AI-Driven Threats and Security Risks in Enterprise Environments
The rapid integration of artificial intelligence into enterprise environments is fundamentally reshaping the cybersecurity landscape, introducing new risks and operational challenges. Analyst firm Gartner has advised organizations to block the use of AI-powered browsers, such as Perplexity’s Comet and OpenAI’s ChatGPT Atlas, due to concerns that default settings prioritize user experience over security, potentially exposing sensitive data to cloud-based AI backends. Cloudflare has reported blocking over 416 billion AI bot scraping requests in five months, highlighting the scale at which AI-driven automation is targeting web content and raising concerns about the sustainability of current internet business models. Meanwhile, security leaders are increasing budgets and focusing on cloud and data security, but many still feel unprepared to address the evolving threat landscape, as AI accelerates both attack and defense capabilities.
Industry reports and expert commentary emphasize that attackers are leveraging AI and automation to industrialize cybercrime, enabling faster, more scalable, and more sophisticated attacks. The Fortinet Cyberthreat Predictions Report for 2026 notes that AI-powered agents are automating key stages of the attack chain, from credential theft to lateral movement and data monetization, while the proliferation of non-human identities (machine-to-machine interactions) is becoming a critical security concern. As organizations face mounting pressure to defend at machine speed, the need for robust identity management, automated threat intelligence, and board-level prioritization of cyber resilience is more urgent than ever, especially for critical infrastructure sectors where the consequences of a breach can be catastrophic.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
5 events from the most recent confirmed update back to the earliest known activity.
Wiz benchmark study finds rising security spend is not reducing risk
Wiz published a benchmark study showing that many CISOs are increasing cybersecurity budgets but still do not feel safer as cloud adoption, AI risk, and tool sprawl complicate defense. The study identified automation, visibility, and better tool integration as top priorities for the coming year.
Fortinet publishes 2026 cyberthreat predictions report
FortiGuard Labs released Fortinet’s 2026 Cyberthreat Predictions Report, warning that AI, automation, and specialized criminal supply chains are accelerating cybercrime and shrinking time from breach to impact to minutes. The report called for machine-speed defense and stronger management of non-human identities.
Gartner recommends organizations block agentic AI browsers
Gartner warned that AI-enabled browsers such as Perplexity Comet and OpenAI ChatGPT Atlas create significant security risks, including data exposure, credential loss, and harmful autonomous actions. It advised most organizations to block these browsers unless they complete strong risk assessments and apply mitigations.
Cloudflare says it blocked 416 billion AI bot requests in five months
By December 2025, Cloudflare CEO Matthew Prince said the company had fended off more than 416 billion AI bot scrape requests since the July rollout of its default blocking policy. He framed the volume as evidence of a major shift in the internet’s business model driven by AI scraping.
Cloudflare launches default AI crawler blocking initiative
In July 2025, Cloudflare implemented its Content Independence Day initiative, blocking AI crawlers by default unless they pay for access. The move was aimed at limiting large-scale AI scraping of website content and changing how publishers control access to their data.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
5 references tracked. Mallory keeps watching after this page renders.
Block all AI browsers for the foreseeable future: Gartner
go.theregister.com
Open source“비인간 아이덴티티, 보안 모델의 새로운 핵심 축” 포티넷, 2026 사이버 위협 전망 보고서
cio.com
Open sourceCISOs are spending big and still losing ground
helpnetsecurity.com
Open sourceCyber Resilience and AI Risk: Safeguarding Critical Infrastructure in a New Threat Landscape
securitysenses.com
Open sourceCloudflare says it has fended off 416 billion AI bot scrape requests in five months — CEO warns of dramatic shift for internet business model
tomshardware.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Emerging Security Risks from AI Integration in Enterprise Environments
Security leaders and experts are warning that the rapid adoption of AI technologies in enterprise environments is introducing new and significant cybersecurity risks. While some industry voices downplay the threat of AI-driven attacks as marketing hype, most threat intelligence professionals and practitioners report that adversaries are already leveraging AI to enhance malware, automate social engineering, and bypass traditional defenses. Research highlights that AI agents, when given autonomy to perform tasks, can be manipulated to break established guardrails, and that model size does not necessarily correlate with resistance to such attacks. In industrial settings, organizations like Siemens are adapting their threat models and operational strategies to address the unique risks posed by AI-driven threats, emphasizing the need for adaptive defenses, cross-team collaboration, and the integration of AI-specific security practices. Analysts are also raising alarms about the use of AI-powered browsers, such as ChatGPT Atlas and Perplexity Comet, which can lead to untraceable data loss and expose sensitive enterprise information through prompt injection vulnerabilities and uncontrolled data flows to the cloud. Security agencies and experts stress the importance of adopting secure-by-design principles when integrating AI features into modern applications, advocating for rigorous threat modeling, least privilege, and continuous monitoring to mitigate the heightened risks associated with automated decision-making systems. As AI becomes a core component of business operations, organizations are urged to proactively address these evolving threats to safeguard their data and critical infrastructure.
Mar 21, 2026
AI-Powered Threats and Security Gaps in the Modern Cybersecurity Landscape
Organizations are facing a surge in cyberattacks driven by the rapid adoption of artificial intelligence (AI) and machine learning technologies, with threat actors leveraging these tools to amplify risks across mobile devices, APIs, and cloud environments. Reports highlight that 85% of organizations have experienced an increase in mobile device attacks, with AI-assisted threats such as SMS-phishing and deepfakes becoming more prevalent, while only a minority have dedicated defenses in place. The integration of generative AI and large language models (LLMs) into business applications has led to a proliferation of APIs, introducing new attack vectors like prompt injection and data exfiltration that traditional security tools struggle to detect. Vulnerabilities in widely used AI platforms, such as ChatGPT, have exposed millions of users to risks including data leakage and privacy breaches, underscoring the challenges of securing AI-driven systems. Despite significant investments in security tools and automation, human behavior remains a leading cause of data loss, with insider risks, misdirected emails, and credential theft persisting as major concerns. The complexity of managing sprawling data across cloud and SaaS platforms further complicates efforts to secure sensitive information. Security leaders are increasingly aware that AI is a double-edged sword—while it offers enhanced efficiency and predictive capabilities, it also empowers adversaries with sophisticated attack methods. The lack of comprehensive AI security policies and the difficulty in aligning AI strategies with business goals have left many organizations unprepared to address the evolving threat landscape, making the need for robust, adaptive security frameworks more urgent than ever.
Mar 21, 2026
AI-Driven Cybersecurity Risks and Strategies for Enterprise Defense
Artificial intelligence is rapidly transforming both the threat landscape and defensive strategies in cybersecurity, prompting CISOs and security leaders to rethink their approaches. A global study by Gigamon found that 86% of CISOs now view metadata and packet-level data as essential for detecting threats in complex hybrid cloud environments, but 97% admit to making trade-offs that leave visibility gaps. The rise of AI-driven attacks is fueling demand for real-time visibility and observability tools, with 75% of CISOs regarding public cloud as their highest security risk and 73% considering moving workloads back to private clouds. Security teams are investing heavily in AI-specific security tools, with 73% of companies spending over $1 million annually, yet 70% cite the rapid pace of AI development as their top concern. Recent high-profile breaches, such as those at LexisNexis Risk Solutions and McLaren Health Care, illustrate the increasing scale and sophistication of attacks, often amplified by AI. AI is accelerating the reconnaissance phase of attacks, enabling adversaries to map environments and identify vulnerabilities with unprecedented speed and precision, though human direction remains necessary for effective exploitation. The proliferation of AI-generated code, including through practices like 'vibe coding,' introduces new risks as less experienced developers may overlook security fundamentals, leading to insecure applications. Agentic AI systems, which act autonomously or on behalf of users, present urgent challenges in authentication, authorization, and identity management, with experts calling for scalable frameworks and robust credentials to prevent security lapses. CISOs are urged to build security into the design phase of software development, leveraging platform-native controls and enforcing policies like Row Level Security to minimize risk. The integration of AI into security operations is seen as both an opportunity and a challenge, requiring adaptive access solutions, post-quantum cryptography, and continuous monitoring. As AI reshapes digital transformation, organizations must balance the benefits of rapid innovation with the imperative to secure their environments against increasingly sophisticated, AI-powered threats. The consensus among experts is that security must evolve in tandem with AI capabilities, emphasizing proactive risk management, cryptographic agility, and a culture of security awareness across all levels of the organization.
Mar 21, 2026