ers. “Attackers have redefined their key performance indicators, dramatically reducing what we call ‘mean time to compromise’ and ‘mean time to exfiltrate,’” the reported noted. Unit 42 testing has demonstrated how breaches that took an average of 44 days in 2021, with AI assistance, can now occur in as little as 25 minutes. “The speed, scale and sophistication we’ve observed over the past couple of years is incredible,” warned the researchers. The cost per security incident also is going up, according to data from cybersecurity provider Netwrix. In 2025, 75 percent of surveyed organizations reported financial damage due to attacks – up from 60 percent in 2024, and the number of organizations estimating their damage at $200,000 or more nearly doubled, rising from 7 percent to 13 percent. “Research strongly suggests that attackers are ahead in AI adoption, which is pushing defenders into a reactive posture,” said Jeff Warren, chief product officer at Netwrix. More than two-thirds (37 percent) of IT professionals surveyed by Netwrix said AI-driven threats already have forced them to adjust, a direct reaction to the offensive use of AI by adversaries, said Warren. “It’s fair to say that attackers are moving faster with AI, and defenders are scrambling to catch up,” he continued. “This asymmetry is not new in cybersecurity, but AI appears to be accelerating it.” In fact, every organization surveyed by Palo Alto’s Unit 42 reported experiencing every one of the 10 measured security incidents in the past year. “Their response confirms that exposure is more a matter of operating in today’s environment than it is missteps,” said the researchers. The most consequential trend, said Unit 24 researchers, is at the intersection of GenAI and API risk. API attacks showed the sharpest year-over-year increase at 41 percent, fueled in part by two compounding forces, said Unit 42 researchers. First, as suggested above, generative AI has lowered the barrier to exploitation by enabling low-skilled actors to generate highfidelity attacks. Secondly, the proliferation of AI agents within corporate infrastructure, including those rapidly deployed and lightly governed, has introduced prompt injection vectors and an explosion of API surfaces, they continued. AI Sprawling In other words, AI systems not only expand the potential attack surface, they also can weaken it in some ways. Consider, for example, the enthusiasm around deploying agentic AI to handle tasks from customer service to code generation. The rush to keep pace has led to many cases where proper security and access control were sacrificed in the name of speed. The risks are compounded by the fact that AI systems tend to be highvalue assets, with broad access to proprietary data or business-critical functions; can operate across multiple systems simultaneously; and make decisions without human oversight. As Dashlane’s Rivian pointed out, this makes AI agents “both valuable and vulnerable – a losing combo.” In turn, many security experts predict that in 2026, autonomous AI agents will become the new favorite target of threat actors, leading to a high-profile data breach. “The security industry has spent decades securing human identities. Now, we face a more complex challenge: Securing machines that act like humans but at machine speed and scale,” said Rivian. Defenders will need to protect AI models, training data, prompts and outputs, much as they protect proprietary code, warned Netwrix’s Schrader. “It is important to secure the entire AI lifecycle, from data ingestion to model training to monitoring API endpoints for any signs of prompt injection, abuse or model leakage.” That includes the thousands of MCP (model context protocol) servers that allow AI models to securely connect to external data sources and tools. Enabling many enterprise AI use cases, these MCP servers are often underused and lightly monitored. “Adversaries target the tools and LLM systems, the underlying infrastructure supporting model development, the actions these systems take, and critically, their memory stores,” said Palo Alto’s Pasha. “Each represents a potential point of compromise. Our defensive posture must outpace this reality.” Ultimately, substantial investments in AI-enabled and automated cybersecurity tools will be required to defend resources at the speed of machines. In the meantime, the foundations of hardened identities, segmented access, zero trust architecture and monitoring and governance controls are more crucial than ever. o Where Attacks Are Increasing Attack Type YoY Increase Data breaches 29% Data leaks 29% Significant compliance violations 28% Downtime due to misconfiguration 29% Secret exposure 32% Identities with overly permissive access 33% Unrestricted network access between workloads 28% Vulnerable or poisoned workload images 31% API attack 41% APT 32% Source: Palo Alto Networks, Unit 42 34 CHANNELVISION | WINTER 2026
RkJQdWJsaXNoZXIy NTg4Njc=