AI Coding Adoption Hits 97% but Governance Lags Behind

Staff Editor 2026-06-09
AI Coding Adoption Hits 97% but Governance Lags Behind

AI Coding Adoption Hits 97% but Governance Lags Behind

https://www.infosecurity-magazine.com/news/ai-coding-adoption-governance-lags/

Publish Date: 2026-06-09 11:00:00

Source Domain: www.infosecurity-magazine.com

Nearly all software development teams have adopted AI coding assistants, but fewer than a third govern how the tools are used and that gap is capping the productivity AI promises.

The figures come from an independent survey of 831 software engineers and DevOps professionals carried out by the research firm UserEvidence for Black Duck in March 2026. It found 97% actively using the tools but just 30% with a fully governed approach to oversight.

GitHub Copilot and Claude Code dominate, used by 83% and 63% of teams respectively, and most run more than one assistant.

On the upside, 92% of teams credit the assistants with faster, more productive releases and on average the tools hand developers eight hours back each week.

Read more on AI-generated code risks: Most Cyber Leaders Fear AI-Generated Code Will Increase Security Risks

Productivity Comes With a Catch

The gains come with a catch. Nine in 10 teams hit problems with AI-generated code somewhere in their workflow, a sign the tools often shift effort downstream rather than removing it.

Most of the friction lands after the code is written:

  • Manual code review, cited by 52% of teams

  • Security testing, at 51%

  • Reworking the generated code, 48%

  • Iterating on prompts, 41%

Meanwhile, among teams whose AI-written code has surged by more than half, 57% named security testing and vulnerability fixing as the worst bottleneck.

Diana Kelley, CISO at Noma Security, warned that “faster code is not the same thing as safer code,” with developer time shifting toward validating and securing what AI produces.

Governed Teams Pull Ahead

The teams that formalize oversight see the biggest returns. Where AI use is fully governed, 90% report a major efficiency gain, against 58% overall and 44% of teams without full governance.

However, a quarter have no defined AI coding policy at all, and although 68% called automated tracking of AI-generated code extremely important, many still flag it by hand in…

Source

More Stories

China issues guidelines on financial services data amid broader cybersecurity push

China issues guidelines on financial services data amid broader cybersecurity push

Staff Editor 2026-06-13
Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Staff Editor 2026-06-13
Should CEOs Be Held Personally Accountable for Cyber Attacks?

Should CEOs Be Held Personally Accountable for Cyber Attacks?

Staff Editor 2026-06-13

Terms and Conditions - Privacy Policy