Content
summary Summary

A new global study from cloud security firm Checkmarx reveals that nearly all developers are using AI coding tools, even at companies that have officially banned them.

Ad

The study found that 99% of development teams use AI coding tools, although 15% of surveyed companies have explicitly prohibited their use. This gap between official policies and actual practices in development departments underscores the difficulty in controlling generative AI use.

Only 29% of companies have established any form of governance for generative AI tools. In 70% of cases, there's no central strategy, with purchasing decisions made on an ad-hoc basis by individual departments.

Image: Checkmarx

Security concerns are growing, with 80% of respondents worried about potential threats from developers using AI. Specifically, 60% express concern about AI issues such as hallucinations.

Ad
Ad

Despite these worries, there's still interest in AI's potential. 47% of respondents were open to allowing AI to make unsupervised code changes. Only 6% said they wouldn't trust AI with security measures in their software environment.

"The responses of these global CISOs expose the reality that developers are using AI for application development even though it can’t reliably create secure code, which means that security teams are being hit with a flood of new, vulnerable code to manage," said Kobi Tzruya, chief product officer at Checkmarx.

Microsoft's Work Trend Index recently reported similar findings, showing that many employees are using their own AI tools when none are provided. Often, they don't discuss this use, which hinders the systematic implementation of generative AI into business processes.

Ad
Ad
Join our community
Join the DECODER community on Discord, Reddit or Twitter - we can't wait to meet you.
Support our independent, free-access reporting. Any contribution helps and secures our future. Support now:
Bank transfer
Summary
  • Despite explicit prohibitions in 15 percent of organizations, 99 percent of development teams use AI tools to generate code.
  • Only 29 percent of companies have established governance for the use of generative AI. In 70 percent of cases, individual departments make ad hoc decisions about the use of AI tools. At the same time, security concerns are growing.
  • 47 percent of respondents are open to allowing AI to make unsupervised code changes. Security teams are faced with the challenge of dealing with a flood of potentially vulnerable AI-generated code.
Sources
Online journalist Matthias is the co-founder and publisher of THE DECODER. He believes that artificial intelligence will fundamentally change the relationship between humans and computers.
Join our community
Join the DECODER community on Discord, Reddit or Twitter - we can't wait to meet you.