Summary
This blog looks at how the cyber threat landscape is shifting as organisations move from on-premises and cloud environments to widespread use of AI. It explains why AI security has become a board-level priority and explores key risks such as data leaks, AI-jacking, and shadow AI.
Drawing on insights from IBM, CSO Online, and Wiz, it outlines how poor governance and weak access controls are leaving AI systems exposed. The post also highlights the growing role of the EU Artificial Intelligence Act and offers practical advice for improving AI security, building trust, and meeting compliance.
The threat landscape is constantly evolving. We have moved from securing on-premises infrastructure to defending hybrid and multi-cloud environments, and now to protecting artificial intelligence (AI) systems that power decision-making, automation, and innovation across the enterprise.
Since late 2022, AI has gained unstoppable momentum. The widespread use of generative AI tools has changed how people work, create, and communicate. Employees across industries now rely on AI for everything from drafting reports to analysing data. Yet an important question remains: is it safe, and does it meet compliance requirements?
Most organisations still lack clear policies or controls around AI use. What began as experimentation is now business-critical, and unmanaged AI adoption has introduced new risks involving data privacy, intellectual property, and regulatory compliance.
According to CSO Online, 58% of CISOs have increased their AI security budgets in 2025, recognising that the pace of adoption has outstripped traditional defences. Yet confidence in AI security continues to lag behind its popularity.
AI as the Next Attack Vector
AI is no longer just a productivity tool. It is now part of the threat landscape itself.
Cyber adversaries are using AI to craft convincing phishing campaigns, automate reconnaissance, and exploit weaknesses in machine learning models.
At the same time, defenders are seeing new forms of attack, such as AI-jacking, where attackers manipulate or hijack AI models to extract data, spread misinformation, or generate malicious content. These attacks are more subtle than traditional ones, exploiting how AI systems think rather than how they execute.
There is also the growing issue of shadow AI, where employees use unapproved AI tools, and personal devices, to speed up their work. Although well-intentioned, these tools can bypass governance controls, introduce unmonitored data flows, and create compliance blind spots.
The outcome is clear. AI has become both an enabler and a potential liability in cybersecurity.
Confidence in AI Security: A Growing Gap
Despite rapid investment, trust in AI’s security remains uncertain.
A 2025 IBM report revealed that 13% of organisations have experienced breaches involving AI models or applications, and 97% lacked proper access controls.
This is not just a technical shortcoming; it is a confidence problem.
AI systems often respond with authority, but their answers may be factually incorrect. When employees or systems act on these incorrect outputs, the result can be compliance failures, operational errors, or misinformation on a large scale.
Consider the comparison. We have used AI in Google Maps for over a decade. It is powered by machine learning and most users trust it implicitly because its results are testable and transparent. Large language models (LLMs), however, work differently. They generate text based on probability, not certainty. This creates challenges for trust, accountability, and validation.
Efficiency Meets Exposure: The Chatbot Dilemma
AI is transforming workplace efficiency, especially through chatbots and virtual agents. Many companies have embedded these tools into customer service, sales, and HR systems to speed up response times and reduce costs.
However, efficiency can quickly turn into exposure.
In one example, CX Today reported that researchers were able to manipulate a customer service AI agent into revealing full Salesforce records. Around the same time, it was reported that McDonald’s employed the use of an AI chatbot which leaked job applicant data.
These examples illustrate a key point. When LLMs are connected to live data sources or systems, they can unintentionally expose sensitive information if the right controls are not in place.
To address this, many organisations are introducing AI penetration testing to evaluate model resilience and data segregation. These assessments help identify weaknesses before they can be exploited.
Governance and Control: Closing the Shadow AI Gap
The rise of shadow AI shows the need for stronger governance. Employees often turn to generative AI because it is fast and useful, but without clear oversight these tools can undermine even the most mature cybersecurity strategies.
Organisations should treat AI tools as integral parts of their information systems, not as standalone apps. That means:
- Requiring vendor transparency on how data is stored and used
- Applying least privilege access to AI models and APIs
- Enabling model observability to track behaviour and detect anomalies
- Providing training so staff understand what information can be safely shared with AI systems
These steps help align innovation with compliance and keep sensitive data under control.
Early Adoption and the Road to Maturity
Enterprise AI adoption is still at an early stage. The technology offers huge potential for efficiency and insight, but it is not yet mature enough to operate without careful oversight. Generative models in particular are still learning to manage context, accuracy, and data protection effectively.
As Wiz.io’s Generative AI Security Academy explains, securing AI requires a tailored approach rather than simply extending existing IT controls. Security teams must focus on model integrity, prompt injection prevention, and data isolation.
Forward-thinking CISOs are developing AI security playbooks to standardise safe deployment. These playbooks outline how to test, monitor, and manage AI systems responsibly and are quickly becoming as essential as traditional incident response plans.
Building AI Champions Across the Organisation
Technology alone will not secure AI. People will. Many organisations are creating AI champions within departments to promote responsible use and strengthen awareness. These champions act as a bridge between technical and non-technical teams, ensuring that AI adoption aligns with security policies.
They can help identify safe use cases, promote best practice, and guide colleagues in using AI tools securely. In time, these internal advocates will play a key role in embedding a culture of trust and accountability around AI.
The Path Forward: Trust, Verify, and Secure
AI represents the next major shift in cybersecurity.
Just as organisations learned to secure the cloud a decade ago, they must now develop the same level of confidence and control around AI.
This means treating AI as both a valuable asset and a potential risk. It involves verifying every deployment, continuously testing for data leakage or manipulation, and holding models to the same standards as any other critical system.
Regulation is also catching up. The EU Artificial Intelligence Act is setting the benchmark for responsible AI governance. It categorises AI systems by risk level, mandates transparency, and requires strong oversight for high-risk applications. Even organisations based outside the EU will feel its influence, as supply chains and customers increasingly demand compliance with its principles of safety, accountability, and fairness.
The journey to secure AI mirrors the evolution from on-prem to cloud: uncertainty at first, then structure, and eventually trust. We are not there yet, but the organisations that act now will set the standard for secure and responsible AI use.
Contact us to learn how to secure your AI systems.