"Shortly after access was terminated, we began receiving extortion demands. The criminals threatened to distribute materials from both the February 2025 incident and the recent incident to media outlets and on social media if we did not comply. We will not pay these criminals," Percoco stated.
"World Cloud Security Day is a useful reminder to recognize how much cloud risk now comes down to everyday access decisions and overlooked misconfigurations," says James Maude, Field CTO at BeyondTrust.
Unverified and low quality data generated by artificial intelligence (AI) models - often known as AI slop - is forcing more security leaders to look to zero-trust models for data governance, with 50% of organisations likely to start adopting such policies by 2028, according to Gartner's seers. Currently, large language models (LLMs) are typically trained on data scraped - with or without permission - from the world wide web and other sources including books, research papers, and code repositories.
Only 22 percent of organizations treat AI agents as independent, identity-bearing entities, while 88 percent have already dealt with suspected or confirmed security incidents involving AI agents. Ninety percent of AI usage occurs through unauthorized personal accounts, with an average of 223 shadow AI incidents per month.
Zero trust is not a thing; it is an idea. It is not a product; it is a concept - it is a destination that has no precise route and may never be reached. But it is described very succinctly: trust nothing until the trust is justified. Justification starts with verifying every subject's identity and authority. This is the single constant in all zero trust journeys: they start with the subject's identity. Zero trust's reliance on identity, and identity's reliance on AI Two questions. Can you have zero trust without effective identity verification? No. Can you have effective identity verification in the age of AI? Maybe, and maybe not.
