Research: Conventional Cybersecurity Won’t Protect Your AI - Harvard Business Review

Cybersecurity And Digital Privacy Research: Conventional Cybersecurity Won’t Protect Your AI by Hugo Huang January 9, 2026 Osaka Wayne Studios Creative/Getty Images Summary.    As AI embeds itself into every corner of business, most executives continue to underestimate the distinct security risks these systems pose. Legacy defenses, designed for rule-based software, cannot safeguard gen AI systems that learn and adapt from data....more Post Post Share Save Get PDF Buy Copies Print In June 2025, researchers uncovered a vulnerability that exposed sensitive Microsoft 365 Copilot data without any user interaction. Unlike conventional breaches that hinge on phishing or user error, this exploit, now known as EchoLeak, bypassed human behavior entirely, silently extracting confidential information by manipulating how Copilot interacts with user data. The incident highlights a sobering reality: Today’s security models, which are designed for predictable software systems and application-layer defenses, are ill-equipped to handle the dynamic, interconnected nature of AI infrastructure. Post Post Share Save Get PDF Buy Copies Print