Notifications
Clear all
Topic starter
11/06/2026 11:00 pm
TL;DR: 2025 marked the year enterprise AI moved from prompt monitoring to action monitoring, with agents carrying out end-to-end tasks, RAG security formalising, and compliance frameworks becoming non-negotiable according to Lasso Security. The lesson is that governance now has to follow runtime behaviour, access scope, and auditability instead of treating model output as the whole risk surface.
NHIMG editorial — based on content published by Lasso Security: 2025 Predictions vs. Reality: A Year of Measured Progress in AI Security
By the numbers:
- By mid-2025, 74% of startup workloads were already in production, showing how far GenAI had matured beyond pilot phases.
- Anthropic overtook OpenAI in enterprise usage at 32% versus 25%, while open-source adoption declined from 19% to 13%.
Questions worth separating out
Q: How should security teams govern AI systems that can act, not just generate text?
A: Security teams should govern AI systems as delegated executors with traceable access, not as passive software.
Q: Why do AI agents change the way IAM and NHI controls work?
A: AI agents change IAM and NHI controls because the decision to act happens at runtime, not just at provisioning time.
Q: What do security teams get wrong about prompt leakage?
A: They often treat prompt leakage as the whole problem when it is only one layer of exposure.
Practitioner guidance
- Map delegated AI access paths List every external system, knowledge base, and workflow an AI system can reach, then tie each path to a specific owner, permission set, and review cycle.
- Separate prompt protection from policy enforcement Classify prompts as sensitive configuration, then enforce authorisation, logging, and approval controls outside the model so policy survives prompt leakage.
- Instrument retrieval and tool use Monitor which corpora are queried, which tools are invoked, and which identities authorise those requests so you can detect retrieval hijacking and scope creep.
What's in the full article
Lasso Security's full article covers the operational detail this post intentionally leaves for the source:
- The article's full discussion of how enterprise buyers shifted from experimentation to production deployment across 2025.
- The detailed breakdown of agentic AI, RAG security, and MCP as the year-end security architecture themes.
- The specific market comparison of enterprise model adoption, including the 32% versus 25% usage split.
- The article's own 2026 outlook on where AI security and compliance enforcement are heading next.
👉 Read Lasso Security's 2025 AI security predictions and reality check →
2025 AI security shifted from prompts to actions?
Explore further
12/06/2026 7:29 am
2025 proved that AI security has moved from content control to action control. The article's core finding is not that models became smarter, but that enterprises allowed them to act. That changes the governance problem for IAM, NHI, and PAM because the risk now sits in delegated execution, tool use, and data access rather than in prompts alone. Practitioners should read this as a shift from model monitoring to identity governance for machine-driven action.
A few things that frame the scale:
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems (39%), inappropriately sharing sensitive data (31%), and revealing access credentials (23%), according to AI Agents: The New Attack Surface report.
- Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation.
A question worth separating out:
Q: How do organisations know if AI governance is actually working?
A: AI governance is working only if the organisation can show which identities accessed which data sources, which tools were invoked, and what actions were executed in production. If those artefacts are missing, the programme has visibility into model output but not into real operational risk. Auditability is the practical test.
👉 Read our full editorial: AI security in 2025: agents, compliance and model consolidation
