Vorlon survey finds SaaS AI security gaps among CISOs

Vorlon has published a survey of 500 U.S. chief information security officers on SaaS and AI ecosystem security incidents. It found that 99.4% of respondents reported at least one such incident in 2025.

The findings suggest a gap between how secure organisations believe they are and the incidents they say they experienced. In the survey, 89.2% of CISOs said they had strong or comprehensive OAuth token governance, 77% reported comprehensive behavioural monitoring, and organisations used an average of 13 dedicated security tools across SaaS and AI environments.

Only three of the 500 respondents reported no SaaS or AI ecosystem security incidents during the year. The report argues that the problem lies less in awareness of risk than in the structure of the security systems used to monitor modern software estates.

One part of the survey focused on AI agents, which many companies began deploying more seriously during 2025. Around one in three enterprises said they experienced a security incident involving AI agents, while 30.4% reported suspicious activity involving them and 30.8% reported unauthorised data exfiltration through SaaS-to-AI integrations.

Risk perception was high. The survey found that 75.4% of respondents viewed AI agents as a critical or significant data security risk, and 31.4% described them as a major new attack surface. Yet 83.4% said their current tools struggled to distinguish between human and non-human behaviour.

Confidence also varied by AI tool. CISOs reported 80% to 85% confidence in understanding what data named tools such as ChatGPT, Claude, Copilot and Gemini could access. That fell to 65.4% for other AI tools, while 25% said they had no confidence at all.

Governance Gap

Several results highlighted inconsistencies between claimed controls and reported outcomes. While 89.2% said they had strong or comprehensive OAuth governance, 27.4% said they were still breached through compromised OAuth tokens or API keys in 2025. And while 78.6% claimed comprehensive real-time data flow mapping, 86.8% said visibility into what data AI tools exchange with SaaS applications remained a limitation of their current tools.

The same pattern appeared in monitoring. Although 77% said they had comprehensive behavioural monitoring, 30.8% still reported SaaS-to-AI data exfiltration incidents. Between 83% and 87% of CISOs reported limitations across every capability measured.

The report also examined SaaS Security Posture Management tools. Of the 39% of CISOs using one, 42.8% said it either detected issues only within individual applications or functioned mainly as a configuration and compliance audit tool rather than a real-time, cross-platform threat detection system.

Amir Khayat, Vorlon's co-founder and chief executive, said many organisations are using security architectures that were not designed for the way threats now move across software ecosystems. "Every CISO we surveyed understands the risk. Most are increasing their budgets to address it," Khayat said. "But the security architecture most organizations have was built for the front door: application configurations, user logins, permission settings. The threat has moved to the engine room, the runtime layer where AI agents move sensitive data between systems, where OAuth tokens grant persistent cross-platform access, where a single compromised integration cascades silently across an entire SaaS supply chain. Most organizations are running this ecosystem without the ability to see what's happening, investigate when something goes wrong, or contain it before the damage spreads. Vorlon exists to change that."

Supply Chain

The survey found near-universal concern about supply chain incidents involving SaaS and AI vendors. Some 99% of CISOs said they were concerned about a similar incident in 2026, and 46.6% called it a top-priority risk. Only 0.8%, or four respondents, said they felt adequately protected.

Past experience appears to explain some of that anxiety. Thirty per cent said they experienced a supply chain attack involving a SaaS vendor or integration partner in 2025. Only 51.2% said they had an automated incident response playbook for an active SaaS exfiltration event.

The survey also suggested that many organisations have not settled who should lead the response when a software supplier announces a breach. Responsibility for impact assessment was spread across nine organisational functions, and no single team was named by more than 21.8% of respondents.

That operational gap was echoed by a security executive at Dutchie. "Security practitioners know how to manage the hygiene of user accounts and user access. The challenge is that once you move inside the SaaS and AI ecosystem, you're dealing with a different problem space, app-to-app connections, OAuth tokens, API keys, and AI agents operating autonomously. That layer wasn't built to be monitored by the tools most security teams already have. Our SASE stack guards the gates. Vorlon watches what happens inside the city," Richard said.

Budgets Rise

Despite broad concern, fewer than half of respondents said they had comprehensive coverage across three security operations workflow areas in SaaS and AI environments. The survey put exposure management at 41.8%, threat hunting and investigation at 44%, and incident response at 38.2%.

Most respondents said spending would rise. More than 93% planned to add or expand coverage across all three operational areas, with nearly half intending to do so within 12 months. The survey also found that 86.8% planned to increase SaaS security budgets and 84.2% planned to increase AI security budgets.

The study was based on responses from U.S. CISOs at organisations with 500 or more employees across major industry sectors and was conducted by an independent research firm. It found that while confidence in controls remains high, incident rates across SaaS, AI agents, OAuth credentials and supplier connections remain higher.