As AI Systems Decide and Act, Visibility Becomes the Foundation of AI Security
Published
We sat down with Kartik Shahani, Vice President of India and SAARC at CrowdStrike, to discuss why securing AI systems, agents, and interactions remains one of the most pressing cybersecurity challenges facing enterprises today.
Shahani spent more than two decades leading security operations at companies including Tenable, RSA, IBM, Dell EMC, and McAfee. He says that organisations cannot secure AI deployments they cannot see, emphasizing visibility as a prerequisite for effective protection.
As AI systems reason, decide, and take action across enterprises, attackers target the AI interaction layer to hijack agents, manipulate outcomes, and access sensitive data.
These systems operate with human-like privileges, thereby expanding the attack surface and exposing gaps in legacy security controls.
Once passive tools reliant on human input, AI systems are participants in organisational workflows. This makes machine-speed visibility and governance critical to modern cyber defense.
Vishwa: How are adversaries currently targeting enterprises’ use of AI, and how is this threat landscape evolving?
Kartik: AI is accelerating business innovation and operations, while simultaneously expanding the attack surface that must be secured.
AI agents
- Execute commands
- Access sensitive data
- Create downstream workflows directly on the endpoint
- These are often indistinguishable from legitimate user activity
However, agents do not stay on the endpoint, they work across SaaS platforms, browsers, cloud environments, and AI pipelines.
This means organisations need to secure AI at both its point of execution on the endpoint and across any surface where AI agents operate.
Vishwa: Are organisations underestimating the AI prompt and interaction layer as a critical attack surface? Why is AI detection and response (AIDR) becoming a non-negotiable capability for modern security postures?
Kartik: With AI moving from experimentation to enterprise-wide adoption, organisations need to secure the AI interaction layer – where AI systems reason, decide, and take action – against prompt injection attacks that hijack agents, manipulate outcomes, and access sensitive data.
The 2026 CrowdStrike Global Threat Report reveals adversaries exploited legitimate GenAI tools at more than 90 organisations by injecting malicious prompts to generate commands for stealing credentials and cryptocurrency.
To secure the AI interaction layer, organisations need runtime inspection for AI services and detection of prompt injection attacks, data leaks, and policy violations. An AI Detection and Response (AIDR) capability provides real-time protection for the interaction layer and AI workloads by securing prompts, responses, and agent actions at enterprise scale.
Vishwa: How can organisations secure their AI adoption end-to-end, from endpoints to the AI interaction layer? And what frameworks or governance models should organisations implement to secure AI and AI agent deployments?
Kartik: AI and AI agents are no longer passive tools reliant on human interactions. AI now autonomously executes terminal commands, modifies files, accesses sensitive data, and creates complex workflows directly on organisations’ endpoints — operating with system-level privileges that were once only accessible for human users.
This evolution in AI capability creates an unprecedented security challenge as legacy perimeters, static application controls, and signature-based defenses were never designed to govern or secure autonomous software that acts like a human operator.
With the enterprise attack surface expanding from the application layer to the execution layer, security enforcement and strategies must move in parallel.
Machine-speed visibility and governance are essential to securing AI and are critical to modern cyber defenses.
To secure their AI deployments end-to-end, organisations should embrace the following framework:
- Assess your AI footprint because you cannot secure what you cannot see.
- Deploy endpoint security to gain visibility of agentic activity and adversary exploitation.
- Deploy prompt-layer protection with AIDR to inspect prompts and responses in real time, and detect injection attacks, data leaks, and policy violations for AI applications on the endpoint.
- Govern AI agent permissions and data access by mapping the potential blast radius of each agent deployment and prioritizing remediation for agents with access to critical systems or sensitive data.
Vishwa: What key capabilities should security leaders deploy to secure AI systems and manage the risks of shadow AI?
Kartik: Security leaders need to establish unified visibility and real-time protection across the entire AI lifecycle, from endpoints – the point of AI execution – to every surface where AI agents operate – including SaaS platforms, browsers, and cloud environments.
With traditional security controls simply not designed to secure or govern AI, organisations need a unified security platform that closes the gap between AI adoption and enforcement.
To secure AI at the execution layer, organisations need an Endpoint Detection and Response (EDR) capability that delivers AI runtime protection to detect suspicious behaviour and contain threats before they spread, automatically discovers shadow AI deployments, assesses the blast radius of a compromise, and extends prompt-layer protection to desktop AI applications – such as ChatGPT, Claude, and Gemini.
Securing AI systems, data, and agents in SaaS platforms and cloud environments requires organisations to have capabilities that deliver unified, real-time visibility of SaaS usage, AI agent activity and data access, how data flows into AI services, and identifies shadow AI operating in the cloud and application layers. Organisations’ AIDR capability should also extend across cloud environments to secure AI workloads running in the cloud.
Vishwa: How should organisations rethink accountability and ownership when AI systems make decisions or take actions that could introduce security risks?
Kartik: To realise the transformational benefits AI delivers, organisations must be able to ensure trust in their AI deployments and tools with effective governance, control and security measures.
These should include establishing clear policies for AI and monitoring its use, securing AI workloads, enforcing strict access controls and data classification to prevent sensitive data leaks, mandating secure configurations and vulnerability assessments for new AI products, and assessing the security of third-party vendors.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular