New Research Highlights Growing Risks as Enterprises Accelerate AI Adoption
A new report from DigiCert reveals that 78% of organizations have experienced at least one AI-related security incident, underscoring the growing cybersecurity challenges associated with the rapid adoption of artificial intelligence across enterprises.
As AI-powered tools become deeply integrated into business operations, organizations are increasingly facing threats ranging from prompt injection and data leakage to model manipulation and unauthorized AI usage. The findings suggest that while AI is driving innovation and productivity, many organizations are still struggling to establish the governance and security controls needed to protect AI systems.
Cybersecurity experts warn that AI security must now be treated as a core business priority rather than an afterthought.
AI Adoption Is Outpacing Security
Artificial intelligence is transforming industries by automating workflows, improving customer experiences, and accelerating software development. However, many organizations have implemented AI technologies faster than they have developed security policies and governance frameworks.
The DigiCert report indicates that this gap is exposing businesses to new forms of cyber risk, including:
Prompt injection attacks
Data leakage through AI applications
Unauthorized use of AI tools (Shadow AI)
Model manipulation
AI-generated phishing campaigns
Exposure of sensitive business information
As AI capabilities expand, attackers are increasingly looking for ways to exploit these systems.
Why AI Security Incidents Are Increasing
Unlike traditional software, AI systems process vast amounts of data and often interact with users through natural language. This creates unique security challenges that many existing defenses were not designed to address.
Common causes of AI-related incidents include:
Prompt Injection
Attackers craft malicious prompts that manipulate AI models into revealing sensitive information or performing unintended actions.
Sensitive Data Exposure
Employees may unintentionally submit confidential business information, source code, financial records, or customer data into public AI services.
Shadow AI
Teams sometimes adopt AI applications without approval from security or IT departments, making it difficult to monitor how organizational data is being processed.
Insecure Integrations
AI assistants connected to cloud services, enterprise applications, and internal databases may introduce additional attack surfaces if access controls are weak.
The Business Impact
AI-related security incidents can affect organizations in multiple ways, including:
Exposure of confidential information
Financial losses
Regulatory compliance issues
Operational disruptions
Reputational damage
Loss of customer trust
For highly regulated industries such as banking, healthcare, telecommunications, and government, even a single AI-related incident can have significant legal and financial consequences.
Key Security Challenges Facing Organizations
The report highlights several areas where organizations continue to face difficulties.
AI Governance
Many businesses lack formal policies governing how employees should use AI tools and what data can safely be shared with them.
Identity and Access Management
AI platforms often integrate with multiple business systems, making strong authentication and least-privilege access essential.
Data Protection
Sensitive information must be protected throughout the AI lifecycle, from model training to deployment and ongoing operation.
Third-Party Risk
Organizations increasingly depend on external AI providers, requiring careful vendor risk assessments and continuous security monitoring.
Best Practices for Securing AI Systems
Security professionals recommend adopting a layered approach to AI security.
Establish AI Governance Policies
Define clear guidelines for approved AI tools, acceptable use, and handling of sensitive data.
Protect Sensitive Information
Implement data classification, encryption, and data loss prevention (DLP) controls to reduce the risk of accidental disclosure.
Monitor AI Activity
Continuously monitor AI applications for unusual behavior, unauthorized access, and suspicious prompts.
Secure AI Integrations
Review permissions granted to AI assistants and ensure they only have access to the resources required for their intended tasks.
Train Employees
Provide regular training on prompt injection, AI phishing, data privacy, and the safe use of generative AI platforms.
Why This Matters
Artificial intelligence is quickly becoming a core component of enterprise operations, from software development and customer support to cybersecurity and decision-making.
As organizations deploy increasingly capable AI systems, the attack surface expands alongside them. Threat actors are already adapting their techniques to exploit AI models, making proactive security essential.
The DigiCert findings reinforce that AI security is no longer just a technical issue—it is a strategic business concern requiring executive oversight, robust governance, and continuous risk management.
The Bigger Picture
The rise in AI-related security incidents reflects a broader shift in cybersecurity. Instead of focusing solely on operating systems, networks, or endpoints, organizations must now secure AI models, training data, prompts, APIs, and automated workflows.
Emerging threats such as prompt injection, model poisoning, deepfake-enabled social engineering, and AI-assisted phishing demonstrate that artificial intelligence has become both a powerful defensive tool and a new attack surface.
Building resilient AI ecosystems will require collaboration between cybersecurity teams, AI developers, business leaders, and regulators to ensure innovation is matched with strong security practices.
Conclusion
DigiCert's report serves as a clear warning that enterprise AI adoption is advancing faster than AI security maturity. With 78% of organizations reporting AI-related security incidents, businesses must move quickly to strengthen governance, protect sensitive data, monitor AI systems, and educate employees on emerging threats.
As artificial intelligence becomes increasingly embedded in daily operations, organizations that prioritize secure AI development and responsible deployment will be better positioned to reduce cyber risks while realizing the full benefits of AI-driven innovation.