Zscaler warns enterprise AI systems can be breached in under two hours

AI adoption surges 91% yearly, with massive corporate data flowing into GenAI tools

Researchers urge AI-driven Zero Trust defenses against machine-speed attacks

The risks of embedding AI tools into business processes without being fully mindful of potential security issues could be far greater than everyone thinks, new research has claimed.

Zscaler found many businesses can be breached in less than two hours, and after that - could lose their sensitive data in mere minutes.

“When enterprise AI systems are tested under real adversarial conditions, they break almost immediately,” the researchers said, noting how in controlled scans, they were able to find critical vulnerabilities in under 90 minutes for the majority of systems tested (90%). The median time to first critical failure was 16 minutes, and in most extreme cases, the defenses were bypassed in a single second.

Autonomous, machine-speed attacks

Despite the grim outlook, AI is being introduced in the enterprise at breakneck speeds. AI and ML activity increased 91% year-on-year, across an ecosystem of more than 3,400 applications.

Finance & Insurance remains the most AI-driven sector by volume, making up almost a quarter (23%) of all AI and ML traffic. Technology, and Education, on the other hand, blew up in usage, 202% and 184%, respectively.

Enterprise data transfers to AI applications rose 93% year-on-year and hit 18,033 terabytes.

The massive influx of data has transformed tools like Grammarly (3,615 TB) and ChatGPT (2,021 TB) into the “world’s most concentrated repositories of corporate intelligence”, it was said.

Yet businesses are not paying attention to security. Many organizations “lack a basic inventory of active AI models and embedded features, leaving them unaware of exactly where sensitive data is exposed.”

"AI is no longer just a productivity tool but a primary vector for autonomous, machine-speed attacks by both crimeware and nation-state," said Deepen Desai, EVP Cybersecurity at Zscaler.

"In the age of Agentic AI, an intrusion can move from discovery to lateral movement to data theft in minutes, rendering traditional defenses obsolete. To win this race, organizations must fight AI with AI by deploying an intelligent Zero Trust architecture that shuts down the potential paths for the attackers of all kinds."

