AI Rapidly Rendering Cyber Defenses Obsolete: Report

Rapid enterprise adoption of artificial intelligence is outpacing organizations' ability to secure their operations, according to a new infrastructure security report indicating that AI-driven attacks are already moving faster than traditional defenses can respond.

In its ThreatLabz 2026 AI Security Report, Zscaler warns that enterprises are unprepared for the next wave of AI-driven cyber risk, even as AI becomes embedded in business operations.

The report, based on an analysis of nearly one trillion AI/ML transactions across the Zscaler Zero Trust Exchange platform between January and December of 2025, predicted that enterprises are reaching a tipping point where AI has transitioned from a productivity tool to a primary vector for autonomous, machine-speed conflict.

"AI is no longer just a productivity tool but a primary vector for autonomous, machine-speed attacks by both crimeware and nation-state[s]," Zscaler Executive Vice President for Cybersecurity Deepen Desai said in a statement.

"In the age of Agentic AI," he continued, "an intrusion can move from discovery to lateral movement to data theft in minutes, rendering traditional defenses obsolete."

Adoption Outpacing Oversight

The report cautioned that AI adoption is accelerating faster than enterprise oversight and revealed that, despite AI usage growing 200% in key sectors, many organizations still lack a basic inventory of AI models and embedded AI features.

Zscaler's findings validate exactly what we warned about last year, noted Stu Bradley, senior vice president for risk, fraud, and compliance solutions at SAS, an analytics and artificial intelligence software company in Cary, N.C. "Enterprises are embracing AI faster than they're building the appropriate governance guardrails, and now we're starting to see the consequences," he told TechNewsWorld.

"Most organizations still don't have a complete inventory of where AI is running or what data it touches," he continued. "We're talking millions of unmanaged AI interactions and untold terabytes of potentially sensitive data flowing into systems that no one is monitoring. You don't have to be a CISO to recognize the inherent risk in that."

"You're ending up with AI everywhere and controls nowhere," added Ryan McCurdy, vice president of marketing at Liquibase, a database-change automation company in Austin, Texas.

"People are pasting customer data, snippets of code, and production context into assistants because it's the fastest way to get work done," he told TechNewsWorld. "At the same time, vendors are baking AI into tools you already use, so usage spreads without a formal security review."

"The risk is not theoretical," he declared. "When you can't inventory where AI is running and what it's touching, you can't enforce policy or investigate incidents with confidence."

Michael Bell, CEO of Suzu Labs, a provider of AI-powered cybersecurity services in Las Vegas, explained that every major SaaS vendor is embedding AI features into their products. "These features are often active by default, inherit existing permissions, and escape detection by legacy security filters," he told TechNewsWorld.

"Your employees aren't choosing to use AI," he said. "AI is just happening in the background of tools they already use. That's a fundamentally different risk profile than shadow AI, because you can't solve it by blocking ChatGPT at the firewall. The AI is already inside the applications you sanctioned."

Attacks Launched at Machine Speed

Zscaler researchers also reported that enterprise AI systems are vulnerable at machine speed. They found that most enterprise AI systems could be compromised in just 16 minutes, with critical flaws uncovered in 100% of the systems they analyzed.

While AI security discussions often focus on hypothetical future threats, the report noted, Zscaler's red team testing revealed a more immediate reality: when enterprise AI systems are tested under real adversarial conditions, they break almost immediately.

"AI systems are compromised quickly because they rely on multiple permissions working together, whether those permissions are granted via service accounts or inherited from user-level access," explained Sunil Gottumukkala, CEO of Averlon, an AI-powered cloud security company in Redmond, Wash.

"One identity account may access sensitive data, another may trigger automated actions, and a third may write to production systems," he told TechNewsWorld. "Individually, those permissions often appear legitimate. Combined, they can create unintended attack chains to sensitive data or critical systems."

"Some companies still operate with a focus on employee IDs to distinguish proper authorization, but the number of non-human to human identities is currently 82:1, with less oversight exercised over what access and capabilities the AI model has," explained Troy Leach, chief strategy officer at the Cloud Security Alliance, a not-for-profit organization dedicated to cloud best practices.

"Additionally, the sprawling number of APIs and autonomy of AI agents to have or grant privileged tool access creates new ways to circumvent security controls," he told TechNewsWorld. "The practice of permission rotation and revocation needs to advance to more dynamic efforts to keep pace with the innovation."

Most enterprises treat AI security as an extension of application security, but the attack surface is fundamentally different, added Brad Micklea, CEO and co-founder of Jozu, a Toronto-based developer of tools for securely packaging, deploying, governing, and managing AI models.

"Models aren't code," he told TechNewsWorld. "They're artifacts with embedded training data, weights, and dependencies that can be poisoned at any point in the supply chain. Traditional AppSec tools don't inspect model internals because they weren't designed to."

AI Gold Rush Spawns Shoddy Code

Many companies are rushing to get in on the AI gold rush, so inexperienced development teams are using AI to push out poor-quality code that introduces bugs and security vulnerabilities, explained Eric Hulse, director of research at Command Zero, a cyber investigation automation company in Austin, Texas.

"Company departments without formal security processes are shipping features with AI assistance but without proper vetting," he told TechNewsWorld. "From a technical perspective, these systems are being deployed with the security posture of a prototype, not a production system."

"We're seeing exposed model endpoints without proper authentication, prompt injection vulnerabilities, and insecure API integrations with excessive permissions," he said. "Default configurations are being shipped straight to production. Ultimately, it's a fresh new field, and everyone's rushing to stake a claim, get their revenue up, and get to market fastest."

"In the haste to bring AI to market quickly, engineering and product teams often cut corners to meet aggressive launch timelines," added Randolph Barr, CISO of Cequence Security, a global API security and bot management company.

"When that happens, basic security controls get skipped, and those shortcuts make their way into production," he told TechNewsWorld. "So, while organizations are absolutely starting to think about model protections, prompt injection, data leakage, and anomaly detection, those efforts mean little if you haven't locked down identity, access, and configuration at a foundational level."

The report also noted that in 2025, enterprise data transfers to AI/ML applications surged to 18,033 terabytes -- a 93% year-over-year increase and roughly equivalent to 3.6 billion digital photos.

The scale of this risk is quantified by 410 million Data Loss Prevention (DLP) policy violations tied to ChatGPT alone, it added, including attempts to share Social Security numbers, source code, and medical records.

These findings signal that AI governance has transitioned from a policy discussion to an immediate operational necessity, the report argued. It warned that as these repositories grow, they are becoming high-priority targets for cyber espionage.

No Need to Panic

The biggest takeaway from the report is that AI is already part of everyday work, and people are moving real business data through it -- often without realizing the risk, noted Riaan Gouws, CTO of Forward Edge-AI, an artificial intelligence company focused on public safety, national security, and anti-fraud technologies in San Antonio, Texas.

"Companies don't need to panic, but they do need to catch up fast," he told TechNewsWorld. "Decide what tools are allowed, put guardrails around sensitive data, and make sure security can actually see what's being used."

"What the report ultimately highlights is not an AI problem, but an identity governance problem," added Rosario Mastrogiacomo, chief strategy officer at Sphere Technology Solutions, a data governance software and services company in Hoboken, N.J.

"Until enterprises recognize AI systems as identities that require discovery, ownership, behavioral oversight, and lifecycle management, we'll continue to see impressive innovation paired with fragile security," he told TechNewsWorld. "The organizations that get this right won't slow down AI adoption. They'll make it sustainable."