Since OpenAI’s ChatGPT burst onto the scene near the end of 2022, the past three years have been a time of all gas and no brakes. As the enterprise world begins to deal with the security challenges of unchecked AI adoption, it may finally be time to slow down the speeding car.
Signs of trouble on the road ahead are beginning to appear. Tests conducted by an AI security lab in cooperation with OpenAI and Anthropic found that AI agents tasked with creating simple LinkedIn posts from a company’s database dodged guardrails to post sensitive information in public.
The viral popularity of open-source AI agents such as OpenClaw, which drew 2 million users in a single week, has prompted security warnings, including one from China’s cybersecurity agency, about the tool’s inherent flaws. A report from IBM Corp. found that 60% of AI security-related incidents led to compromised data, 31% led to operational disruption, and 97% of compromised organizations had zero AI access controls in place.
“The challenges around data governance and compliance remain significant,” said Christophe Bertrand, principal analyst for cyber resiliency, data protection and data management at theCUBE Research. “Scaling AI requires trust, and trust starts with trusted infrastructure, trusted and protected data, cyber resilient data that can be recovered, and compliant and governed data so organizations don’t use data that creates business risk.”
This feature is part of News Media’s ongoing exploration of the latest trends in cybersecurity. Be sure to check out News’s extensive coverage of RSAC 2026, including interviews with RSAC, EY, StackHawk, NetApp, Dell, Capital One, Ping Identity, Cato Networks, XBOW and Elastic. (* Disclosure below.)
Agentic security challenges
The rise of AI agents within the enterprise has captured the attention of many in the cybersecurity community. The primary concern is that traditional firewalls were created for human-to-app communication, yet the rapid adoption of solutions such as Model Context Protocol, or MCP, for agent-to-agent interaction has left security organizations unable to see or monitor data traffic.
Application delivery provider F5 Inc. took steps earlier this month to address this growing security gap by introducing NGINX Agentic Observability. This solution can inspect MCP data directly in the traffic path, offering new visibility into which AI agents are interacting with which services in an effort to eliminate a blind spot for IT oversight.
“Agentic is the single biggest issue right now,” said Jimmy White, vice president of AI for F5, during an exclusive interview with News. “Agents can be many things to different people.”
Indeed, the explosion of agents and their many different personas has led some cybersecurity firms to lean on identity as an enterprise solution. Ping Identity Inc. released Identity for AI in November, an approach designed to provide users with a single control plane that can manage the entire agent lifecycle. The solution introduces a security layer that can monitor agent activity while enforcing policy-based guardrails and least-privilege access.
“This is a pivotal moment supporting our mission to place identity at the heart of security – not just to drive more secure innovation, but to help organizations build for long-term trust,” said Andre Durand, Ping Identity founder and chief executive. “We’re at a critical inflection point, where AI is reshaping the landscape and eroding trust.”
Preparing for the quantum era
While AI has been a central focus for the cybersecurity world, a technology that may still be years away from implementation is also receiving significant attention. It is quantum computing and the need for post-quantum cryptography, or PQC, that has emerged this year as a key area of focus.
The reason for security’s current interest is that RSA encryption, a public key cryptosystem that has been in use since the 1970s for secure data transmission, could become vulnerable to rapid decryption through the use of more advanced quantum computers. The security of everything from bank transactions to a company’s stored proprietary data will be at risk.
The pace of activity in quantum readiness within the cybersecurity industry picked up noticeably over the past year. One example can be seen in the collaboration announced in December between NetApp Inc. and F5 on high-performance data delivery solutions that leverage PQC. F5’s BIG-IP has been designed to support hybrid key agreement and NIST-sanctioned algorithms for quantum-resistant secured communications, with additional support for PQC for NetApp StorageGRID clusters.
The key step is to prepare the hardware now and identify where the most critical data resides, according to F5’s White. “We’re building our solutions into our hardware,” White explained. “PQC is more about protection; it’s about protecting what we already have. A lot of companies don’t understand what data they have at rest.”
Embracing auto-adaptive solutions
This lack of understanding has been further compounded by uncertainty over how to respond when data, wherever it may be stored, is suddenly at risk. “Alert fatigue” and “tool sprawl” have emerged as two of the largest pain points for cybersecurity practitioners. Too many tools generating endless alerts have left security organizations wondering what’s important and what’s not.
This is a serious problem for another reason: Malicious actors have changed their patterns to evade immediate detection. Security researchers have noticed that attackers increasingly are blending into normal enterprise activity by breaching legitimate tools and targets. Rather than taking action that could trigger a single alert, malicious actors execute a number of low-profile moves that can remain undetected for a significant period of time.
Because many existing point solutions often fail to identify this behavior, security companies are turning to auto-adaptive threat prevention tools. Earlier this month, Cato Networks Ltd. unveiled Cato Dynamic Prevention, an engine designed to stop threats by correlating signals from months of activity.
AI itself holds promise in being able to help signal-weary security organizations spot trouble early. As News has documented in its research, security is no longer a bolt-on function. Security teams are increasingly influencing infrastructure and application decisions across the enterprise, and they are using AI in the process.
“AI can watch your behavior and say, ‘You know, here’s a feature that you need,’ or ‘I’m going to self-tune a firewall, for example, based on your traffic,’” according to Jon Oltsik, principal analyst, cybersecurity, at theCUBE Research. “That’s a real-time AI advantage that we’ll get. It’s not pie in the sky. This is happening now.”
Securing the intelligent edge
As AI applications continue to expand, they are becoming more prevalent in a wide range of use cases, especially at the edge. This has opened a new area of concern for cybersecurity practitioners who must now secure the data flowing through AI pipelines in remote locations.
Enterprise vendors have responded to this concern by offering solutions that can mitigate the risks of edge deployments. An example of this can be seen in the rollout last year of Dell Technologies Inc.’s NativeEdge, a software platform for the central management of edge operations. Dell’s offering includes centralized control and zero-trust security in the automation of edge infrastructure deployments.
Security at the edge highlights an additional trend generated by enterprise implementation of AI. The AI factory — specialized infrastructure that combines high-performance GPUs, software and data pipelines — is now expanding to the edge as enterprises need real-time decision-making in places such as manufacturing facilities and retail stores.
As noted by News’s research analysts, this represents the dawn of the hyperconverged edge where compute, storage, security and AI inference come together in one unified infrastructure. This is still a work in progress and reliably securing these environments will not be an easy task.
“Enterprises are currently fighting a two-front war,” said Zeus Kerravala, principal analyst at ZK Research, a division of Kerravala Consulting. “On one side, there is an aggressive push toward AI adoption; on the other, an infrastructure landscape so fractured across edge, cloud and on-premises sites that scaling becomes nearly impossible. The ‘Age of AI’ is quickly becoming the ‘Age of Complexity.’ The winners won’t just be the companies with the best models, but those with the most resilient, observable and converged delivery platforms.”
(* Disclosure: TheCUBE is a paid media partner for the RSAC 2026 Conference. Sponsors of theCUBE’s event coverage do not have editorial control over content on theCUBE or News.)
Image: News/ChatGPT
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About News Media
Founded by tech visionaries John Furrier and Dave Vellante, News Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
