Enterprise Security Challenges and Frameworks for AI Adoption
The rapid integration of AI technologies into enterprise environments is introducing new security challenges that traditional controls are not equipped to handle. Organizations are grappling with how to secure AI models, data, and autonomous agents, as well as how to operationalize AI security across the entire lifecycle. Security leaders emphasize the need for clear frameworks that address the unique risks posed by AI, including misconfigurations, configuration drift, and the importance of focusing on outcomes rather than simply adding more tools or dashboards. Efficiency, automation, and prioritization are highlighted as critical factors in reducing real risk, with a shift from compliance-driven approaches to measurable security outcomes.
Industry experts stress that many organizations are "over-tooled but under-protected," with operational blind spots and unused controls creating exposure long before sophisticated attacks occur. The conversation around AI in security is moving beyond tool acquisition to ensuring that existing capabilities are properly configured and operationalized. This evolving landscape requires security teams to rethink governance, data protection, and the deployment of AI-enabled solutions, with a focus on practical frameworks and exposure management to address the complexities of modern enterprise environments.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
2 events from the most recent confirmed update back to the earliest known activity.
Darktrace publishes enterprise AI security framework
Darktrace published a practical framework for securing enterprise AI across models, data, and agents, warning that AI adoption is outpacing governance and security controls. The framework outlined risks including prompt injection, unauthorized agent actions, insecure development pipelines, supply-chain opacity, and weak AI-specific incident readiness.
Experts highlight security gaps from misconfigured and underused tools
In a discussion published by SecuritySenses, Reach Security CEO Garrett Hamilton and M12's Todd Graham said many organizations remain over-tooled but under-protected because of misconfigurations, unused controls, and operational blind spots. They argued that security teams should focus on operationalizing existing tools, measurable outcomes, and AI-driven efficiency rather than relying on dashboards or compliance alone.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Enterprise Security Challenges and Risks from AI Adoption
The rapid integration of artificial intelligence into enterprise operations is fundamentally altering the cybersecurity landscape. AI is now embedded in core business workflows, infrastructure, and decision-making processes, expanding the attack surface and introducing new exposure points in data, models, applications, and infrastructure. Security leaders are grappling with governance gaps, especially as agentic AI systems move from pilot to production, and are seeking new standards and controls to manage the risks of autonomous agents and application-to-application access. The need for robust data governance, updated identity and access management, and resilient infrastructure is driving a major IT transformation, with increased spending and a focus on AI-enabled security solutions. Industry experts and CISOs emphasize the importance of adapting security strategies to address the unique challenges posed by AI, including the concentration of sensitive data, the risk of model manipulation, and the complexity of AI-driven environments. Security vendors and analysts highlight the inadequacy of traditional security practices in the face of AI-driven threats, calling for the elimination of outdated controls and the adoption of new standards such as those proposed by Okta for managing OAuth permissions for AI agents. The evolving role of the CISO, the rise of zero trust as a business necessity, and the persistent importance of the human element in defense are recurring themes. Predictions for 2026 underscore the urgency for enterprises to refresh IT infrastructure, strengthen data governance, and prepare for a future where AI agents operate autonomously across interconnected systems, requiring continuous adaptation of security policies and controls to mitigate emerging risks.
Mar 21, 2026
Challenges in Securing Rapid Adoption of AI and AI Agents in Enterprise Environments
Organizations are rapidly integrating generative and agentic artificial intelligence into their cybersecurity and IT operations, with a particular focus on identity and access management (IAM) and security operations centers (SOC). While AI offers significant potential for proactive threat detection, adaptive authentication, and streamlined investigations through natural language interfaces, most enterprises are struggling to keep pace with the security, governance, and operational challenges that accompany this technological shift. Surveys indicate that the speed of AI adoption is outstripping the development of adequate security controls, governance frameworks, and incident response playbooks, leaving many organizations exposed to new and evolving AI-driven threats. Security leaders and practitioners report that building production-ready AI agents for security operations requires far more engineering rigor than prototyping or demos, with challenges such as context management, reliability, and multi-user execution. Despite the promise of AI as a productivity multiplier, nearly two-thirds of IT and business leaders acknowledge that their organizations are deploying AI faster than they can fully understand or secure it, and about half have already encountered vulnerabilities in their AI systems. The lack of mature governance and security practices around AI adoption is a growing concern, especially as the technology becomes more deeply embedded in critical enterprise workflows.
Mar 21, 2026
Emerging Security Threats and Defenses for Enterprise AI Systems
Enterprise adoption of AI systems is accelerating, but this rapid integration has exposed organizations to a new spectrum of cyber threats. Security experts warn that attacks such as data poisoning, prompt injection, adversarial inputs, and model theft are moving from theoretical risks to real-world incidents, with many organizations unprepared to detect or mitigate these threats. Microsoft and other industry leaders are developing frameworks and governance models to address vulnerabilities in agentic AI, including autonomous agents that can act without human oversight, making them susceptible to manipulation and misuse. Researchers are also proposing novel defensive techniques, such as automated data poisoning, to protect proprietary AI data from theft, ensuring that stolen knowledge graphs become unusable to attackers while remaining accessible to authorized users. The evolving threat landscape has prompted a shift in boardroom priorities, with directors demanding that CIOs demonstrate not just AI adoption but robust governance and security controls over these systems. Security frameworks like the OWASP Top 10 for Agentic AI, multi-layered testing approaches, and enterprise governance models are being implemented to manage risks associated with autonomous AI workflows. As organizations continue to leverage AI for competitive advantage, the focus is increasingly on balancing innovation with the imperative to secure AI infrastructure against sophisticated and emerging cyber threats.
Mar 21, 2026