Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

MITRE ATLAS catalogs sixteen tactics and eighty-four techniques adversaries use against AI systems, including fourteen agent-focused techniques added through the October 2025 Zenity Labs collaboration. It is the canonical taxonomy a security architect’s CISO, auditor, or RFP will name. It is not a detection plan. ATLAS organizes around adversary objectives.

At 2:47 PM on a Tuesday, a customer support agent receives a routine ticket asking about return policy edge cases. The agent retrieves a section from your internal policy wiki through RAG to formulate the response. Three weeks earlier, an attacker had planted a hidden instruction in that wiki page. Bedrock Guardrails scored the retrieved context at 0.04 — well within benign range.

Editor's note: This article was originally published by Craig Riddell on LinkedIn. It has been republished here with the author's permission. Boards are giving AI security more airtime than ever. What they're not giving is the right framing. A year or two ago, AI was mostly a question of experimentation risk. Today, it's tied directly to revenue, customer experience, operational efficiency, and competitive advantage. The urgency is real, and it's translating into aggressive deployment timelines.

As organisations continue integrating AI capabilities into customer-facing applications, internal tooling, and operational workflows, the security implications of these systems are becoming increasingly important. Large Language Models (LLMs), AI assistants, and automated decision-making features are now appearing across SaaS platforms, support systems, and enterprise applications, often connected directly to sensitive data and business processes.

Author: Alexander Ivanyuk, Senior Director, Technology Generative AI is no longer a side experiment inside businesses. It is moving into normal work: writing, summarizing, coding, research, customer support, internal search and repeatable workflows. OpenAI says it now serves more than one million business customers, more than seven million ChatGPT workplace seats, and roughly 8x growth in weekly enterprise messages since November 2024.

OpenAI recently introduced Daybreak, a cybersecurity initiative designed to apply frontier AI models to vulnerability discovery, secure code analysis, and earlier remediation across the software lifecycle. By combining advanced reasoning and planning capabilities, Daybreak aims to help organizations identify and address weaknesses before they reach production. This is a meaningful step forward, but it is also a continuation of a long-standing approach.

It usually starts the same way. The CISO comes back from a board meeting having signed off on agentic AI for production. The SOC lead is told, in roughly that many words, to build detection for the agents. And the security stack she has — CNAPP for posture, EDR on the nodes, container runtime sensors, a SIEM ingesting everything — was architected before AI agents existed as a workload class.

AI tools are moving faster than the security controls meant to govern them.In this episode of Defender Fridays, Cisco's Cybersecurity Technical Solutions Architect Katherine McNamara walks through changes in the threat landscape as organizations rush to integrate AI without applying basic security discipline. When Katherine meets with customers to discuss AI security, the conversation almost always starts and ends in the same place: data leakage. Someone might upload sensitive files to a public LLM.