LLM security gaps: are your controls keeping up?

TL;DR: Enterprises are deploying LLMs across chatbots, copilots, and autonomous agents faster than they can enforce visibility, policy, and runtime controls, creating exposure in data handling, prompt injection, and agentic workflows, according to WitnessAI. The governance problem is no longer model quality; it is whether security teams can observe, constrain, and audit AI activity before business data and actions escape control.

NHIMG editorial — based on content published by WitnessAI: enterprise LLM security and runtime defense guidance

By the numbers:

• When AWS credentials are exposed publicly, attackers attempt access within an average of 17 minutes and as quickly as 9 minutes in some cases.

Questions worth separating out

Q: How should security teams implement LLM security across copilots and agents?

A: Security teams should treat LLM security as a layered control problem, not a model tuning problem.

Q: Why do LLMs create new identity and access risks for enterprises?

A: LLMs create identity and access risks because they sit between users and systems while handling data, instructions, and actions in the same workflow.

Q: What do organisations get wrong about AI policy enforcement?

A: The common mistake is assuming that a written policy meaningfully constrains AI behaviour without technical enforcement.

Practitioner guidance

• Inventory every AI touchpoint Build a continuously updated catalogue of chatbots, copilots, embedded AI, agents, and MCP server connections, including where they ingest data and which identities they can act through.
• Inspect prompts and responses at runtime Enforce bidirectional inspection before prompts reach the model and before outputs reach users or downstream systems.
• Tokenize sensitive data before model exposure Replace credentials, PII, customer records, and proprietary values with non-reversible stand-ins before they leave the enterprise boundary.

What's in the full article

WitnessAI's full blog post covers the operational detail this post intentionally leaves for the source:

• The specific network-level visibility approach used to observe AI activity beyond browser-only controls.
• The intent-based policy logic that distinguishes legitimate business use from unsafe conversational context.
• The bidirectional runtime defense flow for prompts, responses, and agent tool calls in production.
• The data tokenization and redaction behaviour for sensitive values before external model exposure.

👉 Read WitnessAI's full guide to enterprise LLM security and runtime controls →

LLM security gaps: are your controls keeping up?

Explore further

View Full Forum →  |  NHI Foundation Course →