4 Sources
[1]
The AI security paradox: Why are organizations trusting what they can't fully see?
Businesses are racing to adopt and operationalize AI, but many are deploying the technology faster than they can govern it. This gap is quietly becoming one of the biggest security risks facing enterprises today. AI agents are being embedded into everyday workflows as teams chase efficiency gains, and organizations are under increasing pressure from boards and senior leadership to automate processes faster. However, beneath this perceived momentum sits a more uncomfortable reality: businesses still have limited visibility into how these systems behave once deployed. Security teams need to take a step back and rethink what proper governance looks like in a world where AI systems operate with autonomous access, inherited permissions and limited visibility. Confidence is outpacing verification Understandably, many businesses view successful AI deployment as evidence that they are ready to scale AI across their business. Recent research found that 87% of organizations believe their identity management posture is prepared to support AI-driven automation. Yet, at the same time 46% admit that their identity governance falls short. This contradiction sits at the core of the AI security paradox. The core problem is that organizations are granting AI systems increasing levels of access and autonomy before they have established clear ways to monitor or verify how these systems behave. If nobody can explain why an AI agent took an action, the permissions it inherited, the systems it accessed and whether or not that behavior was actually intended, governance quickly becomes reactive rather than preventative. AI agents undermine traditional identity governance foundations Unfortunately, securing these new AI identities won't happen overnight, as legacy governance models simply aren't cut out for the challenges facing security teams today. Traditional identity management was built around four key assumptions: predictable behavior, human intent and bounded permissions. Agentic AI changes all four. Security teams already understand the risks of AI agents and non-human identities. The problem is that operational realities are forcing many organizations to accept those risks regardless. Research shows that 73% of organizations believe standing access for AI agents increases security risk. In other words, leaders recognize the dangers associated with giving AI systems privileged access, but feel under pressure to prioritize speed and operational efficiency anyways. Crucially, the governance issue extends beyond risk. The fact that 80% of organizations said they cannot always determine why an AI agent took a privileged action suggests a fundamental issue. That creates an entirely different governance challenge from one that ever existed in traditional identity management. Humans can typically justify intent, context or decision-making -autonomous systems can't. Shadow AI is becoming operational infrastructure AI usage in the workforce has long moved on from a select few employees experimenting with ChatGPT. Now, the technology is deeply woven into production systems, workflows and enterprise data. The scale of the problem is significant - 53% of organizations say they regularly encounter unsanctioned AI tools or agents accessing company systems or data, but only 28% can detect shadow AI in real time. In reality, businesses are effectively allowing unknown contractors to roam freely through their corridors, with limited insight into where they're going, what they're doing and what they have access to. This shift is forcing organizations to rethink traditional security priorities and focus on continuous monitoring and validation. As a result, businesses need to begin focusing on how effectively they can monitor and verify what their AI systems are accessing, and whether that access is still appropriate. Solving the governance contradiction We know that organizations can't afford to slow down on AI adoption given the competitive and operational incentives. But they also can't afford to expand AI access and permissions faster than they can secure them. This means bringing identity security to the forefront of AI governance strategies. Much of the discussion around AI risk still focuses on models, regulation and data privacy and those issues are important. But the true operational challenge increasingly sits between inherited permissions and unmanaged trust between systems. For business leaders, the first priority should be improving visibility rather than adding more controls. They need to understand which AI identities exist within their organisation, what systems they can access, how permissions are inherited and where standing privileges have accumulated over time. Organizations will also need to move away from persistent privilege models towards more dynamic models that provide temporary access only when required. Ultimately, the organizations that will reap the greatest rewards from AI will be the ones that can understand, govern and validate the systems they use. Deploying automation as fast as possible may lead to some quick wins, but doing so without the right governance measures in place could come back to haunt you. We've reviewed and ranked the best firewall software. This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit
[2]
AI has collapsed the cyber response window -- resilience now starts before the attack
Enterprise cybersecurity is facing a fundamental speed problem. Frontier AI models are now enabling autonomous attacks that can move from initial access to full system breakout in as little as 27 seconds. That's faster than any human-operated security workflow can detect, escalate, and respond. As a result, security operations can no longer assume there is time for humans to respond between breach and damage. The security posture that enterprises need for the AI era centers on cyber resilience: continuously identifying clean recovery states, mapping critical data and identity dependencies, and automating restoration so that operations can recover in hours not days. "Everything that relied on process or human-in-the-loop intervention is no longer going to be able to execute at the speed of the attacks," says Dev Rishi, GM of AI at Rubrik. "If the attacks are happening in 27 seconds, it means I need my recovery to happen just as quickly." Traditional detection and prevention are failing against AI-driven attacks The rules-based logic that has defined enterprise security for decades, such as static access controls, known signature detection and deterministic behavioral policies, was engineered for deterministic software. AI agents behave differently. They're non-deterministic, capable of pursuing the same objective through many different paths, and increasingly capable of circumventing static guardrails by finding alternative routes when one is blocked. The deeper problem is that conventional security logic checks identity, permissions, and access, and asks whether each individual access is permitted. But it can't evaluate whether a sequence of permitted actions, taken across multiple applications, constitutes either a data leak, a destructive operation, or an attack. "You need a system that can understand context," Rishi says. "You need to use AI to look at what an agent is doing and say, 'it looks like what you're doing might be a risk of leaking sensitive data externally.'" How AI agents are blurring the line between internal and external cyber threats Enterprise security has historically maintained a meaningful distinction between external and internal threat vectors. External threats can be multidimensional, lightning fast, and come from a variety of vectors. On the other hand, internal threats were traditionally bounded by what a single human actor could accomplish before detection, constrained in speed, scope, and scale, but that distinction is falling apart as AI agents operate inside enterprise environments. These agents have access to multiple systems simultaneously and move at speeds no human employee can match. When an agent makes a mistake, such as a hallucination, misread instruction, or an unintended data transfer, the resulting damage can look operationally identical to a malicious insider attack. And when an external attacker compromises an internal agent, they inherit its full access profile across every connected application. "Whether or not the agent is an internal threat because of an inadvertent mistake or because it's been maliciously compromised, you need runtime guardrails that enforce your organizations policies consistently across agents," Rishi says. "The practical answer is an AI-native guardian layer that monitors agent behavior semantically, understands intent across actions, and can block or terminate a misbehaving agent at machine speed, then trigger recovery immediately." Preparing for a world of inevitable compromise Frontier AI models, including those capable of discovering and operationalizing zero-day vulnerabilities autonomously, are changing the economics of attacks. As a result, interest in Mythos readiness is growing. Enterprises are increasingly operating under two assumptions: that attacks are inevitable, not exceptional, and that investment in resilience and rapid recovery must be treated as strategically as investment in prevention has been. The shift reframes recovery from a post-incident activity into a capability that is deliberately designed, tested, and continuously validated. "The idea that you can recover quickly from an attack is going to become one of the most important facets of security," Rishi says. "It's the insurance policy that organizations now have to treat as a first-class citizen." Why AI-powered cyber resilience depends on small models True cyber resilience is a two-sided coin: it demands both real-time intelligent enforcement to intercept threats in motion, and automated recovery to restore operations immediately. While having backups is a baseline, organizations need workflows that can continuously monitor systems at machine speed, and instantly determine the most recent clean state under attack conditions. Applying AI to the first half of that equation -- real-time enforcement -- creates a fundamental technical and economic challenge. Relying on massive frontier models to monitor every agent action introduces crippling latency overhead and exorbitant computing costs. A guardian AI system that slows down operations or costs as much as the systems it monitors is simply not viable for widespread adoption. "It has to be a fast, small, and cheap AI model," Rishi says. "No one wants to sign up for a secure solution that doubles their cost or latency." This is why small language models (SLMs) are critical for real-time enforcement. Rubrik's approach, anchored by its acquisition of Predibase, is to build this frontline defense layer on small models optimized specifically for speed and efficiency. Unlike heavy frontier models, SLMs can semantically evaluate agent behavior at machine speed and at a fraction of the cost, acting as a real-time checkpoint. That hyper-efficient enforcement layer is what enables a tighter, seamless connection to recovery. When the system observes an agent taking a destructive action -- such as deleting a database, corrupting a critical file, or exfiltrating sensitive data -- the small model detects it immediately, halts the damage, identifies the most recent clean snapshot from before the incident, and initiates recovery in a single, automated workflow. The shift from incident response to architectural resilience The broader implication of Mythos and similar frontier AI systems is a shift in how organizations think about security. As AI compresses the gap between attack and impact, resilience and recovery become architectural requirements rather than operational considerations. Rubrik's view is that security systems can no longer stop at detection. As AI agents gain greater autonomy, observability, identity context, and recovery must operate as a coordinated resilience layer. The goal is not simply to identify when something has gone wrong, but to shorten the gap between detection and restoration. "The same thing that's introducing the threats, the frontier capabilities of models like Mythos, can also be used to help us combat the threat," Rishi says. "Positioning yourself for the AI era means closing the gap between detecting that something has gone wrong and restoring the systems that were affected, before the cost of that gap compounds." Sponsored articles are content produced by a company that is either paying for the post or has a business relationship with VentureBeat, and they're always clearly marked. For more information, contact [email protected].
[3]
Anthropic's Mythos leak hands enterprises a timely warning
What governance actually needs to look like to keep pace with AI Anthropic's Mythos Preview had barely been announced before it was compromised - accessed by a private Discord group on the day of its public release through a third party vendor environment. For a model distributed across 40 companies and their associated contractor networks, the breach was, to many security experts, a matter of when. Anthropic is not an outlier - the conditions that enabled the breach are structural, and most enterprise AI deployments are built on the same foundations. The enterprise reality - capable agents, variable controls Most enterprise AI deployment is neither centralized nor consistently visible. Capable AI agents are already embedded in production workflows across most large enterprises - accessing live systems, informing decisions, operating across vendor and contractor networks where boundaries such as what agents can see, act on and escalate may not have been formally mapped. The Mythos investigation has brought attention on what happens when powerful AI operates without proper governance. With only one in five enterprises holding a mature governance model for autonomous agents despite deployment accelerating sharply across the same period, the control plane governing those deployments is more likely to exist in strategy decks and risk frameworks than in tested, operational infrastructure. For enterprises, the question is what the control plane governing those agents actually looks like in policy, architecture and operational practice. Four governance imperatives for agentic automation The Mythos breach was enabled by failures across vendor access, identity controls and contractual oversight - the same pressure points that determine whether any enterprise agent deployment is auditable, recoverable and regulatorily defensible. Getting ahead of them requires focus on four areas: * Access control and least privilege - Define exactly what an agent can touch. Agentic systems should never inherit blanket privileges. Apply role-based and context-aware access controls so agents operate with the minimum permissions required for a task. Treat agents like employees - with identity, just-in-time access and revocation mechanisms. * Auditability and decision traceability - If an agent acts, you must be able to reconstruct why it did so. Capture inputs, model versions, prompts, intermediate reasoning artifacts and the final actions. Immutable logs and explainability tooling convert opaque outcomes into auditable trails that satisfy internal compliance teams and external regulators alike. * Human-in-the-loop and fail-safe controls - Design where humans must intervene, and where agents can act autonomously. For high-risk decisions institute gating workflows - pause points, manual approvals and automated rollback options. Ensure operators can pause or reverse agentic actions and that escalation paths are well rehearsed. * Supplier and model provenance - Know what you consume. Whether you use third-party APIs, licensed foundation models or internally trained agents, document model lineage, training data assumptions, performance boundaries and known failure modes. Contracts and SLAs should require transparency, update cadences and liability clauses for material failures. Governance is not a speed bump - it unlocks speed Most organizations have assembled controls reactively, after a deployment has scaled or after something has gone wrong, at which point the cost of remediation consistently exceeds what building it in from the start would have required. The Financial Stability Board's engagement with Anthropic this month - convened at the request of Bank of England Governor Andrew Bailey - signals how quickly regulatory expectations are forming around AI governance, and how little runway organizations have to get ahead of them. Procurement cycles move faster and regulatory conversations are considerably less fraught for organizations that can demonstrate auditable controls before they are asked to. From reaction to readiness Mythos, in the classical sense, is the story a culture tells about itself. It will not be the last model to escape its controlled environment, and the conditions that enabled the breach will only become more prevalent as agentic AI moves from experimentation into production across enterprises. Anthropic's choice to withhold Mythos underscores a simple truth: capability outpaces governance. The story most enterprises are currently telling about their AI governance doesn't yet match the reality of what they've deployed - and that distance is closing faster than most have planned for. But it should not provoke panic. Running controls through simulated breach conditions, mapping agent access across the full estate, and requiring contractual transparency from vendors is where that work begins - before the next breach makes it urgent. We've featured the best AI tool. This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit
[4]
Understanding cyber resilience in the age of internal threats, AI, and emerging data loss risks
Human error, insider threats, and AI reshape cyber resilience External cyberattacks, especially ransomware, are now viewed as a matter of when, not if. It's no wonder they dominate cybersecurity discussions and make frequent headlines. IBM's 2025 Cost of a Data Breach report found that the average global cost of a data breach stands at $4.4million, underscoring why the threat of an attack keeps business and IT leaders up at night. But they represent only one side of the data risk landscape. What's less understood and often underestimated are the internal threats that can be just as disruptive and damaging. From simple employee errors to deliberate insider actions, and even the unintended consequences of generative AI tools, these risks pose serious challenges for every organization's data security strategy. Human Error and Malice Human error remains one of the most persistent vulnerabilities in cybersecurity. In fact, 2024 research found that the human element played a role in 68% of breaches, ranging from simple mistakes to social engineering and misconfigurations. Ignoring this reality leaves a critical gap in any security strategy. Human error isn't the only internal risk. Insider threats - both intentional and negligent - represent a growing portion of today's breach landscape. In fact, 83% of organizations experienced at least one insider-related incident last year. Whether it's a disgruntled employee exfiltrating data or a staff member mistakenly over-provisioning access, incidents involving trusted credentials are notoriously difficult to detect and recover from. Whether it's accidental human error or deliberate insider attacks, the first step to reducing these types of risks is to acknowledge that the weakest link in any cybersecurity chain is people. Even the most advanced internet security infrastructure can be compromised by a single careless mistake or a trusted user with bad intentions. Creating a culture of continuous education mixed with accountability can mitigate some of these threats. Reducing privileged access to only what is necessary can also significantly lower the risk of employee caused data leaks. However, organizations should always assume that human errors will occur and prepare accordingly. User and Entity Behavior Analytics (UEBA) plays a critical role in identifying suspicious activity that may indicate insider threats. By flagging anomalies such as unexpected data transfers or unusual access patterns, UEBA enables security teams to respond swiftly before significant damage occurs. Just as important is having strong technical safeguards in place. These act as a critical safety net when human controls fail. For example, it's important to verify that automated backups are running efficiently and include all data sources, such as cloud applications and endpoints. This can ensure that no critical data is left unprotected or overlooked in the event of a disruption or breach. These backups need to be immutable and tamper-proof, so that even a rogue insider cannot alter or delete recovery points. The AI Conundrum While AI promises a boost to productivity and innovation, it also brings with it new threats. As an example, the rise of AI co-pilots and agents in various workflows such as coding, writing and data analysis widens the attack surface. For AI to operate efficiently, it requires access to sensitive internal data such as documents and proprietary systems, which means that the slightest oversight in access permissions and data governance can severely cost an organization. This is not going unnoticed. The U.S. National Institute of Standards and Technology (NIST) states in its AI Risk Management Framework that AI models may "leak, generate, or correctly infer sensitive information" even data not explicitly included in the input, through memorization, adversarial attacks, or by combining disparate sources. This concern is echoed in the private sector, with over 80% of security leaders expressing concern that generative AI could leak company secrets, and security experts warning that only 24% of generative AI initiatives are fully secured. Furthermore, a staggering 90% of organizations report a lack of adequate security standards to defend against AI-centered threats. Gartner predicts that by 2027, more than 40% of AI-related data breaches will be caused by the improper use of generative AI. So how can enterprises continue to implement the evolving world of AI into business processes while ensuring it doesn't open the door to a bevy of cyberattacks? The first step is to treat AI agents as part of the threat model. The same security principles that are often implemented to traditional IT environments need to be applied to AI implementation - zero trust, data minimization, encryption, segmentation, etc. AI agents need to be viewed as tools with privileged access, and handled accordingly. The data that is being fed into these AI agents needs to be reviewed and cleaned-up, including removing outdated or overly sensitive files from training sets and ensuring only approved data sources are utilized. Close monitoring and keeping a log of all AI interactions is also critical. This needs to be detailed enough to enable an audit trail that can help to detect potential abuse or oversharing of confidential data. To reduce the risk of human error, AI guidelines should also include security awareness training so that employees can understand that AI agents are not sandbox environments, and any sensitive data could be logged, stored, and in the worst-case scenario, shared. Immutable Backups Delivered as a Managed Service While the threat landscape continues to expand, the reality is clear - no security stack is impenetrable. Cybercriminals will always search for new angles, whether through ransomware, insider threats, or AI-driven exploits. That's why true resilience depends not only on prevention but also on the ability to recover quickly and confidently when defenses are breached. Immutable backups, delivered as a managed service, provide that safety net. Unlike traditional backups that can be corrupted, deleted, or encrypted by attackers, immutable backups are unchangeable and tamper-proof. By layering this with 24/7 monitoring, expert management, and tested recovery processes, a managed service ensures that recovery points remain secure and always available. This approach dramatically shortens downtime, from days to hours and removes the operational burden from internal IT teams who may lack the time or expertise to manage complex recovery environments. Looking for the best cloud backup? This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit
Share
Copy Link
Organizations are racing to deploy AI agents across enterprise systems, but a troubling gap has emerged between confidence and capability. While 87% believe their identity management is ready for AI-driven automation, 46% admit their identity governance falls short. Meanwhile, autonomous cyberattacks powered by frontier AI models can now breach systems in just 27 seconds—faster than any human security team can respond.
Enterprises are embedding AI agents into production workflows at breakneck speed, driven by competitive pressure and efficiency promises. Yet beneath this momentum lies an uncomfortable reality: businesses are granting AI systems increasing levels of access and autonomy before establishing clear ways to monitor or verify their behavior
1
. This disconnect has created what security experts now call the AI security paradox.Recent research reveals that 87% of organizations believe their identity management posture is prepared to support AI-driven automation. At the same time, 46% admit that their identity governance falls short
1
. More troubling still, 80% of organizations cannot always determine why an AI agent took a privileged action, suggesting a fundamental gap in AI governance capabilities1
.
Source: TechRadar
The urgency around AI security has intensified as frontier AI models enable autonomous cyberattacks that move from initial access to full system breakout in as little as 27 seconds
2
. That timeline is faster than any human-operated security workflow can detect, escalate, and respond to threats. Traditional detection and prevention strategies, built on rules-based logic and static access controls, simply cannot keep pace with non-deterministic AI agents capable of pursuing objectives through multiple different paths2
."Everything that relied on process or human-in-the-loop intervention is no longer going to be able to execute at the speed of the attacks," explains Dev Rishi, GM of AI at Rubrik. "If the attacks are happening in 27 seconds, it means I need my recovery to happen just as quickly"
2
. This reality is forcing enterprises to shift from prevention-focused strategies toward cyber resilience models that emphasize rapid recovery and continuous validation.The challenge extends beyond intentional enterprise AI deployments. Research shows that 53% of organizations regularly encounter unsanctioned AI tools or AI agents accessing company systems or data, yet only 28% can detect shadow AI in real time
1
. This means unknown AI systems are operating within enterprise environments with limited visibility into what they access or how permissions are inherited.
Source: TechRadar
The problem is compounded by the fact that 73% of organizations believe standing access for AI agents increases security risk, yet operational pressures force many to accept those risks anyway
1
. AI agents undermine traditional identity governance foundations because they operate with inherited permissions across multiple systems simultaneously, moving at speeds no human employee can match.The structural vulnerabilities in enterprise AI deployments became starkly visible when Anthropic's Mythos Preview was compromised on the day of its public release through a third-party vendor environment
3
. The Anthropic Mythos leak was distributed across 40 companies and their associated contractor networks, making the breach, to many security experts, a matter of when rather than if3
.The incident underscores a critical gap: only one in five enterprises holds a mature governance model for autonomous agents despite deployment accelerating sharply
3
. The Financial Stability Board's subsequent engagement with Anthropic—convened at the request of Bank of England Governor Andrew Bailey—signals how quickly regulatory expectations are forming around AI governance3
.While external cyberattacks dominate headlines, internal threats pose equally serious challenges. Research found that the human element played a role in 68% of breaches, ranging from simple mistakes to social engineering and misconfigurations
4
. Additionally, 83% of organizations experienced at least one insider-related incident last year4
.Generative AI amplifies these risks. Over 80% of security leaders express concern that generative AI could leak company secrets, and Gartner predicts that by 2027, more than 40% of AI-related data breaches will be caused by improper use of generative AI
4
. The U.S. National Institute of Standards and Technology states in its NIST AI Risk Management Framework that AI models may "leak, generate, or correctly infer sensitive information" even when data wasn't explicitly included in the input4
.
Source: VentureBeat
Related Stories
Security experts identify four critical areas where enterprise AI deployments require immediate attention. First, organizations must implement least privilege access controls, treating AI agents like employees with identity, just-in-time access, and revocation mechanisms
3
. Second, auditability and decision traceability must capture inputs, model versions, prompts, and final actions through immutable logs3
.Third, human-in-the-loop controls should define where humans must intervene versus where agents can act autonomously, with gating workflows for high-risk decisions
3
. Fourth, supplier and model provenance requires documenting model lineage, training data assumptions, and known failure modes3
.The shift toward AI-powered resilience centers on a fundamental assumption: attacks are inevitable, not exceptional. Organizations need workflows that continuously monitor systems at machine speed and instantly determine the most recent clean state under attack conditions
2
. This requires moving from persistent privilege models toward dynamic models that provide temporary access only when required1
.Implementing User and Entity Behavior Analytics enables security teams to flag anomalies such as unexpected data transfers or unusual access patterns before significant damage occurs
4
. Organizations should also verify that automated immutable backups are running efficiently and include all data sources, ensuring that even a rogue insider cannot alter or delete recovery points4
. Applying zero-trust principles to AI implementations—treating AI agents as tools with privileged access—remains essential for managing both insider threats and external attack vectors[4](https://www.techradar.com/pro/understanding-cyber-resilience-in-the-age-of-internal-threats-ai and-emerging-data-loss-risks).Summarized by
Navi
[2]
20 Feb 2026•Technology

01 Jun 2026•Policy and Regulation

09 Jun 2026•Technology

1
Technology

2
Policy and Regulation

3
Policy and Regulation
