TESTIMONIALS

โ€œReceived the latest edition of Professional Security Magazine, once again a very enjoyable magazine to read, interesting content keeps me reading from front to back. Keep up the good work on such an informative magazine.โ€

Graham Penn
ALL TESTIMONIALS
FIND A BUSINESS

Would you like your business to be added to this list?

ADD LISTING
FEATURED COMPANY
Interviews

AI speed and cyber challenge

by Mark Rowe

In the AI race, are we moving too fast for our own good? asks Bernard Montel, Field CTO at the platform Tenable.

The speed at which AI has evolved and become an integral part of our working lives is remarkable. Whether through generative AI or increasingly sophisticated agentic systems, tasks that once took hours can now be completed in minutes. For many organisations, a world without AI is already difficult to imagine. With the increased accessibility and capability of AI tools has come a culture of instant gratification. Demand for faster results has intensified competition among startups and technology giants alike, creating a relentless cycle of innovation and accelerating adoption.

Yet beneath this rapid progress lies a growing cybersecurity challenge. Whilst AI is turbocharging productivity, weโ€™re also seeing employees increasingly entering sensitive information into Large Language Models (LLMs), relying on outputs without the necessary verification, and automating workflows without fully understanding the associated security risks. The result is a widening gap between the pace of innovation and regulation needed to control it. This raises an important question: in the race to realise AI’s potential, are organisations and developers moving too fast and prioritising innovation at the expense of security?

 

The perpetual cycle of accelerated development

AI is being powered by rising demands for speed and productivity. As these models become more intuitive, they remove barriers to use and are woven into everyday workflows. That creates a feedback loop where speed becomes the priority and anything that slows it down โ€“ governance, security checks, compliance โ€“ looks like an obstacle rather than a necessity.

At the same time, organisations are feeding these systems sensitive information with little visibility or control over where it goes, who is using it, or why. This isnโ€™t always deliberate, but a byproduct of urgency. Weโ€™ve seen this before. Convenience wins until the consequences catch up. From weak passwords to rushed cloud migrations, speed has often outpaced security. AI is following a similar trajectory โ€“ only faster and at a greater scale.

 

Reactive regulation: a never-ending game of chase

Regulatory frameworks are also struggling to keep pace. By the time legislation is proposed, debated and implemented, the technology it aims to govern has often evolved. This leaves regulators reacting to yesterdayโ€™s risks rather than getting ahead of tomorrowโ€™s flaws. In cybersecurity, thatโ€™s a losing game.The gap between innovation and oversight is widening, and gaps are where threats thrive.ย  Cybercriminals are already using AI to scale attacks, automate reconnaissance and generate highly convincing phishing campaigns, with AI tools lowering the barrier to entry while increasing the attack surface. As regulatory blind spots widen, threat actors wonโ€™t wait. They will move faster than the systems designed to stop them and exploit every delay.

 

Resetting the role of AI

This is not a case against AI. Its benefits are real and, in many cases, unavoidable. The issue is imbalance, where advancement is favoured and regulation and security are compromised. We are moving too fast without the foundations to support it. As AI becomes embedded in core business processes, small gaps can scale into serious risks.

To unlock AIโ€™s full potential without amplifying risk, we need to reframe how we think about progress. Organisations must understand their data flows in AI environments โ€“ what is used, where it goes and how it is protected. Visibility and governance are not optional; they are the baseline. Security must also be built in from the outset, not retrofitted. This requires alignment across technical teams, leadership and risk functions. AI cannot sit in a silo; it needs to be integrated into broader security and compliance frameworks, supported by closer collaboration between the industry and regulators.

 

Regulation and governance at a crossroads

To sustain AI’s momentum, organisations must create space to allow governance, regulation and security frameworks to catch up. While stronger controls may introduce friction between innovation and regulation, they also build the trust and resilience needed for secure AI adoption at scale. The reality is that AI is advancing much faster than our ability to effectively regulate and mitigate the risks it creates. Security has to become as much of a priority as innovation โ€” otherwise, the gap between speed and safety will continue to widen and may eventually become impossible to close.

 

Bridging the gap: From awareness to action

Closing this gap requires organisations to move away from reactive panic and toward preemptive exposure management. First, security teams must establish continuous, automated visibility over their entire AI footprint, identifying not just official deployments, but โ€˜shadow AIโ€™ tools being used casually by employees. Second, data governance policies must strictly define and restrict what data can be fed into LLMs, utilising data loss prevention (DLP) mechanisms to sanitise sensitive inputs before they reach external servers. Finally, AI security cannot be treated as an isolated problem, it must be completely integrated into the organisation’s broader exposure management program.

By treating AI assets with the same rigorous vulnerability assessments, access controls, and risk prioritisation applied to traditional cloud and network infrastructure, businesses can confidently embrace the speed of innovation without sacrificing their security baseline.

Related News