Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted AI & Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
STAR Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
AI Controls Matrix (AICM)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety
Zero Trust
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted AI & Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted AI & Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
STAR Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
AI Controls Matrix (AICM)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety
Zero Trust
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted AI & Cloud Consultant
CSAIChaptersEventsBlog
Learn how to uncover runtime risks, close governance gaps, and strengthen oversight. Register now for the June 9 webinar →

CSA Official Press Release

Published 06/09/2026

Home
Press Releases
Financial Services Industry Shifts from AI Adoption to Governance as Autonomous Systems Proliferate, Cloud Security Alliance Survey Finds

Financial Services Industry Shifts from AI Adoption to Governance as Autonomous Systems Proliferate, Cloud Security Alliance Survey Finds

As AI systems gain ground in financial sector, limited visibility raises flags about governance and risk management

SEATTLE – June 9, 2026 — A new survey from the Cloud Security Alliance (CSA), the world's leading not-for-profit organization committed to AI, cloud, and Zero Trust cybersecurity education, found that the financial services sector has moved beyond debating whether to adopt Artificial Intelligence (AI), and is now grappling with how to govern it effectively before autonomy outstrips control. 

Commissioned by Anjuna, a leader in Confidential Computing and Autonomous Software Runtime Governance, the State of Cloud and AI for Financial Service 2026 report found that while 62% of organizations have already deployed AI agents, many still lack critical visibility into AI-related risk. Even as 20% of respondents reported experiencing known AI-security incidents, another 21% were unsure whether such incidents had occurred, underscoring how limited visibility may hamper organizations’ ability to investigate, and ultimately mitigate, future AI-related incidents. 

“The results of this year's survey show an industry speeding toward autonomous AI-driven operations while also recognizing that visibility, identity governance, and real-time security controls must mature just as quickly,” said Troy Leach, Chief Strategy Officer, Cloud Security Alliance, and a lead author of the paper. “In an industry built on trust, the institutions that succeed will be the ones that can balance innovation with accountability and prove they can maintain control as AI systems take on more decision-making responsibility.”

The survey’s findings revealed seven defining trends, and highlighted a growing urgency across the industry to establish stronger AI governance frameworks that allow financial institutions to balance innovation with security, governance, and compliance. 

  1. AI is in production. Only 27% of organizations reported no AI agent usage. Over one-third (35%) are actively implementing AI in production, with an additional 9% reporting that they are at the stage of advanced adoption. Nearly half (49%) stated they were in the process of exploring or launching pilot programs.

  2. AI agents are mainstream (and gaining autonomy). Customer service (63%), cybersecurity operations (47%), back-office operations (44%), and fraud detection (41%) were among the top-ranked use cases. As to how much autonomy these agents have, a large majority (93%) of those using agents have granted them some form of autonomy.

  3. Agentic finance is on the horizon. An overwhelming majority of respondents believe AI agents will initiate and execute payments on behalf of consumers. Even as 85% said they anticipate autonomous AI payments, the majority (65%) believe that doing so will mandate a new authorization model.

  4. AI risk is a data problem. Sensitive data leakage through AI interactions (61%) is the top AI security concern, far exceeding worries about model attacks or adversarial techniques.

  5. Cloud adoption — universal with a twist. This year’s report further confirmed the findings of the 2023 State of Financial Services in Cloud in that cloud services are now embedded across financial services organizations — 98.3% reported using some form of cloud services, with a third (33%) reporting that they rely primarily or fully on cloud-based architectures.

  6. Senior leadership support is key. Senior leadership’s understanding of the importance of cloud security in mitigating business risk has paved the way for their support of AI deployment. Ninety-one percent of respondents indicated they have moderate to strong support from executive leadership.

  7. Misconfiguration and third-party risk remain top cloud risks. Risks tied to human error completed came in as the top three security concerns — third-party risk (55%), misconfiguration (52%), human error (27%) — indicating a greater confidence in security tools and supporting technology.

"The financial services industry is entering a new phase of AI adoption where AI is not just a competitive advantage, but table stakes. The only way to deploy AI at scale, especially in the financial services industry, is by deploying it responsibly,” said Ayal Yogev, CEO and co-founder of Anjuna. “Organizations clearly recognize the opportunity AI presents, yet many are still developing the visibility and governance needed to manage these systems at scale. As AI agents become more autonomous and begin handling sensitive transactions and data, security, policy enforcement, and accountability can’t be secondary considerations . They must be embedded into the foundation of every AI initiative.”

The survey was conducted online from January 15 to March 1, 2026, and is based on 340 responses from professionals involved in cloud computing, AI, cybersecurity, compliance, and risk management within financial services organizations worldwide. Respondents were recruited through CSA's membership network, the Financial Services Working Group, partner organizations, and industry events.

Download the State of Cloud and AI for Financial Services.

About Anjuna

Anjuna Security gives enterprises the freedom to govern and scale AI agents across different environments with confidence. Built on confidential computing technology, Anjuna’s platform provides the central control to ensure AI agents act only as intended, stay within budget, and continuously comply with regulatory frameworks. Every action is evaluated, and every operational risk is managed; credentials never leak, and sensitive data is always controlled and secured. With Anjuna, regulated enterprises can move fast with trusted autonomous AI, efficiently meeting goals without increasing risk and losing security oversight. For more information, visit anjuna.io.

About Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world’s leading not-for-profit organization committed to awareness, practical implementation, and credentialing of forward-looking cybersecurity topics, including AI, cloud, and Zero Trust. In an era where digital transformation drives business success, CSA stands as the global authority ensuring organizations can operate securely while harnessing cutting-edge technology. Through the 501(c)3 CSAI Foundation, volunteer-driven research, globally-accepted standards, and award-winning vendor-neutral education programs that unite varied associations, governments, chapters, and corporate members, CSA bridges the gap between innovation and pragmatic security execution. Visit CSA’s website to learn more.

 

Media Contact

Blair Moreland

ZAG Communications for the CSA

[email protected] 

Share this content on your favorite social network today!

About Cloud Security Alliance

The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, follow us on Twitter @cloudsa.

For press inquiries, email Zenobia Godschalk of ZAG Communications or reach her by phone at 650.269.8315.