Security Leaders Cite AI as a Risk Multiplier for APIs in New Akamai Survey
Rhea-AI Summary
Akamai (NASDAQ: AKAM) released the fourth annual API Security Impact Survey on April 28, 2026, based on 1,840 security professionals across six industries and ten countries. The study finds 87% of organizations experienced an API-related incident in the past year (up from 76% in 2022), an average of 3.5 incidents per organization, and an average incident cost exceeding US$700,000.
Key gaps include falling API visibility (only 23% now know which APIs expose sensitive data, vs 40% in 2022) and growing AI-related targeting (38% rank AI security top priority; 42% report APIs that power AI/LLMs were attacked).
AI-generated analysis. Not financial advice.
Positive
- 87% of organizations reported an API incident in the past year
- Average of 3.5 API incidents per organization in prior 12 months
- Average reported incident cost exceeding US$700,000
- Nearly 80% rank API security among top three cybersecurity priorities
- 96% of financial services respondents reported an API attack
Negative
- Share of enterprises knowing which APIs expose sensitive data fell to 23% (from 40%)
- 42% report APIs powering AI/LLMs were targeted by attacks
- Only 53% of organizations have dedicated API security personnel
- C-suite reports higher testing maturity (40%) than DevSecOps (28%)
News Market Reaction – AKAM
On the day this news was published, AKAM declined 0.52%, reflecting a mild negative market reaction. Our momentum scanner triggered 25 alerts that day, indicating elevated trading interest and price volatility. This price movement removed approximately $77M from the company's valuation, bringing the market cap to $14.80B at that time.
Data tracked by StockTitan Argus on the day of publication.
API attacks and incident costs surge alongside AI adoption
CAMBRIDGE, Mass., April 28, 2026 (GLOBE NEWSWIRE) -- Akamai (NASDAQ: AKAM) today released new research showing that organizations are rushing to deploy APIs without adequate security or testing, leaving them vulnerable to attacks once released. Now in its fourth year, the Akamai API Security Impact Survey examines the state of API protection based on a global survey of 1,840 security professionals across 6 industries and 10 countries.
The study shows that API attacks continue to rise. Eighty-seven percent of respondents reported an API-related security incident in the past year, up from
Security teams rank securing AI technologies as their top cybersecurity priority (
Survey results show organizations increasingly lack API visibility, a problem worsened by AI, with only
Other survey findings include:
- Nearly all respondents in the financial services sector (
96% ) reported an API-related attack in the past 12 months. - The industries with the highest incident costs were energy and utilities (US
$860,000) , manufacturing (US$732,000) , and health and life sciences (US$725,000) . - Nearly
80% of enterprises rank API security among their top three cybersecurity priorities. - Forty percent of C-suite leaders report advanced API testing maturity, compared with just
28% of DevSecOps teams. This suggests that leadership confidence exceeds what implementation teams report on the ground. - Slightly more than half of organizations (
53% ) have dedicated personnel responsible for API security.
“The rapid expansion of the API attack surface means organizations who rely heavily on APIs face significant risks, financial impact, and compromised visibility,” said Sean Lyons, Senior Vice President and General Manager, Application and Infrastructure Security at Akamai. “APIs are rapidly exploding in number and most companies can’t keep track of them. If you’re adopting AI, API security can't be an afterthought. You need the foundation to actually trust the AI systems you're building.”
Beyond survey insights, the study also provides recommendations to help security teams strengthen their API security strategies. These include closing visibility gaps by discovering and inventorying all APIs that are linked to LLMs and AI applications, embedding security testing and controls throughout the API lifecycle, and treating API security as a prerequisite for trusted AI.
About Akamai
Akamai is the cybersecurity and cloud computing company that powers and protects business online. Our market-leading security solutions, superior threat intelligence, and global operations team provide defense in depth to safeguard enterprise data and applications everywhere. Akamai’s full-stack cloud computing solutions deliver performance and affordability on the world’s most distributed platform. Global enterprises trust Akamai to provide the industry-leading reliability, scale, and expertise they need to grow their business with confidence. Learn more at akamai.com and akamai.com/blog, or follow Akamai Technologies on X and LinkedIn.
Contact
Akamai Media Relations
akamaipr@akamai.com
