{"id":233355,"date":"2026-06-18T04:45:00","date_gmt":"2026-06-18T08:45:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/18\/ai-turns-decades-of-cybersecurity-upside-down\/"},"modified":"2026-06-18T04:50:15","modified_gmt":"2026-06-18T08:50:15","slug":"ai-turns-decades-of-cybersecurity-upside-down","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/18\/ai-turns-decades-of-cybersecurity-upside-down\/","title":{"rendered":"AI turns decades of cybersecurity upside down"},"content":{"rendered":"

AI turns decades of cybersecurity upside down<\/a><\/p>\n

https:\/\/www.techzine.eu\/blogs\/security\/142267\/ai-turns-decades-of-cybersecurity-upside-down\/<\/a><\/p>\n

Publish Date: 2026-06-18 04:45:00<\/a><\/p>\n

Source Domain: www.techzine.eu<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n

Organizations are embracing AI en masse to accelerate processes. Without the right security, however, this innovation can quickly become a loose cannon. How do you ensure that the AI your organization uses runs securely and isn\u2019t compromised? We\u2019ll discuss this in an in-depth roundtable discussion with experts from ManageEngine, Nutanix, Okta, Thales, TrendAI, Veeam, and Zscaler.<\/p>\n

For IT professionals and decision-makers, AI security can still be a bit unclear. Everyone is talking about it, but the concrete details remain abstract. To clarify exactly what it entails, we\u2019ve brought together a diverse group of security experts across the tech stack. What does AI security really mean? Is it about full-stack security or rather specific runtime controls? And now that the market is realizing that AI comes with a hefty price tag, the question arises: how do we keep protection affordable and practical for the entire workforce?<\/p>\n

It\u2019s high time to take stock of the gap between the theory of the models and the stubborn reality on the ground. We\u2019ll do that in a two-part series, of which this is the first installment.<\/p>\n

Design flaw in the architecture<\/p>\n

Securing AI applications is deeply intertwined with our fundamental approach to IT architecture and access management. Albert Kramer of Zscaler gets straight to the point on this issue, stating that AI poses a massive threat to what the industry has built up over the past decades. \u201cWhat AI promises is the highly efficient use of data. But we\u2019ve skipped a few crucial steps in granting that access,\u201d Kramer explains. \u201cIn the world of zero trust, we actually start with no access at all. We decide what to grant access to based on the user\u2019s identity or intent. Right now, we\u2019re struggling enormously with that concept because we\u2019re effectively giving AI agents unlimited access. This causes countless compliance issues and data breaches. It literally turns the past 25 to 30 years of cybersecurity on its head.\u201d<\/p>\n

Edwin Weijdema of Veeam agrees and notes that we\u2019re making fundamental architectural errors. According to him, AI security is essentially what we\u2019ve always done, but turned inside out. \u201cWe\u2019ve bolted AI directly onto the data, thereby bypassing all the layers of defense we normally employ,\u201d Weijdema explains. He draws a comparison with an amusement park: \u201cIt\u2019s as if you have a \u2018fast-track lane\u2019 that lets you go straight into everything. We\u2019ve always built security around human identities. We kept out whatever we didn\u2019t know. Now, the unknown suddenly has direct access to our data. That\u2019s why we need to introduce a completely new \u2018trust layer.\u2019 AI security encompasses everything that touches the data as it passes through the AI model\u2019s pipeline.\u201d<\/p>\n

From left to right: Steven Maas and Rob Sanders<\/p>\n

Proactive versus reactive <\/p>\n

As soon as AI is truly integrated deep into business processes, the vulnerabilities change as well. Cybersecurity used to be largely reactive, focusing on plugging leaks after they were discovered. AI, however, requires a proactive approach. Bart Herps of TrendAI warns: \u201cEverything now revolves around speed. AI still relies on traditional IT: the network, storage, and hardware. The difference is that if there\u2019s a configuration error or vulnerability now, it\u2019s exploited at an extremely rapid pace. A data breach involving AI escalates at lightning speed. We must therefore shift from a reactive to a proactive security mindset.\u201d<\/p>\n

Praveen Das of ManageEngine adds that the nature of the cyberattacks themselves is also changing. The threat landscape is no longer what it used to be. \u201cWith a traditional vulnerability, you have a pattern or a signature that you can patch against. But here, \u2018jailbreaking\u2019 is one of the biggest problems, and that doesn\u2019t carry any signature at all,\u201d Das emphasizes. He argues that security must be holistic. \u201cYou can\u2019t secure just one part of your AI. It has to happen at all levels\u2014in your infrastructure, model, and data.\u201d Only then, in his view, can you be truly effective. \u201cThink of data poisoning, which alters your model\u2019s output, or an agent that suddenly tries to access documents it\u2019s not authorized to view.\u201d<\/p>\n

Hundreds of invisible AI agents<\/p>\n

One of the most complex challenges in today\u2019s landscape is the popularity of agentic AI. These autonomous agents perform tasks on behalf of the user. Whereas traditional security focuses on human employees, these agents operate completely autonomously. And there are many of them. Weijdema notes that the balance has been completely skewed: \u201cWe\u2019re already seeing scenarios where 82 agents are running for a single physical person. These agents appear, do their work, and are sometimes gone again five minutes or five seconds later. How do you build a system that can handle that?\u201d<\/p>\n

Rob Sanders of Okta delves deeper into this identity crisis. \u201cWe need to look at who is performing the action: is it the agent or the human user in whose context the agent is running? You\u2019re dealing with multiple identities.\u201d Sanders points out the need for fine-grained authorization. \u201cIf, as an employee, I have full write access in Salesforce, that doesn\u2019t mean the AI agent I\u2019ve built should have the same rights. We see agents that launch ten additional agents themselves to perform a task and then shut them down again. It\u2019s impossible to secure that with traditional tools. We need to treat these agents as full-fledged identities, use short-lived tokens, and ensure we can detect them.\u201d<\/p>\n

Stephan Wibier of Nutanix adds another important dimension to this: the underlying intent. \u201cIs it an agent that has gone \u2018rogue,\u2019 is it simply a very efficient employee, or is it an attacker trying to use targeted prompts to make the LLM dump its entire context? How do we make that distinction?\u201d Wibier wonders. According to him, this clearly demonstrates that security must be seamlessly integrated into the platform from day one and cannot be tacked on afterward.<\/p>\n

From left to right: Edwin Weijdema, Stephan Wibier, and Praveen Das<\/p>\n

A new nightmare for the CISO? <\/p>\n

The drive for workplace efficiency means employees aren\u2019t waiting for the IT department to build the perfect, secure AI solution. They\u2019re searching for the most convenient tools on the internet themselves. This is leading to an explosion of Shadow AI. Bart Herps of TrendAI shares a telling real-world example: \u201cI recently visited a client who saw in their monitoring tools that more than 250 different cloud-based AI applications are currently being used within their network. And that number is growing every week. However, they can\u2019t simply block these tools, because they\u2019re sometimes seamlessly integrated into critical production processes without anyone noticing. For example, they use smart glasses that perform specific tasks with AI, but the IT department doesn\u2019t know exactly which AI is running behind the scenes.\u201d<\/p>\n

To the CISO, this sounds like pure chaos. Herps aptly describes the dynamics in the boardroom: \u201cWhen you talk to senior management, they talk about productivity. When you talk to the IT manager, he sees complexity. But when you talk to the CISO, he sees panic and chaos.\u201d<\/p>\n

Rob Sanders of Okta understands that initial panic reaction well. \u201cIf, as a CISO, you\u2019re personally responsible for data breaches, your first reflex is to shut everything down,\u201d he admits. \u201cBut just like shadow IT, we\u2019re not going to stop shadow AI. After all, it\u2019s good for productivity. What we do need to do is build guardrails. You set up frameworks where employees can work with their own tools, but where the system simply blocks access as soon as an unauthorized model tries to access your sensitive company data.\u201d<\/p>\n

According to the rest of the panel, frantically blocking everything is therefore not the solution. Kramer warns that the genie is already out of the bottle. \u201cUsers see AI as a toolbox. The corporate tool might do 80 percent of what they want, but for that remaining 20 percent, they\u2019ll just as easily upload their data to an unknown cloud application because it\u2019s faster.\u201d Weijdema, however, also sees an opportunity here with shadow innovation. \u201cEmployees use these tools for a reason. They want to accelerate the business. The CISO\u2019s role must therefore shift from being the \u2018no department\u2019 to the department that ensures business continuity. Facilitate the need, but do so through controlled, approved channels.\u201d<\/p>\n

The blind spot in the pipeline <\/p>\n

Steven Maas of Thales, in the discussion about the countless models and agents, points to the absolute foundation: the data. \u201cIt all starts with data,\u201d Maas states resolutely. \u201cNo matter how advanced your controls are, if you have sensitive data, you must protect it at its core with encryption. You must prevent your data from being manipulated. Models, after all, find paths and connections that we previously didn\u2019t think were possible.\u201d<\/p>\n

This risk is amplified when using RAG (Retrieval-Augmented Generation), a technique in which AI searches directly within a company\u2019s own documents. Herps warns of the dangers of this: \u201cEven if you create your own RAG, you must be absolutely certain that the data within it is secure. A RAG system breaks all your data into small pieces. It doesn\u2019t understand the data itself\u2014it only knows the pieces\u2014and the language model then stitches them back together. You can secure traditional files with permissions, but you often can\u2019t do that with the pieces in a RAG.\u201d<\/p>\n

According to Weijdema, many companies are also struggling with the \u201cillusion of progress.\u201d \u201cWe\u2019ve moved to the cloud; we have AI and agents, but we\u2019ve forgotten about the data layer. We have 30-year-old data on our servers that nobody uses anymore, but is full of PII. If we don\u2019t clean that up first, we\u2019re feeding bad and sensitive data into our models, and chaos will ensue at lightning speed. AI is now forcing us to retroactively get our data governance in order.\u201d<\/p>\n

From left to right: Bart Herps and Albert Kramer<\/p>\n

Proprietary models, firewalls, and control over workloads <\/p>\n

Because public LLMs pose risks, some organizations are taking matters into their own hands. Das explains how his company made this decision: \u201cWe have deliberately eliminated the need for third-party LLMs by developing our own \u2018narrow LLMs.\u2019 In terms of pure computing power, these may not be comparable to the giants, but they\u2019ve been specifically trained for our IT use cases. Because we build our own models and RAG, we have full control over permissions and ensure that no biased data ends up in our training model.\u201d<\/p>\n

Moreover, building our own solutions is sometimes the only option from a sovereignty perspective. Maas offers a word of caution about trusting tech giants blindly. \u201cHow can I trust someone else\u2019s model? You wouldn\u2019t be the first to discover that there are elements in an external model that don\u2019t belong there. Let\u2019s not be naive about the practices of certain large cloud providers.\u201d For that reason, Thales builds in specific safeguards, Maas explains: \u201cFor customers in sensitive sectors such as defense or finance, we\u2019ve created AI firewalls that prevent certain data from being used, uploaded, or even leaving the organization at all.\u201d<\/p>\n

Ultimately, it all comes down to understanding the workload\u2014the actual task being performed. Das compares it to a restaurant: \u201cIt doesn\u2019t matter where the chef was trained; what matters is what\u2019s on the plate tonight. That order slip contains the audit: which dish is being cooked, and which allergies need to be taken into account? The workload must be more secure than the model itself.\u201d<\/p>\n

The end of the network<\/p>\n

As the discussion progresses, it becomes clear that the traditional concept of the castle wall has definitively been rendered obsolete. Wibier emphasizes that a large part of AI security is actually just robust infrastructure security. \u201cSeventy to eighty percent of the security that AI needs should already be in your stack. Think of network security. If you don\u2019t have visibility, and a hacker performs a network injection, then you\u2019re in trouble.\u201d<\/p>\n

Kramer adds that the concept of \u201cthe network\u201d has fundamentally changed. \u201cWe\u2019re moving away from a world where everything is on-premises. What is the network these days? It\u2019s the internet. You simply can\u2019t protect the network anymore.\u201d According to him, the solution lies in drastically reducing the attack surface. \u201cYou have to protect the workload. That means you have to micro-segment everything: the dataset, the user, the agent. Based on that micro-segmentation, you determine for each specific action whether it\u2019s allowed or not. And then it no longer matters whether the action takes place at the company\u2019s office, at someone\u2019s home, or from an internet caf\u00e9. As long as you operate according to the philosophy: if it can\u2019t be reached, it can\u2019t be hacked.\u201d<\/p>\n

From blocking to foundations<\/p>\n

The successful and secure deployment of artificial intelligence ultimately requires much more than simply shielding an algorithm with an extra tool. It demands a thoughtful and proactive overhaul of the entire IT architecture. From cleaning up and encrypting raw, thirty-year-old data to dynamically assigning identities to ephemeral AI agents: everything must fit together seamlessly to prevent catastrophic data breaches.<\/p>\n

In addition, the roundtable discussion shows that frantically blocking everything is a dead-end approach. Bridging the gap between the drive for innovation on the shop floor and the IT department\u2019s frameworks is essential. By acknowledging this new reality and building on a modern, updated vision of zero trust and microsegmentation, cybersecurity can keep pace with the speed of AI. Only then will security transform from a barrier into the absolute foundation for sustainable business continuity.<\/p>\n

This was the first part of a two-part series on AI security. In the next article, we\u2019ll delve deeper into the solutions, governance, required skills, and cost implications of AI security.<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

AI turns decades of cybersecurity upside down https:\/\/www.techzine.eu\/blogs\/security\/142267\/ai-turns-decades-of-cybersecurity-upside-down\/ Publish Date: 2026-06-18 04:45:00 Source Domain: www.techzine.eu…<\/p>\n","protected":false},"author":1,"featured_media":233356,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.techzine.eu\/wp-content\/uploads\/2026\/06\/PXL_20260526_091741793-scaled-1.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,20,30,24,35,17,29,27],"class_list":["post-233355","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-artificial-intelligence","tag-breach","tag-cybersecurity","tag-hacker","tag-llm","tag-network-security","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/233355"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=233355"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/233355\/revisions"}],"predecessor-version":[{"id":233358,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/233355\/revisions\/233358"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/233356"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=233355"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=233355"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=233355"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}