嗯,用户让我帮忙总结一篇文章,控制在100字以内,而且不需要特定的开头。我得先仔细阅读文章内容,找出主要观点。 文章主要讲的是AI的采用速度超过了传统的网络安全治理,导致组织面临风险。关键点包括过度授权的身份、未监控的供应链依赖,以及如何通过10个策略来关闭攻击路径。 还有提到安全团队在用手动流程对抗机器速度的威胁,需要从基于数量的管理转向基于上下文的风险管理。非人类身份的问题也很严重,52%的非人类身份有过度权限。供应链武器化也是一个重点,第三方风险从被动变成主动。 最后,文章推荐使用Tenable One Cloud Security这样的工具来整合多种安全措施,减少暴露面。 现在要把这些内容浓缩到100字以内,确保涵盖主要风险和解决方案。 </think> 文章指出AI采用速度超过传统网络安全治理能力,导致组织面临过度授权身份、未监控供应链依赖等风险。建议通过10个策略关闭关键攻击路径,并强调需从手动流程转向基于上下文的风险管理。同时指出非人类身份占主导地位及供应链武器化问题。 2026-2-19 13:50:0 Author: www.tenable.com(查看原文) 阅读量:7 收藏
February 19, 2026
5 Min Read
AI adoption is outpacing traditional cyber governance. The “Tenable Cloud and AI Security Risk Report 2026” reveals how overprivileged identities and unmonitored supply chain dependencies leave orgs exposed. We offer 10 tactics to shut down your most critical attack paths.
Key takeaways
- The velocity trap: Security teams are fighting "machine-speed" threats with manual processes; you must move from volume-based management (fix everything, or try to) to context-based exposure management (fix what matters) to stay ahead.
- The non-human identity crisis: With 52% of non-human identities holding critical excessive permissions, the "identity attack surface" is now dominated by overprivileged roles rather than human users.
- Supply chain weaponization: Third-party risk has evolved from passive flaws to active compromise. Mapping the blast radius of external entities is no longer optional—it is a core requirement for governance, risk, and compliance (GRC).
The velocity trap
Every year, the gap between "how fast we build" and "how well we protect" creates a new set of silent liabilities. In the “Tenable Cloud and AI Security Risk Report 2026,” we’ve analyzed real-world telemetry from diverse public cloud and enterprise environments to identify where this gap is most dangerous. The data reveals a critical tension: While teams are rushing to integrate AI and leverage third-party code, they are inadvertently creating direct, unmonitored paths to sensitive data.
1. The AI security posture blind spot
AI adoption is no longer experimental. According to a recent study by Cloud Security Alliance (CSA) in partnership with Tenable, 55% of organizations now use AI tools for active business needs. However, this engineering speed has created a systemic control gap in the underlying access infrastructure.
Our latest telemetry analysis, performed via Tenable One Cloud Security, reveals the technical reality: 18% of organizations have overprivileged IAM roles that AWS AI services can instantly assume. These roles often carry critical administrative permissions but are rarely audited for least-privilege alignment.
18% of organizations harbor overprivileged IAM roles that AWS AI services can assume – including a 13% critical exposure layer primed for high-impact compromise.
Also of considerable concern is the "dormancy gap." We found that 73% of Amazon SageMaker roles and 70% of Amazon Bedrock agent roles are currently inactive. These abandoned roles act as a pre-packaged catalog of privileges waiting to be claimed by an attacker who gains a foothold in your AI environment.
2. The poisoned supply chain: code and access
Cloud security risk management must now account for active weaponization, as supply chain weaknesses have evolved from passive, latent flaws to immediate, active compromise.
The third-party code risk
- Vulnerable packages (passive risk): A staggering 86% of organizations have at least one third-party code package containing a critical-severity vulnerability.
- Malicious packages (active threat): 13% of organizations have deployed third-party code packages with a known history of compromise, such as those affected by the s1ngularity or Shai-Hulud malware campaigns.
13% of organizations — nearly one in eight — have deployed at least one third-party code package with a known malicious history.
The access risk
It isn't just about the code you import; it's about the permissions you grant to external entities, such as partners, suppliers and contractors. Our research shows that 53% of organizations have given third parties access to internal systems via external accounts capable of assuming highly risky, excessive permissions. In many cases, the "blast radius" is massive: 14% of organizations expose over 75% of their total cloud resources to trusted third-parties via these external accounts. If a single trusted vendor is breached, the adversary gains a direct path for lateral movement across your entire estate.
Why these findings demand action now
Modern governance must address these converging threats, as our research shows that for 70% of organizations, AI and model context protocol (MCP) packages have become core components of the production cloud stack.
- The AI standing privilege risk: 18% of organizations harbor AI services with administrative permissions that are rarely audited.
- Non-human identities dominate: 52% of non-human identities possess critical excessive permissions, outpacing human identities (37%). Over a third of these non-human roles are inactive — a large but easily mitigated exposure.
- Massive supply chain blast radius: Single-vendor compromises can grant an adversary instant lateral movement across your most sensitive systems.
52% of non-human identities are highly overprivileged, of which 37% are inactive. Eliminating these inactive “ghost” roles is the most efficient path to reducing the identity attack surface.
Summary takeaways: How effective is CNAPP in managing AI and cloud security risks?
Standard security tools often fail because they lack the unified context of how identities, workloads, and AI services intersect. To safely navigate the velocity trap, organizations need a modern GRC framework powered by exposure management —not basic scanning. Tenable One Cloud Security provides this unified context through a CNAPP that integrates AI-SPM, CIEM, DSPM, and CSPM to address the full spectrum of cloud and AI risk:
- Neutralize ghost roles and classify data: Tenable Cloud Security's identity-first approach automatically identifies inactive roles while DSPM classifies sensitive data. Mapping access to your sensitive data allows you to automate the cleanup of the most dangerous exposure paths—including dormant AI service entitlements that expand the identity attack surface.
- Prioritize via exploitability: Tenable One correlates cloud misconfigurations, identity risks, and vulnerability data to surface real exploitable exposures rather than flat severity scores. This exposure context lets you systematically remove the "sitting ducks" that attackers strike first—whether they're overprivileged AI roles, vulnerable third-party packages, or excessive external entitlements.
- Enforce zero trust with JIT access: Tenable Cloud Security's Just-in-Time (JIT) access eliminates permanent attack paths by ensuring overprivileged roles—including those assumed by AI services—only activate when needed, containing the "blast radius" during a potential compromise.
Tenable One Cloud Security enables you to achieve AI risk management and cloud security risk management by providing the unified visibility needed to close these exposure gaps – across hybrid and multi-cloud environments. Ready to see the full data and discover all 10 strategic recommendations?
Register now to download the full “Tenable Cloud and AI Security Risk Report 2026”
Liat Hayun
VP of Product and Research, Tenable Cloud Security
Liat Hayun is the VP of Product and Research at Tenable Cloud Security. Prior to joining Tenable, Liat co-founded and served as CEO of Eureka Security, a data security company that was acquired by Tenable. Before co-founding Eureka Security, Liat spent over a decade leading cybersecurity efforts at the Israeli Cyber Command and at Palo Alto Networks. As VP of Product Management at Palo Alto Networks, Liat led the development of Cortex XDR and the company’s managed threat hunting service.
- Cloud
Cybersecurity news you can use
Enter your email and never miss timely alerts and security guidance from the experts at Tenable.
如有侵权请联系:admin#unsafe.sh