AI Security Is Scaling Faster Than Most Organisations Can Defend

During a recent episode of Cyber in Focus, Tom Exelby, Head of Cyber at Red Helix, spoke with Dilan Nathoo, VP of Sales Engineering at CrowdStrike, about how AI is reshaping the cyber threat landscape and why many organisations are now managing an attack surface they still do not fully understand. 

To access the whole episode, listen here: https://open.spotify.com/episode/5jDGoyA10uqJmuXBi0KLBR 

Artificial intelligence is no longer emerging technology. It has already embedded itself across the enterprise, often far more deeply than organisations realise. 

What began as limited experimentation with copilots and language models has rapidly evolved into widespread operational use. AI now underpins productivity tooling, cloud services, SaaS platforms, development environments and internally built automation workflows.  

In many cases, adoption has happened incrementally rather than strategically, introduced through platform updates, integrated features and individual teams looking for efficiency gains rather than through formal transformation programmes. The speed of that adoption matters because governance has not evolved at the same pace. 

AI Has Changed the Speed and Economics of Cyber Attacks

According to CrowdStrike’s 2026 Global Threat Report, AI-enabled attacks increased by 89% year-on-year. More significantly, the average breakout time observed across incidents dropped from 48 minutes to 29 minutes, with the fastest recorded breakout occurring in just 27 seconds. 

Those figures illustrate a broader shift taking place across the threat landscape. AI is reducing the operational effort required to conduct cyber-attacks while simultaneously increasing the scale at which attackers can operate.  

Activities that previously demanded highly skilled operators and significant preparation can now be accelerated through publicly available AI tooling capable of automating reconnaissance, generating phishing campaigns, assisting malware development and supporting social engineering activity. 

The consequence is a compression of the timelines that defenders have traditionally relied upon to detect and respond to malicious activity. 

For security teams, that creates a very different operating environment. Attackers no longer require extended dwell times to establish footholds and move laterally across infrastructure. The speed at which campaigns can now be executed places far greater emphasis on visibility, telemetry and response capability across increasingly complex environments. 

Organisations Are Expanding Their Attack Surface Faster Than They Can Govern It

AI has spread across modern organisations, often without the same level of scrutiny traditionally applied to critical technology deployments. 

The most visible layer is employee-facing AI tooling. Chatbots, coding assistants and browser-based large language models have quickly become part of everyday working practices across functions ranging from marketing and HR through to software development and finance. 

Less obvious is the volume of AI functionality already embedded within existing SaaS platforms. Collaboration suites, CRM systems and productivity tooling increasingly contain integrated AI features enabled by default as vendors compete to differentiate their platforms. 

The fastest-growing layer, however, sits within internally developed environments. Organisations are now building custom AI agents, automation pipelines and AI-assisted workflows directly into their cloud infrastructure, frequently at a pace that outstrips established governance and security processes. 

The accessibility of AI tooling has lowered the barrier to creating sophisticated automation, allowing teams to deploy capabilities quickly and with relatively limited development overhead.  

In practice, however, rapid deployment often leads to over-permissioned service accounts, exposed APIs and poorly governed machine identities that become increasingly difficult to monitor as environments scale. 

At the same time, threat actors are actively adapting their own operations to exploit precisely these types of weaknesses. 

Shadow AI Has Become a Growing Enterprise Risk

For years, organisations focused heavily on Shadow IT. The emergence of Shadow AI presents a similar challenge, but at a much greater scale. 

Employees are increasingly using AI tools independently to accelerate tasks, automate repetitive work and improve productivity. In many cases, those tools are being adopted without formal approval processes or clear understanding of how data is stored, processed or exposed externally. 

More often, the risk lays in the unintended exposure of commercially sensitive information, intellectual property, internal documentation or customer data into external AI environments operating outside corporate oversight. 

What makes the challenge particularly difficult is that AI adoption tends to happen organically. Unlike large technology transformation programmes, the use of AI tools often spreads through individual experimentation and team-level adoption long before governance frameworks have been established. 

As a result, many organisations are now attempting to secure environments that evolved faster than their visibility into them. 

AI Introduces Attack Paths Traditional Security Models Were Never Designed Around

Traditional cybersecurity strategies were built around endpoints, infrastructure and applications. AI has introduced a very different category of operational risk. 

Prompt injection is one example that is already attracting significant attention across the industry. Because AI systems rely on natural language interaction rather than fixed command structures, attackers can manipulate prompts in ways that influence outputs, bypass restrictions or expose information unintentionally. As AI agents become increasingly embedded within workflows and operational processes, the potential impact of those manipulations grows considerably. 

Data poisoning presents another challenge. AI models are fundamentally dependent on the integrity of the data used to train and operate them. Where attackers can manipulate source information or compromise training data, they can influence outputs at scale in ways that may not be immediately visible to organisations relying on those systems. 

The rapid growth of APIs, service accounts and machine-to-machine communication introduces further complexity. AI environments depend heavily on integrations and automated workflows, many of which are deployed quickly with broad permissions granted primarily to ensure functionality.  

Over time, those environments can become increasingly difficult to govern, particularly where organisations lack consolidated visibility across cloud infrastructure, SaaS platforms and identity estates. 

Threat Actors Are Already Operationalising AI at Scale

One of the more striking aspects of the discussion was the extent to which nation-state and criminal groups are already integrating AI into operational activity. 

The traditional indicators associated with phishing campaigns, such as poor grammar or generic messaging, are rapidly disappearing. AI-generated communication allows attackers to produce highly convincing, contextually accurate messaging at scale, significantly increasing the effectiveness of social engineering campaigns. 

CrowdStrike’s threat intelligence teams have observed Chinese intelligence services creating entirely fabricated consulting firms and recruitment platforms supported by AI-generated content and infrastructure. These operations extend far beyond isolated phishing emails and instead focus on establishing long-term credibility through realistic digital business identities. 

North Korean-linked adversaries such as Famous Chollima have reportedly used synthetic personas, AI-generated imagery and AI-assisted interview preparation to infiltrate organisations through recruitment processes. What once sounded improbable is increasingly becoming operational reality. 

AI is also being used to support vulnerability discovery, accelerate reconnaissance activity and assist malware development, lowering the technical barriers traditionally associated with sophisticated cyber operations. 

Identity Has Become the Primary Security Battleground

One of the strongest conclusions from the discussion was that identity now sits at the centre of modern cyber risk. 

According to CrowdStrike, 82% of detections in 2025 were malware-free, with attackers relying instead on legitimate credentials and trusted authentication flows to blend into normal business activity. 

That challenge becomes significantly more complex in AI-enabled environments where organisations are managing not only human users, but also machine identities, APIs, automation tooling and AI agents operating continuously across distributed cloud infrastructure. 

Many organisations still underestimate the scale of those environments. Businesses with a relatively small employee population may already have thousands of active non-human identities interacting with systems and data every day, often with elevated permissions and limited governance oversight. 

AI agents can be compared to interns within an organisation. Businesses would never provide a new employee with unrestricted access to systems, sensitive information and operational workflows without supervision or controls. Yet many organisations are effectively doing exactly that with AI-enabled tooling. 

Most Organisations Are Still in the Early Stages of AI Security Maturity

Despite the speed of adoption, many businesses remain at an early stage of AI security maturity. 

Some organisations still have limited visibility into which AI tools employees are using or how data is flowing between systems and external platforms. Others have introduced acceptable use policies and approved tooling list

s, but enforcement often remains inconsistent and heavily reliant on manual processes. 

Only the more mature organisations are beginning to implement integrated monitoring, governance controls and security operations capabilities designed specifically to address AI-related risk. 

The challenge is that attackers are already operating at machine speed while many defenders are still attempting to establish baseline visibility. 

The Fundamentals of Cybersecurity Still Matter

While AI introduces new operational risks, the underlying principles of cybersecurity remain largely unchanged. 

Phishing-resistant MFA is becoming increasingly important as AI-generated phishing and voice impersonation attacks become more convincing. Least privilege access remains critical, particularly for service accounts, APIs and machine identities that are frequently over-permissioned during rapid deployment cycles. 

Most importantly, organisations require visibility across their environments. Without clear oversight into AI usage, machine identities, API interactions and data movement, organisations will struggle to detect misuse, compromise or anomalous behaviour quickly enough to respond effectively. 

The speed of modern attacks means that delayed visibility increasingly becomes operational risk. 

Visibility Must Come Before Governance

Before organisations can secure AI effectively, they first need to understand where AI exists across the business. 

That requires visibility into employee tooling, embedded AI functionality within SaaS platforms, exposed APIs, machine identities and the movement of data between internal systems and external AI services. 

Many organisations are currently defending an AI-enabled attack surface they have not fully mapped, which ultimately makes it difficult to govern risk consistently or apply security controls effectively. 

The organisations best positioned over the next 12 months will not necessarily be those adopting AI the fastest. They will be the ones capable of balancing innovation with governance, visibility and operational control while the technology continues to evolve at pace. 

AI adoption is accelerating regardless, so the challenge now is whether organisational security maturity can keep up.