Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

MITRE ATLAS catalogs sixteen tactics and eighty-four techniques adversaries use against AI systems, including fourteen agent-focused techniques added through the October 2025 Zenity Labs collaboration. It is the canonical taxonomy a security architect’s CISO, auditor, or RFP will name. It is not a detection plan. ATLAS organizes around adversary objectives.

At 2:47 PM on a Tuesday, a customer support agent receives a routine ticket asking about return policy edge cases. The agent retrieves a section from your internal policy wiki through RAG to formulate the response. Three weeks earlier, an attacker had planted a hidden instruction in that wiki page. Bedrock Guardrails scored the retrieved context at 0.04 — well within benign range.

Editor's note: This article was originally published by Craig Riddell on LinkedIn. It has been republished here with the author's permission. Boards are giving AI security more airtime than ever. What they're not giving is the right framing. A year or two ago, AI was mostly a question of experimentation risk. Today, it's tied directly to revenue, customer experience, operational efficiency, and competitive advantage. The urgency is real, and it's translating into aggressive deployment timelines.

Empowering your team starts long before a project kickoff or a performance review. It starts with clarity. A comprehensive employee handbook is one of the simplest ways to give people that clarity, and this template makes it much easier to do well. Companies typically give the handbook to new hires during onboarding so they understand their role, rights, and responsibilities from day one.

As organisations continue integrating AI capabilities into customer-facing applications, internal tooling, and operational workflows, the security implications of these systems are becoming increasingly important. Large Language Models (LLMs), AI assistants, and automated decision-making features are now appearing across SaaS platforms, support systems, and enterprise applications, often connected directly to sensitive data and business processes.

Author: Alexander Ivanyuk, Senior Director, Technology Generative AI is no longer a side experiment inside businesses. It is moving into normal work: writing, summarizing, coding, research, customer support, internal search and repeatable workflows. OpenAI says it now serves more than one million business customers, more than seven million ChatGPT workplace seats, and roughly 8x growth in weekly enterprise messages since November 2024.

For years, Privileged Access Management (PAM) was built around a simple assumption: privileged access is primarily a human problem. That assumption is rapidly collapsing. Modern enterprises are no longer driven mainly by administrators logging into servers. They are increasingly powered by APIs, containers, automation pipelines, microservices, cloud workloads, and AI-driven systems communicating continuously at machine speed.