Subj : An "AI Exposure Gap" could be the most worrying security issue yo To : All From : TechnologyDaily Date : Mon Nov 17 2025 10:00:08 An "AI Exposure Gap" could be the most worrying security issue your business isn't aware of Date: Mon, 17 Nov 2025 09:50:25 +0000 Description: Security postures are lacking as enterprises go all-in on AI, and its creating an exposure gap FULL STORY ======================================================================Only one in five companies encrypt their AI data, report finds Vulnerabilities come from within not from AI models Half of companies rely on guidance to do the bare minimum With 89% of organizations now running or piloting AI workloads, research from Tenable is warning of an AI exposure gap where security practices might not be keeping up with progress. To date, one in three (34%) AI adopters have already experienced an AI-related breach, but Tenable says these breaches are largely down to the companies involved rather than the AI technologies. Instead of sophisticated model attacks, vulnerability exploits are most common, suggesting Tenables AI exposure gap is already a reality. Security practices arent keeping up with AI Only 22% of the organizations surveyed said they fully classify and encrypt AI data, leaving 78% (or four in five) leaving it accessible in the event of an attack. Software vulnerabilities (21%) and insider threats (18%) were among the top three causes of breaches, but Tenable did also acknowledge that AI models flaws (19%) may also pose a risk. The real risks come from familiar exposures identity, misconfigurations, vulnerabilities not science-fiction scenarios, Product and Research VP Liat Hayun explained. This comes from enterprises scaling AI faster than they can secure it, leaving visibility across systems fragmented. As a result, companies tend to employ reactive defences to pick up the pieces rather than securing systems ahead of an attack. And thats exactly how Tenable says enterprises should go about fixing the AI exposure gap. Currently, around half (51%) rely on the NIST AI Risk Management Framework or the EU AI Act to guide their strategies, suggesting they may only be doing the bare minimum. Only one in four (26%) conduct AI-specific security testing like red-teaming. Tenable advises companies to prioritize foundational controls like identity governance, misconfiguration monitoring, workload hardening and access management, ultimately resulting in compliance being the starting point for a strong security posture not the be all and end all. Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button! And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too. ====================================================================== Link to news story: https://www.techradar.com/pro/security/an-ai-exposure-gap-could-be-the-most-wo rrying-security-issue-your-business-isnt-aware-of --- Mystic BBS v1.12 A49 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .