1. Forum
  2. tqwNet
  3. TQW GENTECH

  • AI security is broken at runtime: Most enterprises dont realize i

    From TechnologyDaily@1337:1/100 to All on Wednesday, May 13, 2026 10:15:26
    AI security is broken at runtime: Most enterprises dont realize it yet

    Date:
    Wed, 13 May 2026 09:02:22 +0000

    Description:
    Most organizations are still applying traditional security models to a fundamentally different kind of workload, and its leaving a critical gap.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Artificial intelligence didnt roll out slowly. In fact, at times it feels like it landed all at once.

    In just a few years, systems that began as internal experiments are now embedded in customer support, fraud detection, software development, and even IT infrastructure operations. AI is now part of the operational backbone of modern enterprises. Latest Videos From You may like You cant firewall a conversation: how AI red-teaming became mission-critical The mobile app traffic your security team can't see and AI agents are generating it Four
    key areas in cybersecurity that need fresh thinking and actionable steps in 2026

    But theres a problem. Anand Kashyap Social Links Navigation

    CEO and co-founder, Fortanix. While AI capabilities have advanced, the way we secure them hasnt kept up.

    Most organizations are still applying traditional security models to a fundamentally different kind of workload, and its leaving a critical gap at runtime, or the exact moment when AI systems do their work. The Illusion of Coverage For years, enterprise security has focused on two primary states of data: when its stored and when its moving. Encryption for data at rest and in transit, with identity and access controls for both. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    These controls still matter. But theres a third state thats far more complex and far less protected: data in use.

    When an AI model runs, sensitive data is actively processed in memory. Model weights, which are often the most valuable intellectual property an organization owns, are loaded into memory. Prompts, responses and contextual data are generated and transformed in real time.

    In most environments, all of that becomes visible to the underlying system. The uncomfortable reality is that even well-secured environments can expose their most valuable assets at the moment theyre being used. What to read next Securing AI infrastructure is critical here's how to do it Friend or foe?
    AI: The new cybersecurity threat and solutions The Human Risk Reckoning: Why security must evolve for an AI-augmented workforce Where AI Security Actually Breaks When security teams investigate AI-related risks, the root cause
    rarely traces back to perimeter defenses. The issues tend to emerge deeper in the lifecycle across three key phases:

    1. Training: When data quietly leaks into models. Training pipelines span storage systems, shared compute environments, orchestration layers and debugging tools. They can be messy: data moves constantly, intermediate artifacts are created and cached, and logs accumulate quickly.

    In this environment, sensitive information might surface in unexpected
    places. Models themselves may unintentionally retain elements of the
    sensitive data they were trained on. And model weights, which encapsulate
    that learning, are often handled more casually than they should be.

    This all creates a subtle but serious risk where exposure doesnt always come from a direct attack. Sometimes it comes from normal development practices.

    2. Inference: An overlooked exposure layer. Once a model is deployed, attention shifts to inference, or the point at which inputs become outputs.

    On the surface, it looks simple. But in practice, inference workflows involve multiple streams of sensitive data, including user prompts and queries, generated responses, internal enterprise data retrieved to ground outputs,
    and the model itself.

    Much of this data is processed through monitoring tools , logging systems and debugging pipelines, often in plaintext.

    Even without a breach, sensitive information can be exposed through routine operations. Troubleshooting dashboards might capture more than intended, or logs could persist longer than expected. Shared infrastructure also
    introduces more potential for leakage.

    Inference security isnt only about blocking access. Its about controlling
    what happens during execution, and most organizations arent doing that yet.

    3. Runtime: The blind spot in modern security. The most critical yet least protected phase is the runtime phase. This is where models actually execute, encrypted data is decrypted, and model weights exist in memory. And its precisely where traditional security models fall short.

    Even in environments with strong identity management controls and encryption policies, runtime assumes a certain level of trust in the underlying system. If that system is compromised, or even simply misconfigured, the protections around it dont matter because keys are still released, workloads still run, and sensitive assets are still exposed.

    This is why runtime is currently the weakest link, and why it has emerged as the true security boundary for AI systems. Why the Problem Becomes Worse at Scale As organizations expand their use of AI tools , the risks dont just increase. They multiply. AI workloads are rarely isolated. They more commonly run across distributed environments, shared accelerators, and multi-tenant infrastructure. They interact with internal systems and external services,
    and they operate continuously, not intermittently.

    This creates a compounding effect:

    1. More data flowing through more systems.

    2. More models deployed across more environments.

    3. More opportunities for exposure during execution.

    At the same time, the value of whats being processed is going way up. Proprietary models are becoming core business assets, and sensitive
    enterprise data is being used to fine-tune outputs and drive decisions.

    In this context, a single weak point at runtime becomes a major systemic
    risk. Top Priority: Rethinking Trust in AI Systems The core issue isnt a lack of security tools. Its a mismatch in assumptions when it comes to trusting
    the infrastructure AI runs on.

    With traditional security, the assumption has always been that once a
    workload is inside a trusted environment, it can be relied upon to behave securely. But AI changes this because these systems are dynamic. They process sensitive data continuously, rely on complex stacks that are difficult to fully validate, and often run in environments that organizations dont fully control.

    In other words, crossing the perimeter isnt the hard part anymore. Staying secure after crossing it is.

    To address this, security needs to move closer to the workload itself. So, instead of focusing only on protecting access to systems, organizations need to protect what happens inside them, particularly during execution. That means:

    1. Ensuring that data remains protected even while its being processed,

    2. Preventing unauthorized access to model weights during runtime,

    3. Verifying that workloads are running in trusted environments before allowing them to execute.

    This is where approaches like Confidential Computing and hardware-based isolation are making a difference. By creating protected execution environments and tying access to cryptographic verification, the industry is moving security from assumption-based trust to proof-based trust.

    In simple terms: dont trust the system. Make it prove its secure. Security
    Has Moved to the Moment of Use For years, organizations have invested in securing where data lives and how it moves. But with AI, the most important moment is when the model runs, and data, logic and decision-making converge
    in real time.

    Thats where the real risks are, and thats where security needs to be focused.

    The organizations that recognize this shift early will set themselves up to scale AI safely. Those that dont may find that their most advanced systems, built on an outdated trust models, are highly vulnerable.

    In modern AI, security isnt defined by the perimeter. Its defined by what happens inside it. We've ranked the best endpoint protection software, to protect and manage security on mobile devices as well as desktops . This article was produced as part of TechRadar Pro Perspectives , our channel to feature the best and brightest minds in the technology industry today.

    The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit



    ======================================================================
    Link to news story: https://www.techradar.com/pro/ai-security-is-broken-at-runtime-most-enterprise s-dont-realize-it-yet


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)