Notifications
Clear all
Topic starter
03/06/2026 5:14 pm
TL;DR: The core issue is not AI adoption itself, but the visibility gap around prompt-level data sharing and downstream file movement that current governance models cannot fully see, according to Cyera.
NHIMG editorial — what this means for NHI practitioners
By the numbers:
- Systems with least-privileged AI access had a 17% incident rate vs 76% for over-privileged systems.
Questions worth separating out
Q: How should security teams govern employee use of public AI tools in the browser?
A: They should treat browser AI use as an identity and data-control problem, not just an acceptable-use issue.
Q: Why do AI agents create governance problems that normal access reviews miss?
A: AI agents can read, copy, transform, and re-share data after the original access decision, so a static review of entitlements does not capture downstream impact.
Q: What breaks when security teams only track file access and not file lineage?
A: They lose sight of derivative risk.
Practitioner guidance
- Establish browser-level AI controls Instrument managed and unmanaged browser use so security teams can identify what data is pasted into AI tools, which identity was active, and whether blocking or alerting happened before the prompt left the organisation.
- Extend data governance to file derivatives Track copied, transformed, and shared files as first-class governance objects, because derivative artefacts can carry sensitivity long after the original document is accessed.
- Separate investigation from remediation authority If you allow MCP-connected security agents, scope them to retrieve and analyse first, then require explicit approval before any action that changes access, data state, or ticket status.
The operational signal is not whether AI exists, but whether security can observe the session before data becomes unrecoverable?
👉 Read Cyera’s analysis of Browser Shield, data lineage, and MCP for enterprise AI security →
Explore further
03/06/2026 5:19 pm
Browser-level AI visibility is becoming a control prerequisite, not a nice-to-have. The security problem starts before a policy engine in the network stack has a chance to act, because employees are already pasting sensitive data into AI tools inside the browser. That means the effective control boundary has shifted closer to the user session, where identity, content, and destination all need to be evaluated together. Practitioners should treat this as a visibility requirement for modern AI adoption, not a narrow browser feature decision.
A few things that frame the scale:
- Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation, according to AI Agents: The New Attack Surface report.
- 70% of organisations grant AI systems more access than they would give a human employee performing the exact same job, according to The 2026 Infrastructure Identity Survey.
A question worth separating out:
Q: How do security teams decide whether to let AI agents automate investigations?
A: They should permit automation only for tightly scoped, read-heavy tasks with clear logging and human approval for any state change. If an agent can investigate, decide, and act in the same workflow without review, the organisation has delegated operational authority, not just convenience. That changes accountability and control design.
👉 Read our full editorial: Cyera’s AI security controls expose the real enterprise AI gap
