1. Many companies are moving to integrate AI tools into daily operations. Do you think security practices are keeping pace with that speed?
The data suggests they are not. The Netwrix Data & Identity Security Report found that only 11% of organizations have operationalized AI governance with continuous oversight of identities, permissions, and the data AI systems can access. At the same time, almost half already have agentic AI running in production environments. Most organizations are still relying on governance processes that were designed for human users and periodic reviews, while AI systems are being deployed at machine speed.
The report also found that organizations where AI significantly increased the number of identities in their environment experienced a 43% breach rate compared to 11% among organizations where AI had not materially changed their identity footprint. That gap suggests adoption is outpacing governance in many environments.
2. What are the most common ways AI credentials and sensitive access points become exposed inside organizations?
The most common issue we are seeing is local credential storage. Many AI assistants, coding tools, and agent frameworks store authentication tokens, API keys, OAuth credentials, and service access tokens on employee workstations. In some cases, those credentials are stored in plaintext configuration files or JSON files.
Another common issue is credential aggregation. AI tools often connect to multiple services including GitHub, Azure DevOps, Slack, cloud platforms, databases, and ticketing systems. Those credentials are sometimes consolidated into a single configuration file, creating a high-value target for attackers.
In fact, the Netwrix Security Research Lab developed AIHound after discovering how widespread this problem had become. The open-source tool helps organizations identify credentials left behind by AI assistants and coding tools on employee workstations, providing visibility into access paths that often go unmanaged.
Organizations also struggle with visibility. Only 20% of organizations report fully monitoring employee use of shadow AI, which means many security teams don’t even know which AI tools are being used or what access they have been granted.
3. What are some of the technical findings that concern you most when assessing AI security risks today?
One of the most concerning findings is how many AI tools rely on credentials that are stored locally and often inadequately protected. The research found numerous examples of OAuth tokens, API keys, and service credentials being stored in locations that attackers could target if a workstation is compromised.
The research that led to developing AIHound highlighted just how inconsistent credential handling is across the AI ecosystem. In many cases, organizations have little visibility into where AI-related credentials are stored or what systems they can reach. That visibility gap is often the first problem security teams need to solve.
Another concern is the rapid growth of non-human identities. AI agents, service accounts, integrations, and automation workflows all require access to enterprise systems. Yet 76% of organizations do not fully govern or monitor non-human identities.
We’re also seeing increased risk around credential concentration. A single compromised laptop may now provide access to source code repositories, cloud infrastructure, collaboration systems, AI conversations, and production environments. The blast radius of a compromised endpoint is much larger than it was just a few years ago.
4. Are companies treating AI security as a technology issue alone, when it should also be viewed as a business risk?
In many cases, yes.
Organizations often focus on the technology itself, such as the AI model, the prompts, or the application. The larger issue is that AI changes how data is accessed across the business. It introduces new identities, new permissions, and new pathways into sensitive systems.
The report found that more than half of organizations experienced measurable business impact from security incidents and 24% reported losses of at least $100,000. AI security should be viewed through that same lens. This is not just an IT challenge. It affects operational resilience, intellectual property, regulatory compliance, customer trust, and financial performance.
5. In the event of an AI security incident, what should leadership prioritize in the first 24 hours?
The first priority is understanding the scope of access.
Leadership needs answers to three questions: What systems were accessed? What identities or credentials were involved? What data could have been exposed?
That requires rapid visibility into AI-related credentials, service accounts, integrations, and non-human identities. Organizations should immediately rotate exposed credentials, revoke unnecessary access, disable compromised integrations, and assess whether AI agents or connected services may have provided additional pathways into sensitive systems.
The challenge is that many organizations struggle with this level of visibility. The report found that 71% cannot immediately identify which identities have access to sensitive data, which can significantly slow response efforts.
6. How important is cross-functional collaboration between security, IT, legal, and business teams in managing AI risk?
It is essential.
AI governance cannot be owned by a single department because AI affects multiple parts of the organization simultaneously. Security teams understand risk, IT manages infrastructure and access, legal teams address compliance and privacy concerns, and business leaders determine how AI is used operationally.
One of the strongest findings from the Netwrix report is that organizations with unified identity and data governance are nearly five times more likely to report full AI readiness. That kind of maturity requires coordination across multiple functions rather than isolated technology initiatives.
7. From your perspective, are businesses underestimating the risks tied to employee use of AI platforms and tools?
I believe many organizations are underestimating the access risks more than the AI risks themselves.
Most discussions focus on what employees are entering into AI tools. The bigger question is what those tools can access once they are deployed. Every AI assistant, coding copilot, browser extension, or agent typically requires credentials and permissions to operate effectively.
The report found that only 20% of organizations fully monitor or govern employee use of shadow AI. At the same time, more identities are gaining access to enterprise data and exposure risk continues to rise. That combination creates significant blind spots for security teams.
One reason organizations underestimate this risk is that they often lack visibility into the credentials these tools create. AIHound was developed to help uncover those hidden credentials and provide a clearer picture of the access AI tools introduce into enterprise environments.
8. Looking ahead, what emerging AI security risks do you believe organizations should start paying closer attention to now?
The first is non-human identity sprawl. AI agents, autonomous workflows, service accounts, and machine-to-machine identities are growing rapidly, and most organizations lack mature governance processes for them.
The second is credential management. As AI tools become more integrated into business processes, they will require access to more systems and more sensitive data. Organizations need better visibility into where those credentials are stored and what they can access.
The third is agentic AI. When AI systems begin taking actions on behalf of users rather than simply providing recommendations, the consequences of excessive permissions become much greater. An AI system with broad access can potentially interact with multiple applications, data sources, and workflows at machine speed.
Finally, organizations should pay close attention to the convergence of AI governance, identity governance, and data governance. The most successful organizations will treat those as interconnected disciplines because the security risks increasingly overlap.












