An "AI Exposure Gap" could be the most worrying security issue your business isn't aware of (www.techradar.com)

Tenable’s new research flags an “AI exposure gap”: while 89% of organizations are running or piloting AI, security practices are lagging and one in three AI adopters (34%) have already suffered an AI-related breach. Crucially, these incidents aren’t driven by exotic model attacks but by familiar failures — software vulnerabilities (21%), insider threats (18%) and misconfigurations — and only 22% of firms fully classify and encrypt AI data. Tenable argues enterprises are scaling AI faster than they can secure it, leaving fragmented visibility and reactive defenses that amplify risk. For the AI/ML community this reframes priorities: protecting AI environments means strengthening classic controls across new pipelines, not just hardening models. Tenable recommends making compliance frameworks (NIST, EU AI Act) a starting point, expanding vulnerability management to data-at-rest/in-transit, identity governance, access management, misconfiguration monitoring, workload hardening, and secrets management. Only 26% perform AI-specific testing such as red‑teaming, underscoring the need for proactive, pipeline-aware security and observability. In short, organizations should treat AI systems as complex software ecosystems — shore up foundational controls, encrypt and classify data, and adopt continuous testing — to close the AI exposure gap before attackers exploit routine weaknesses.