AI Rapidly Rendering Cyber Defenses Obsolete: Report - TechNewsWorld

AI Rapidly Rendering Cyber Defenses Obsolete: Report By John P. Mello Jr. February 3, 2026 5:00 AM PT Email Article 6 29 43 93 Rapid enterprise adoption of artificial intelligence is outpacing organizations’ ability to secure their operations, according to a new infrastructure security report indicating that AI-driven attacks are already moving faster than traditional defenses can respond. In its ThreatLabz 2026 AI Security Report, Zscaler warns that enterprises are unprepared for the next wave of AI-driven cyber risk, even as AI becomes embedded in business operations. The report, based on an analysis of nearly one trillion AI/ML transactions across the Zscaler Zero Trust Exchange platform between January and December of 2025, predicted that enterprises are reaching a tipping point where AI has transitioned from a productivity tool to a primary vector for autonomous, machine-speed conflict. “AI is no longer just a productivity tool but a primary vector for autonomous, machine-speed attacks by both crimeware and nation-state[s],” Zscaler Executive Vice President for Cybersecurity Deepen Desai said in a statement. “In the age of Agentic AI,” he continued, “an intrusion can move from discovery to lateral movement to data theft in minutes, rendering traditional defenses obsolete.” Adoption Outpacing Oversight The report cautioned that AI adoption is accelerating faster than enterprise oversight and revealed that, despite AI usage growing 200% in key sectors, many organizations still lack a basic inventory of AI models and embedded AI features. Zscaler’s findings validate exactly what we warned about last year, noted Stu Bradley, senior vice president for risk, fraud, and compliance solutions at SAS, an analytics and artificial intelligence software company in Cary, N.C. “Enterprises are embracing AI faster than they’re building the appropriate governance guardrails, and now we’re starting to see the consequences,” he told TechNewsWorld. “Most organizations still don’t have a complete inventory of where AI is running or what data it touches,” he continued. “We’re talking millions of unmanaged AI interactions and untold terabytes of potentially sensitive data flowing into systems that no one is monitoring. You don’t have to be a CISO to recognize the inherent risk in that.” “You’re ending up with AI everywhere and controls nowhere,” added Ryan McCurdy, vice president of marketing at Liquibase, a database-change automation company in Austin, Texas. “People are pasting customer data, snippets of code, and production context into assistants because it’s the fastest way to get work done,” he told TechNewsWorld. “At the same time, vendors are baking AI into tools you already use, so usage spreads without a formal security review.” “The risk is not theoretical,” he declared. “When you can’t inventory where AI is running and what it’s touching, you can’t enforce policy or investigate incidents with confidence.” Michael Bell, CEO of Suzu Testing, a provider of AI-powered cybersecurity services in Las Vegas, explained that every major SaaS vendor is embedding AI features into their products. “These features are often active by default, inherit existing permissions, and escape detection by legacy security filters,” he told TechNewsWorld. “Your employees aren’t choosing to use AI,” he said. “AI is just happening in the background of tools they already use. That’s a fundamentally different risk profile than shadow AI, because you can’t solve it by blocking ChatGPT at the firewall. The AI is already inside the applications you sanctioned.” Attacks Launched at Machine Speed Zscaler researchers also reported that enterprise AI systems are vulnerable at machine speed. They found that most enterprise AI systems could be compromised in just 16 minutes, with critical flaws uncovered in 100% of the systems they analyzed. While AI security discussions often focus on hypothetical future threats, the report noted, Zscaler’s red team testing revealed a more immediate reality: when enterprise AI systems are tested under real adversarial conditions, they break almost immediately. “AI systems are compromised quickly because they rely on multiple permissions working together, whether those permissions are granted via service accounts or inherited from user-level access,” explained Sunil Gottumukkala, CEO of Averlon, an AI-powered cloud security company in Redmond, Wash. “One identity account may access sensitive data, another may trigger automated actions, and a third may write to production systems,” he told TechNewsWorld. “Individually, those permissions often appear legitimate. Combined, they can create unintended attack chains to sensitive data or critical systems.” “Some companies still operate with a focus on employee IDs to distinguish proper authorization, but the number of non-human to human identities is currently 82:1, with less oversight exercised over what access and capabilities the AI model has,” explained Troy Leach, chief strategy officer at the Cloud Security Alliance, a not-for-profit organization dedicated to cloud best practices. “Additionally, the sprawling number of APIs and autonomy of AI agents to have or grant privileged tool access creates new ways to circumvent security controls,” he told TechNewsWorld. “The practice of permission rotation and revocation needs to advance to more dynamic efforts to keep pace with the innovation.” Most enterprises treat AI security as an extension of application security, but the attack surface is fundamentally different, added Brad Micklea, CEO and co-founder of Jozu, a Toronto-based developer of tools for securely packaging, deploying, governing, and managing AI models. “Models aren’t code,” he told TechNewsWorld. “They’re artifacts with embedded training data, weights, and dependencies that can be poisoned at any point in the supply chain. Traditional AppSec tools don’t inspect model internals because they weren’t designed to.” AI Gold Rush Spawns Shoddy Code Many companies are rushing to get in on the AI gold rush, so inexperienced development teams are using AI to push out poor-quality code that introduces bugs and security vulnerabilities, explained Eric Hulse, director of research at Command Zero, a cyber investigation automation company in Austin, Texas. “Company departments without formal security processes are shipping features with AI assistance but without proper vetting,” he told TechNewsWorld. “From a technical perspective, these systems are being deployed with the security posture of a prototype, not a production system.” “We’re seeing exposed model endpoints without proper authentication, prompt injection vulnerabilities, and insecure API integrations with excessive permissions,” he said. “Default configurations are being shipped straight to production. Ultimately, it’s a fresh new field, and everyone’s rushing to stake a claim, get their revenue up, and get to market fastest.” “In the haste to bring AI to market quickly, engineering and product teams often cut corners to meet aggressive launch timelines,” added Randolph Barr, CISO of Cequence Security, a global API security and bot management company. “When that happens, basic security controls get skipped, and those shortcuts make their way into production,” he told TechNewsWorld. “So, while organizations are absolutely starting to think about model protections, prompt injection, data leakage, and anomaly detection, those efforts mean little if you haven’t locked down identity, access, and configuration at a foundational level.” The report also noted that in 2025, enterprise data transfers to AI/ML applications surged to 18,033 terabytes — a 93% year-over-year increase and roughly equivalent to 3.6 billion digital photos. The scale of this risk is quantified by 410 million Data Loss Prevention (DLP) policy violations tied to ChatGPT alone, it added, including attempts to share Social Security numbers, source code, and medical records. These findings signal that AI governance has transitioned from a policy discussion to an immediate operational necessity, the report argued. It warned that as these repositories grow, they are becoming high-priority targets for cyber espionage. No Need to Panic The biggest takeaway from the report is that AI is already part of everyday work, and people are moving real business data through it — often without realizing the risk, noted Riaan Gouws, CTO of Forward Edge-AI, an artificial intelligence company focused on public safety, national security, and anti-fraud technologies in San Antonio, Texas. “Companies don’t need to panic, but they do need to catch up fast,” he told TechNewsWorld. “Decide what tools are allowed, put guardrails around sensitive data, and make sure security can actually see what’s being used.” “What the report ultimately highlights is not an AI problem, but an identity governance problem,” added Rosario Mastrogiacomo, chief strategy officer at Sphere Technology Solutions, a data governance software and services company in Hoboken, N.J. “Until enterprises recognize AI systems as identities that require discovery, ownership, behavioral oversight, and lifecycle management, we’ll continue to see impressive innovation paired with fragile security,” he told TechNewsWorld. “The organizations that get this right won’t slow down AI adoption. They’ll make it sustainable.” 6 29 43 93 John P. Mello Jr. has been an ECT News Network reporter since 2003. His areas of focus include cybersecurity, IT issues, privacy, e-commerce, social media, artificial intelligence, big data and consumer electronics. He has written and edited for numerous publications, including the Boston Business Journal, the Boston Phoenix, Megapixel.Net and Government Security News. Email John. Leave a Comment Please sign in to post or reply to a comment. New users create a free account. Related Stories Weaponized Python and Linux Malware Target Executives and Cloud Systems February 2, 2026 AI Dominates Cybersecurity Predictions for 2026 January 5, 2026 Alliance Calls for Cyber U to Stem Tide of Nation-State Attacks December 2, 2025 More by John P. Mello Jr. View All Microsoft Warns of Hackers Supercharging Cyberattacks With AI March 11, 2026 AI Glasses Shift Into Momentum Mode, Shipments Grow 322% in 2025 March 10, 2026 Aptera Reaches Milestone in Solar-Powered Vehicle Production March 4, 2026 Google Primes Chrome for a Post-Quantum World March 3, 2026 Data Centers in Space: Pi in the Sky or AI Hallucination? February 24, 2026 AI Washing Could Take Customers to Cleaners February 12, 2026 Pilot Wells Lay Groundwork for Hydrogen-Powered Energy Production February 4, 2026 Identity, Data Security Converging Into Trouble for Security Teams: Report January 28, 2026 OpenAI CFO Comments Signal End of AI Hype Cycle January 21, 2026 Hackers Going for Gold at Winter Olympics: Report January 20, 2026 More in Cybersecurity Account Recovery Becomes a Major Source of Workforce Identity Breaches March 12, 2026 Data in the Wild: 40% of Employee AI Use Involves Sensitive Info February 5, 2026 The Real Attack Surface Isn’t Code Anymore — It’s Business Users January 22, 2026 AI Dominates Cybersecurity Predictions for 2026 January 5, 2026 Alliance Calls for Cyber U to Stem Tide of Nation-State Attacks December 2, 2025 AI Browsers Provide Convenience at the Price of Security November 18, 2025 US Think Tank Waves Red Flag Over Chinese Economic Espionage November 11, 2025 Rising Identity Crime Losses Take a Growing Emotional Toll October 29, 2025 Scaling Identity Systems for the AI Age: Dynamic, Zero-Trust Access October 23, 2025 OpenAI’s Sora 2 Found To Generate False Claim Videos 80% of the Time October 21, 2025 How often do you use AI tools for product recommendations? Regularly Sometimes Rarely Never The Death of Page One: AI Storefronts Rewrite Retail Strategy Asynchronous Customer Support Is Breaking E-Commerce The Fraud Visibility Gap Created by Agentic Shopping Why One-Size-Fits-All ERP Fails Mid-Market Retailers CRM-Integrated Loyalty Closes the Inactivity Gap With AI Silent Churn Is the Biggest Customer Support Risk How AI Lets Brands Rehearse the Customer Experience Before Launch Workbooks Takes On CRM Giants With Plain-English AI How to Secure Cloud Storage on Linux With VeraCrypt Weaponized Python and Linux Malware Target Executives and Cloud Systems Over-Privileged AI Agents Are the Next Enterprise Blind Spot Linux: The Real Operating System Apple Accelerates Its Unified Silicon Strategy AI Glasses Shift Into Momentum Mode, Shipments Grow 322% in 2025 The Silicon Battlefield: Autonomous Weapons and the Next Era of Warfare Aptera Reaches Milestone in Solar-Powered Vehicle Production TECHNEWSWORLD CHANNELS MOBILE APPS Meta Positioning WhatsApp To Be a Super App OPERATING SYSTEMS Linux: The Real Operating System PRIVACY The Real Attack Surface Isn’t Code Anymore — It’s Business Users REVIEWS Galaxy XR Is Impressive. The Problem Is Nobody Needs It (Yet) ROBOTICS An AI Survival Guide for Curating Your Digital Inner Circle SCIENCE Data Centers in Space: Pi in the Sky or AI Hallucination? SEARCH TECH Favored Google Search Results Can Cost Consumers Cash SERVERS Assessing AMD’s 2025 Momentum and Its CES 2026 Reveals SMARTPHONES Apple’s High-Stakes Gemini Bet May End in a Messy Split SOCIAL NETWORKING Australia Bans Social Media Accounts for Minors SPACE Meta Llama 2025: The Open-Source AI Tsunami SPOTLIGHT FEATURES Why Distinguishing Trade Secrets From Public Knowledge Matters TABLETS WWDC: Apple Unifies Operating Systems, Makes iPad More PC TECH BUZZ Rob Enderle’s 2025 Tech Product of the Year TECH LAW US Think Tank Waves Red Flag Over Chinese Economic Espionage TRANSPORTATION The Volvo EX60 Signals the End of the Plug-In Hybrid VIRTUAL REALITY Forrester’s Keys To Taming ‘Jekyll and Hyde’ Disruptive Tech WEARABLE TECH 4 AI-Driven Outcomes Could Define the Future of Humanity WOMEN IN TECH Crashing the Boys’ Club: Women Entering Cybersecurity Through Non-Traditional Paths APPLICATIONS How to Harden Firefox for Better Security on Linux AUDIO/VIDEO Is Creator Studio Apple’s Trojan Horse Into Adobe’s Market? CHIPS Synaptics Has the Platforms. Now It Needs a Modern Megaphone COMPUTING HP Renaissance: Navigating Memory Storms and the AI Horizon CYBERSECURITY Data in the Wild: 40% of Employee AI Use Involves Sensitive Info DATA MANAGEMENT Quenching Data Center Thirst for Power Now Is Solvable Problem DEVELOPERS Percona’s Fast-Impact Database Services Aim to Speed AI Readiness EMERGING TECH Private 5G Seen as Fix for Warehouse Robot Connectivity EXCLUSIVES Database Admins See Brighter Job Prospects Amid IT Challenges GAMING Dell’s Strategic Reset and Intentional Return to the XPS Brand HACKING Hackers Going for Gold at Winter Olympics: Report HARDWARE Jeff Clarke’s Mission to Save Dell PCs HEALTH Experity AI Care Agent Helps Cut Admin Workload in Urgent Care HOME TECH Amazon Brings Alexa+ to the Web as AI Competition Heats Up HOW TO AI-Powered Ways To Save on Christmas in a Post-Shutdown Season INTERNET OF THINGS Calix in 2026: A Quiet AI Power Play for Smaller Broadband Providers IT LEADERSHIP AI Washing Could Take Customers to Cleaners MALWARE Weaponized Python and Linux Malware Target Executives and Cloud Systems MOBILE APPS Meta Positioning WhatsApp To Be a Super App OPERATING SYSTEMS Linux: The Real Operating System PRIVACY The Real Attack Surface Isn’t Code Anymore — It’s Business Users REVIEWS Galaxy XR Is Impressive. The Problem Is Nobody Needs It (Yet) ROBOTICS An AI Survival Guide for Curating Your Digital Inner Circle SCIENCE Data Centers in Space: Pi in the Sky or AI Hallucination? SEARCH TECH Favored Google Search Results Can Cost Consumers Cash SERVERS Assessing AMD’s 2025 Momentum and Its CES 2026 Reveals SMARTPHONES Apple’s High-Stakes Gemini Bet May End in a Messy Split SOCIAL NETWORKING Australia Bans Social Media Accounts for Minors SPACE Meta Llama 2025: The Open-Source AI Tsunami SPOTLIGHT FEATURES Why Distinguishing Trade Secrets From Public Knowledge Matters TABLETS WWDC: Apple Unifies Operating Systems, Makes iPad More PC TECH BUZZ Rob Enderle’s 2025 Tech Product of the Year TECH LAW US Think Tank Waves Red Flag Over Chinese Economic Espionage TRANSPORTATION The Volvo EX60 Signals the End of the Plug-In Hybrid VIRTUAL REALITY Forrester’s Keys To Taming ‘Jekyll and Hyde’ Disruptive Tech WEARABLE TECH 4 AI-Driven Outcomes Could Define the Future of Humanity WOMEN IN TECH Crashing the Boys’ Club: Women Entering Cybersecurity Through Non-Traditional Paths APPLICATIONS How to Harden Firefox for Better Security on Linux AUDIO/VIDEO Is Creator Studio Apple’s Trojan Horse Into Adobe’s Market? CHIPS Synaptics Has the Platforms. Now It Needs a Modern Megaphone COMPUTING HP Renaissance: Navigating Memory Storms and the AI Horizon CYBERSECURITY Data in the Wild: 40% of Employee AI Use Involves Sensitive Info DATA MANAGEMENT Quenching Data Center Thirst for Power Now Is Solvable Problem DEVELOPERS Percona’s Fast-Impact Database Services Aim to Speed AI Readiness EMERGING TECH Private 5G Seen as Fix for Warehouse Robot Connectivity EXCLUSIVES Database Admins See Brighter Job Prospects Amid IT Challenges GAMING Dell’s Strategic Reset and Intentional Return to the XPS Brand HACKING Hackers Going for Gold at Winter Olympics: Report HARDWARE Jeff Clarke’s Mission to Save Dell PCs HEALTH Experity AI Care Agent Helps Cut Admin Workload in Urgent Care HOME TECH Amazon Brings Alexa+ to the Web as AI Competition Heats Up HOW TO AI-Powered Ways To Save on Christmas in a Post-Shutdown Season INTERNET OF THINGS Calix in 2026: A Quiet AI Power Play for Smaller Broadband Providers IT LEADERSHIP AI Washing Could Take Customers to Cleaners MALWARE Weaponized Python and Linux Malware Target Executives and Cloud Systems MOBILE APPS Meta Positioning WhatsApp To Be a Super App More from ECT News Network E-Commerce Times Private 5G Seen as Fix for Warehouse Robot Connectivity March 16, 2026 The End of 'Spray and Pray' Email Marketing March 9, 2026 ReflexAI Helps Sales Leaders Bridge the 70% Execution Gap February 23, 2026 LinuxInsider Oracle Declines Community Proposal for Neutral MySQL Foundation March 16, 2026 How to Harden Firefox for Better Security on Linux March 6, 2026 Open-Source Vulnerabilities Double as AI Coding Grows February 25, 2026 CRM Buyer AI Is Forcing Companies to Rethink Employee Experience March 12, 2026 CIQ Collapses the Gap Between AI Training and CRM March 2, 2026 Visual API: The Next Great CRM Asset Is Automated Imagery February 17, 2026 ×