"AI tools are spreading through the enterprise ecosystem at an astonishing pace. According to McKinsey, AI adoption shot up between 2017, when 20% of businesses regularly used AI for at least one business function, and 2025 when 88% said the same. AI delivers on many benefits, ranging from increased efficiency and saved time to fewer errors and improved revenue. Unfortunately, it brings a number of risks as well. AI fundamentally expands the enterprise attack surface."
"A BCG survey found that 60% of organizations have experienced an AI-powered cyberattack in the past year. And new research that my company recently published indicates that security teams aren't keeping ahead of AI dangers. Our 2026 report found that 66% of CISOs are using GRC tools which aren't fit for the AI-permeated supply chain, as they aren't designed for ongoing oversight into Nth-party risk exposure."
"Most CISOs have extensive systems of solutions, policies, and procedures for managing SaaS providers and software supply chain partners. All too often, however, they copy and paste these for AI vendors and tools. Data that's fed into AI tools has the potential to be exposed to a much wider audience. Many large language models (LLMs) retain prompt data and use it for ongoing model training. Unlike on-prem tools and most SaaS solutions, once the data is entered into an"
AI adoption in enterprises surged from 20% in 2017 to 88% in 2025, delivering efficiencies, time savings, fewer errors, and revenue gains. AI also expands the enterprise attack surface: every model, prompt, plugin, API, training dataset, and dependency can become a compromise point. Sixty percent of organizations reported AI-powered cyberattacks in the past year. Many security teams use GRC tools not designed for continuous oversight of AI-permeated supply chains, and only 22% of CISOs have tailored AI vendor onboarding. Large language models often retain prompts and reuse data for training, increasing exposure risk. Governance models require redesign for continuous AI-focused oversight.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]