Traditional network security tools are inhibiting firms from adequate data security as a majority of IT leaders report that data security has never been more critical.
A new report, commissioned by Capital One Software with research conducted by Forrester, found that 72% of security professionals agreed that data security is more critical than ever, but investments in traditional network and perimeter security tools impede adequate data protection.
Without rethinking data protection, AI adoption is “impossible” argued the research. As AI agents act autonomously and bypass human oversight, the risk of unintended data exposure is heightened.
A key issue holding back organizations from adequate data protection was found to be legacy siloed solutions. Over half of respondents to the Forrester research said that they lack full visibility of vulnerabilities.
Nearly half admitted that their organizations can’t successfully compete given current data security processes.
At the time the study was conducted, in February 2026, organizations use multiple solutions to ensure their data security goals. These include:
- Network security technologies (e.g., SASE, firewalls, VPNs, intrusion detection system/ intrusion prevention system [IDS/IPS]) at 70%
- Identity and access management (IAM) systems at 65%
- Vulnerability management tools at 60%
“While many organizations believe their current tools adequately protect their data, legacy solutions lack the speed, flexibility, scalability and AI readiness required today,” the study, A 2026 Snapshot on the State of Data Security, said.
Capital One Software said in a communication about the research, “Modern data security must evolve beyond static, perimeter-based approaches to address the constant movement of data across cloud and AI environments. Organizations need integrated strategies that both protect data across all environments and enable it to drive business value, including flexibility, sovereignty, and support for emerging AI use cases.”
Creating value with data must be the key motivator to protect it, and tokenization can help, the firm argued.
Two in three decision-makers don’t use tokenization solutions, underscoring opportunity, the study said. Tokenization reduces risk and expands data use so organizations can maximize their data return on investment (ROI).
According to the study, IT leaders said their security priorities over the next 12 months included:
- Protecting enterprise data at scale (66%)
- Improving overall security posture related to external threats (64%)
- Taking a more proactive approach to security (63%)
- Investing in/updating technology to support better operational efficiency and CX (62%)
- Improving overall security posture (58%)
The research was based on 211 North American director-level and above decision-makers in IT and data and analytics who are responsible for their organization’s security and risk technology strategy.
Capital One Software is an enterprise business-to-business software firm focused on providing cloud and data management solutions for companies operating in the cloud.
