IMDA Agentic AI Governance Framework and CSA Addendum as foundational references.
For Policymakers and Regulators
Consider sector-specific binding requirements for AI security practices in high-risk industries (financial services, healthcare, critical infrastructure), moving beyond voluntary frameworks for the highest-risk deployment contexts.
Expand the Champions of AI programme to include a dedicated AI security capability track, ensuring that adoption support is paired with security capacity building.
Accelerate public-private collaboration on AI security talent pipelines, targeting the specific roles — AI security engineers, security data scientists, AI incident response professionals — identified as critically short-supply.
For Academic and Research Communities
Prioritise empirical research on the AI security gap in Singapore’s SME sector, where data is currently sparse and the gap is likely to be more acute than in large enterprises.
Develop evaluation frameworks for assessing the operationalisation of voluntary AI governance frameworks at the enterprise level, enabling longitudinal tracking of gap-closure progress.

Sources and Data Provenance
This case study synthesises findings from the following sources, all published in 2025 or 2026 unless otherwise noted:

Source Methodology / Notes
Hitachi Vantara State of Data Infrastructure 2025 n=1,200 C-level and IT leaders, 15 markets; Singapore n=51
Proofpoint Data Security Landscape 2025 n=1,000 security professionals, 10 countries, incl. Singapore
Pentera AI Security & Exposure Benchmark 2026 n=300 CISOs, North America (global comparator data)
IDC APAC Cybersecurity Survey 2025 n=550 IT/security leaders, 11 APAC markets, incl. Singapore
BlueVoyant Third-Party Risk Research 2025 Singapore-specific TPRM findings
CSA Guidelines on Securing AI Systems (Agentic AI Addendum) October 2025; CSA Singapore
IMDA Model AI Governance Framework for Agentic AI Released January 2026, World Economic Forum, Davos
Singapore Budget 2026 Commentary ITBrief Asia, CRN Asia, The Edge Singapore; February 2026
ICLG Cybersecurity Laws and Regulations: Singapore November 2025; covers NAIS 2.0, Model AI Governance Framework