AI in Cybersecurity

𝗔𝗜 𝗔𝗴𝗲𝗻𝘁𝘀 𝗮𝗿𝗲 𝘀𝗰𝗮𝗹𝗶𝗻𝗴 𝗳𝗮𝘀𝘁 — 𝗕𝘂𝘁 𝘄𝗶𝘁𝗵𝗼𝘂𝘁 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆, 𝘁𝗵𝗲𝘆’𝗿𝗲 𝗮 𝗠𝗔𝗦𝗦𝗜𝗩𝗘 𝗿𝗶𝘀𝗸! There’s a lot of buzz about how soon we’ll have millions or even billions of AI agents on the internet, reshaping businesses. If this becomes reality, a holistic security approach will become absolutely crucial. Below you can find an insightful breakdown from Accenture's Tech Vision 2025 on security considerations and best practices: This model highlights how enterprises must secure AI agents at every stage — from model development to human-agent interactions — ensuring resilience, governance and compliance. Let's break it down: 𝗦𝗲𝗰𝘂𝗿𝗶𝗻𝗴 𝗔𝗜 𝗔𝗴𝗲𝗻𝘁𝘀 𝗿𝗲𝗾𝘂𝗶𝗿𝗲𝘀 𝗳𝗼𝗰𝘂𝘀 𝗼𝗻 𝗳𝗼𝘂𝗿 𝗸𝗲𝘆 𝗮𝗿𝗲𝗮𝘀: - Secured Identity & Access Management - Secured Workflow   - Secured AI Runtime   - Human in the Loop 𝗧𝗼𝗽 5 𝗯𝗲𝘀𝘁 𝗽𝗿𝗮𝗰𝘁𝗶𝗰𝗲𝘀 𝗳𝗼𝗿 𝗔𝗜 𝗔𝗴𝗲𝗻𝘁 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆: 1. Zero Trust Security Model – Assume no implicit trust and verify every request as if it originates from an open network. This includes identity, device, and contextual verification.  2. Context-Aware Access – Dynamically adjust permissions based on real-time factors like location, device status and user behavior, reducing the attack surface.  3. Ephemeral Access – Use just-in-time permissions so AI agents only have access for the duration of their tasks, minimizing unauthorized access.  4. Lifecycle Management – Oversee the full lifecycle of AI agents: creation, modification, and de-provisioning, while continuously updating access controls.  5. Credential Management – Automate the rotation of credentials, keys, and certificates to reduce risk and eliminate human error.  You can find the full study here: https://lnkd.in/dP4RevKw

The National Institute of Standards and Technology (NIST) has released a draft of its “Cybersecurity Framework Profile for Artificial Intelligence” (open for public comment until Jan 30, 2026) to help organizations think about how to strategically adopt AI while addressing emerging cybersecurity risks that stem from AI’s rapid advance. Building on the #NIST Cybersecurity Framework 2.0, the Cyber AI Profile translates well-established risk management concepts into AI-specific cybersecurity considerations, offering a practical reference point as organizations integrate AI into critical systems and confront AI-enabled threats. The Cyber AI Profile centers on three focus areas: • Securing AI systems: identifying cybersecurity challenges when integrating AI into organizational ecosystems and infrastructure. • Conducting AI-enabled cyber defense: identifying opportunities to use AI to enhance cybersecurity, and understanding challenges when leveraging AI to support defensive operations. • Thwarting AI-enabled cyberattacks: building resilience to protect against new AI-enabled threats. The Profile complements existing NIST frameworks (CSF, AI RMF, RMF) by prioritizing AI-specific cybersecurity outcomes rather than creating a standalone regime.

AI is not failing because of bad ideas; it’s "failing" at enterprise scale because of two big gaps: 👉 Workforce Preparation 👉 Data Security for AI While I speak globally on both topics in depth, today I want to educate us on what it takes to secure data for AI—because 70–82% of AI projects pause or get cancelled at POC/MVP stage (source: #Gartner, #MIT). Why? One of the biggest reasons is a lack of readiness at the data layer. So let’s make it simple - there are 7 phases to securing data for AI—and each phase has direct business risk if ignored. 🔹 Phase 1: Data Sourcing Security - Validating the origin, ownership, and licensing rights of all ingested data. Why It Matters: You can’t build scalable AI with data you don’t own or can’t trace. 🔹 Phase 2: Data Infrastructure Security - Ensuring data warehouses, lakes, and pipelines that support your AI models are hardened and access-controlled. Why It Matters: Unsecured data environments are easy targets for bad actors making you exposed to data breaches, IP theft, and model poisoning. 🔹 Phase 3: Data In-Transit Security - Protecting data as it moves across internal or external systems, especially between cloud, APIs, and vendors. Why It Matters: Intercepted training data = compromised models. Think of it as shipping cash across town in an armored truck—or on a bicycle—your choice. 🔹 Phase 4: API Security for Foundational Models - Safeguarding the APIs you use to connect with LLMs and third-party GenAI platforms (OpenAI, Anthropic, etc.). Why It Matters: Unmonitored API calls can leak sensitive data into public models or expose internal IP. This isn’t just tech debt. It’s reputational and regulatory risk. 🔹 Phase 5: Foundational Model Protection - Defending your proprietary models and fine-tunes from external inference, theft, or malicious querying. Why It Matters: Prompt injection attacks are real. And your enterprise-trained model? It’s a business asset. You lock your office at night—do the same with your models. 🔹 Phase 6: Incident Response for AI Data Breaches - Having predefined protocols for breaches, hallucinations, or AI-generated harm—who’s notified, who investigates, how damage is mitigated. Why It Matters: AI-related incidents are happening. Legal needs response plans. Cyber needs escalation tiers. 🔹 Phase 7: CI/CD for Models (with Security Hooks) - Continuous integration and delivery pipelines for models, embedded with testing, governance, and version-control protocols. Why It Matter: Shipping models like software means risk comes faster—and so must detection. Governance must be baked into every deployment sprint. Want your AI strategy to succeed past MVP? Focus and lock down the data. #AI #DataSecurity #AILeadership #Cybersecurity #FutureOfWork #ResponsibleAI #SolRashidi #Data #Leadership

Today, NIST released the initial preliminary draft of the Cybersecurity Framework Profile for Artificial Intelligence (Cyber AI Profile), a community profile built on NIST CSF 2.0 to help organizations manage cybersecurity risk in an AI-driven world. A key section of this draft is Section 2.1, which introduces three Focus Areas that explain how AI and cybersecurity intersect in practice: 1. Securing AI System Components (Secure) AI systems introduce new assets that must be secured; models, training data, prompts, agents, pipelines, and deployment environments. This focus area emphasizes treating AI components as first-class cybersecurity assets, integrating them into governance, risk assessments, protection controls, and monitoring processes. It reinforces that AI risk should not be siloed from enterprise cybersecurity risk management. 2. Conducting AI-Enabled Cyber Defense (Defend) AI is not just something to protect, it is also a powerful defensive capability. This area focuses on using AI to enhance detection, analytics, automation, and response across security operations. At the same time, it recognizes the risks of over-reliance on automation, model integrity concerns, and the need for human oversight when AI supports security decision-making. 3. Thwarting AI-Enabled Cyber Attacks (Thwart) Adversaries are increasingly using AI to scale phishing, evade detection, and automate attacks. This focus area addresses how organizations must anticipate and counter AI-enabled threats by building resilience, improving detection of AI-driven attack patterns, and preparing for a rapidly evolving threat landscape where AI is weaponized. Why This Matters Together, Secure, Defend, and Thwart provide a practical structure for aligning AI initiatives with existing cybersecurity programs. By mapping AI-specific considerations to CSF 2.0 outcomes (Govern, Identify, Protect, Detect, Respond, Recover), the Cyber AI Profile helps organizations integrate AI security into familiar risk management practices. This is a preliminary draft, and NIST is seeking public feedback through January 30, 2026. If your organization is building, deploying, or defending with AI, now is the time to review and contribute. 🔗 https://lnkd.in/e-ETZXH8

Leveraging this new OpenAI real time translator to phish via phone calls in the target’s preferred language in 3…2… So far, AI has been used for believable translations in phishing emails — E.g. my Icelandic customers are seeing a massive increase in phishing in their language in 2024. Before only 350,000 or so people comfortably spoke Icelandic correctly, now AI can do it for the attacker. We’re going to see this real time translation tool increasingly used to speak in the target’s preferred language during phone call based attacks. These tools are easily integrated into the technology we use to spoof caller ID, place calls, and voice clone. Now, in any language. Educate your team & family + friends. Make sure folks know: - AI can voice clone - AI can real time translate to speak in any language - Caller ID is easily spoofed with or without AI tools - AI tools will increase in believability Example AI voice clone/spoof example here: https://lnkd.in/gPMVDBYC Will this AI be used for good? Sure! Real time translations are quite useful for people, businesses, & travel. We still need to educate folks on how AI is currently use to phish people & how real time AI translations will increase scams across (previous) language barriers. *What can we do to protect folks from attackers using AI to trick?* - Educate first: make sure folks around you know it’s possible for attackers to use AI to voice clone, deepfake video and audio (in real time during calls) - Be politely paranoid: encourage your team and community to use 2 methods of communication to verify someone is who they say they are for sensitive actions like sending money, data, access, etc. For example, if you get a phone call from your nephew saying he needs bail money now, contact him a different way before sending money to confirm it’s an authentic request - Passphrase: consider using a passphrase with your loved ones to verify identity in emergencies (e.g. your sister calls you crying saying she needs $1,500 urgently ask her to say the passphrase you agreed upon together or contact with another communication method before sending money)

AI is changing the economics and speed of cyberattacks. What once took threat actors days or weeks can now happen in minutes: automated reconnaissance, AI-assisted exploit development, credential targeting, lateral movement, and highly personalized phishing at scale. This is why Palo Alto Networks believes so strongly in the concept of autonomous resilience. The traditional model of security operations: fragmented tools, manual escalation paths, and human-speed response cycles - was not designed for machine-speed threats. Autonomous resilience means building security architectures that can continuously reduce exposure, validate trust, and contain threats in real time. What does that look like in practice? 🔸 Minimize attack surface Continuously identify and remediate exposed assets, misconfigurations, vulnerable APIs, and unmanaged cloud resources before attackers can weaponize them. For example, AI-driven exposure management can detect an internet-facing development environment created outside policy and trigger automated remediation immediately. 🔸 Secure every identity Trust must extend beyond employees to machine identities, workloads, APIs, and AI agents. This means enforcing least privilege, adaptive access controls, and continuous identity validation to stop credential misuse and token theft before attackers gain persistence. 🔸 Defend the software supply chain AI-assisted attacks increasingly target CI/CD pipelines, open-source dependencies, and code repositories. Organizations need runtime protections, code integrity validation, and automated policy enforcement to prevent manipulated code from reaching production environments. 🔸 Constrain blast radius Zero Trust architectures become even more critical in an AI-driven threat landscape. Microsegmentation, continuous inspection, and behavioral analytics help prevent attackers from moving laterally across environments once initial access is achieved. 🔸 Detect and respond in real time Security teams cannot rely on analysts manually correlating thousands of alerts. AI-driven SOC operations can automatically prioritize incidents, enrich telemetry, isolate compromised assets, and initiate containment workflows within minutes — dramatically reducing operational fatigue and response time. The outcome is not “fully autonomous security.” The outcome is resilient organizations that can adapt, contain, and recover faster in an increasingly automated threat environment. Cybersecurity is evolving from reactive defense into continuous operational resilience. The organizations preparing for that shift now will be far better positioned for what comes next.

The AI cybersecurity race is here. Today, the Google Threat Intelligence Group released our latest AI Threat Tracker. Here’s the reality: adversaries are deploying highly coordinated, AI-augmented operations at scale. To build a resilient enterprise, security leaders recognize that protecting the AI pipeline is what ultimately unlocks the confidence to scale it. Here are three findings from this latest intelligence: - First AI-developed zero-day: We identified a zero-day exploit (a 2FA bypass) where the adversary likely used an AI model to assist in discovering and weaponizing the vulnerability. The script contained clear indicators of AI generation, including a hallucinated CVSS security score. Our discovery likely prevented its use in a planned mass exploitation event. - Autonomous malware: We're tracking PROMPTSPY, a new Android backdoor designed to autonomously navigate a victim’s device UI and actively block uninstallation attempts. - AI supply chain attacks: Adversaries are increasingly targeting AI software dependencies, such as LiteLLM, to compromise build environments and extract cloud credentials. In this landscape, manual defense fails. When adversaries use automation, defense must move at machine speed. At Google, we are tipping the scale back to the defender: by deploying agentic cyber defense—like Big Sleep and CodeMender—we are finding and patching vulnerabilities before they can be exploited. We are using AI to build software that is secure by design, even as we continue to defend the massive landscape of legacy code the world relies on today. Read the full GTIG AI Threat Tracker report here: https://lnkd.in/gn6UHXaV 

Why AI Is The New Cybersecurity Battleground - Forbes AI has evolved from a tool to an autonomous decision-maker, reshaping the landscape of cybersecurity and demanding innovative defense strategies. Artificial intelligence has quickly grown from a capability to an architecture. As models evolve from backend add-ons to the central engine of modern applications, security leaders are facing a new kind of battlefield. The objective not simply about protecting data or infrastructure—it’s about securing the intelligence itself. In this new approach, AI models don’t just inform decisions—they are decision-makers. They interpret, respond, and sometimes act autonomously. That shift demands a fundamental rethink of how we define risk, build trust, and defend digital systems. From Logic to Learning: The Architecture Has Changed Historically, enterprise software was built in layers: infrastructure, data, logic, and presentation. Now, there’s a new layer in the stack—the model layer. It’s dynamic, probabilistic, and increasingly integral to how applications function. Jeetu Patel, president and chief product officer at Cisco, described this transformation to me in a recent conversation: “We are trying to build extremely predictable enterprise applications on a layer of the stack which is inherently unpredictable.” That unpredictability is not a flaw—it’s a feature of large language models and generative AI. But it complicates traditional security assumptions. Models don’t always produce the same output from the same input. Their behavior can shift with new data, fine-tuning, or environmental cues. And that volatility makes them harder to defend. AI Is the New Attack Surface As AI becomes more central to application workflows, it also becomes a more attractive target. Attackers are already exploiting vulnerabilities through prompt injection, jailbreaks, and system prompt extraction. And with models being trained, shared, and fine-tuned at record speed, security controls struggle to keep up. Runtime Guardrails and Machine-Speed Validation Given the speed and sophistication of modern threats, legacy QA methods aren’t enough. Patel emphasized that red teaming must evolve into something automated and algorithmic. Security needs to shift from periodic assessments to continuous behavioral validation. Agentic AI: When Models Act on Their Own The risk doesn’t stop at outputs. With the rise of agentic AI—where models autonomously complete tasks, call APIs, and interact with other agents—the complexity multiplies. Security must now account for autonomous systems that make decisions, communicate, and execute code without human intervention. #cybersecurity #AI #AgenticAI #dynamic #riskmanagment

Everyone says, "AI security is just cloud security 2.0." It isn’t. Here’s how AI security should be done 👇🏾 Cloud security was top-down: Security teams set the rules, and IT controlled the environment. It was a centralized approach. AI security is bottom-up: Unlike cloud tools; it’s scattered across teams and systems. Developers are adopting AI without security oversight, and AI’s adaptive nature means traditional security controls won’t keep up. So, what should security teams do instead? 1️⃣ Shift focus from tools to intent: Understand why AI is being used, not just what it’s doing. This helps you spot risks early. 2️⃣ Collaborate with development teams: Build a transparent process to track AI use and identify potential vulnerabilities. Implement real-time monitoring: 3️⃣ Use AI-specific security tools to track models, data flows, and detect anomalies. AI security isn’t a “cloud security 2.0” issue. It’s about adaptability, collaboration, and understanding AI’s evolving risks. Curious to hear how others are integrating security into AI development across their organizations.