AI Tools Are Creating New Security Gaps Companies Aren't Managing
Deployment platform Vercel suffered a major security breach after an employee connected a third-party AI tool to their corporate Google account. The breach exposed database credentials, API keys, and third-party integrations - all because the AI tool had permission to read software environment variables.
The incident reveals a broader problem: companies are adopting AI faster than they can secure it. While 87% of security professionals use some type of AI service, only 13% have an AI-specific security strategy, according to research by cloud and AI security provider Wiz. Another 20% have no AI security strategy at all.
The gap between adoption and oversight
The lack of visibility compounds the risk. Twenty-five percent of organizations don't know which AI services are currently being used in their systems. Meanwhile, as many as 80% of workers use unapproved AI tools on the job - and senior managers and executives have even higher rates of unapproved usage.
This matters because unvetted AI tools often rely on open-source components that contain security flaws. The flow of information between microservices, language models, and database servers creates connection and permission vulnerabilities that are difficult to track.
Two specific threats
Poisoned training data: Attackers can insert false or misleading information into public machine learning models, causing AI systems to malfunction in ways that trigger wrong answers, leak sensitive information, or produce biased results - even when the model appears to be functioning normally.
Agentic AI risks: As agentic AI becomes more common, the danger grows. These systems can execute complex task sequences without oversight, which saves time for founders but also creates sophisticated attack vectors if compromised.
Before rolling out AI-powered tools, executives need to understand how they affect the entire software supply chain. The fastest way to scale with AI is also the fastest way to expose sensitive data.
Learn more about AI implementation for executives and strategy, or explore the specific risks of generative AI and language models.
Your membership also unlocks:
