Netskope outlines security considerations as AI adoption expands across enterprises

Rising investments in Artificial Intelligence (AI) are broadening the security perimeter organizations must protect, presenting new challenges for IT and cybersecurity teams managing AI-driven data flows. As AI technologies become embedded across enterprise tools and processes, security leaders face increased risks due to limited visibility and control over AI applications and autonomous agents.

Research Overview

Global spending on AI projects is projected to approach $750 billion by 2028, reflecting rapid adoption across industries. This growth correlates with an expanding attack surface as cyber defenders contend with the evolving data security implications of AI integration within enterprise environments.

Analogs to the early cloud adoption phase highlight that AI-related risks span multiple behaviors and deployment models, including the use of unmanaged or “shadow AI” by employees, which often bypasses formal compliance controls.

Key Findings

Nearly half of Generative AI (GenAI) users employ personal AI applications, raising concerns about inadvertent exposures of sensitive information through third-party cloud platforms. Organizations building private AI models face distinct challenges ensuring the security of training datasets and monitoring model outputs to prevent data leakage.

Emerging autonomous AI agents introduce new complexities around data access and governance, with Gartner forecasting that by 2028, a quarter of enterprise breaches will involve AI agent misuse. These trends necessitate a comprehensive approach to risk management encompassing AI tool usage and model operations.

Technical Breakdown

Implementing a zero trust security framework adapted for AI environments is advised to authenticate every access request, whether human or machine, and to manage data flows based on dynamic risk assessments. Existing zero trust implementations often lack coverage for non-human identities, which are expected to grow rapidly.

Comprehensive visibility into AI usage remains limited, with only 6% of organizations attaining full insight. Monitoring must extend not only to standalone AI applications but also to AI functionalities embedded within cloud and Software-as-a-Service (SaaS) platforms, which frequently update without security teams’ awareness.

Operational Impact

The governance maturity around AI remains largely reactive or informal, leaving organizations vulnerable to unsecured AI deployments. Establishing proactive policies for AI use before and after deployment is essential to minimize risks inherent to AI adoption.

Skill gaps persist as a majority of users lack formal AI training, yet many enterprises continue to rely predominantly on written policies and compliance for enforcement. This imbalance contributes to risks of improper AI utilization and potential regulatory breaches, highlighting the need for enhanced education coupled with appropriate security tooling.

Leadership Perspective

Technology leaders are encouraged to integrate AI security strategies within existing frameworks, prioritizing unified platforms over accumulating disparate tools to reduce complexity and administrative overhead. Incorporating AI security gateways and guardrails alongside traditional risk management practices supports a layered defense capable of addressing both human and agentic AI factors.

Advancing AI security readiness involves balancing human expertise with automated controls to manage emerging autonomous decision-making processes predicted to constitute a portion of business activities in coming years.

This Blog Signals brief provides a fact-based overview on the expansion of AI risks and corresponding security considerations critical for enterprise IT decision-makers to manage AI adoption effectively within their organizations.