Effective cybersecurity must go beyond addressing hackers who seek to gain access to AI company data by toppling security systems. A comprehensive system will also address insider threats and the data vulnerabilities that can occur due to internal oversights.
It’s easy to see why hackers have set their sights on the AI industry. Training artificial intelligence models requires gathering vast amounts of data. And training data that includes financial records, protected health information, and other sensitive data — as it often does — is valuable to cybercriminals.
However, external threats are not the only security concern that AI companies must address. The value of AI training data also creates a risk of insider threats, while the sheer volume of storage it demands opens the door to distinct data vulnerabilities.
The recent experience of AI company DeepSeek provides a telling illustration. In early January 2025, the company’s free AI assistant topped Apple’s US App Store, overcoming rival ChatGPT. But days later, media reports revealed that an internal vulnerability had dangerously exposed the company’s data.
According to cloud security company Wiz, which uncovered the DeepSeek vulnerability, the issue provided anyone with complete control over DeepSeek’s database operations, including access to the company’s internal data. Wiz stated that the DeepSeek vulnerability “underscores the fact that the immediate security risks for AI applications stem from the infrastructure and tools supporting them.”
To address the immediate security risks Wiz highlights, AI companies must understand potential vulnerabilities and insider threats and develop strategies to address them.
Data vulnerabilities that make it easier for cybercriminals
AI systems involve a number of components: cloud storage to house data, networks to deploy AI models, and security systems to prevent unauthorized access. Vulnerabilities in any of those systems can expose data to unauthorized use.
Misconfigurations in cloud environments that threaten security can include overly permissive identity and access management. Applying the principle of least privilege boosts security. Generally, users or service accounts shouldn’t have access to any data they don’t specifically need to fulfill their unique roles.
Misconfigured storage buckets can also lead to vulnerabilities. This issue can involve incorrectly configured access control lists or user error that leaves data storage buckets publicly accessible.
The libraries and frameworks used in AI model development can also introduce system vulnerabilities. These tools often have known security issues, which are logged in the Common Vulnerabilities and Exposures (CVE) database. Using outdated versions with unpatched vulnerabilities can make it easier for bad actors to gain unauthorized access.
Security policies and practices can also introduce vulnerabilities to systems. For example, weak password policies and a lack of multi-factor authentication (MFA) can make it easy for hackers to gain access. A lack of data governance policies can lead to a lack of standardization and reliability in how data is handled, stored, and accessed.
See also: With AI, It’s a Complex Future for Cybersecurity
Insider threats that lead to data exposure
Whereas hackers need to work hard to unlock the doors guarding sensitive data, insiders are handed the keys. They often have privileged access to critical data and systems. And because they regularly access the data, insider activity threatening data can be difficult to detect.
Financial gain is one of the chief motivators prompting an insider to play a role in data breaches. Reports show that, in 2024, the average ransom payment given in exchange for stolen data was $2.73 million. The promise of even a small amount of such a payment can motivate an employee to play a role in helping hackers gain access to data.
Recent reports reveal a trend in which North Korean hackers pose as IT workers to be hired by AI companies. In one case, the hacker, described as a “North Korean nation-state threat actor,” began installing malware immediately upon being given network access. An investigation revealed the hacker used deepfake technology to obtain the position and a virtual private network to disguise his remote location. In another case, a similar hacker/hire stole company data and demanded a six-figure ransom for its return.
The frustrations and anger felt by disgruntled employees — an employee passed over for a promotion or denied an insurance claim, for example — can motivate them to play a role in stealing data. Disgruntled employees also pose a threat of data poisoning, which devalues AI data by compromising its quality.
In some cases, insider threats are caused by negligence rather than malice. An employee who fails to follow certain security practices can create a vulnerability. Companies that don’t prioritize security training for all employees increase the risk of this type of insider threat.
Real-time strategies that minimize threats
Deploying real-time detection strategies is essential for minimizing the damage that data vulnerabilities and insider threats can cause. Data loss prevention systems that constantly monitor systems can detect any activity that varies from the norm. By detecting anomalies in real time, companies can follow up in a way that allows them to catch insiders in the act.
The first step in activating real-time detection is establishing a baseline for system activity. Once normal patterns are established, suspicious activity can be more easily identified. Real-time activity readings can help identify insider attacks, such as a user downloading a higher volume of data than usual, and data vulnerabilities, such as data transfers happening through an unusual portal.
Standard practices that enhance security
To add to the protection provided by real-time activity readings, AI companies should also adopt several proactive measures to secure data. Zero-trust security models have become a common security standard that guards data by assuming no user or device is inherently trustworthy. MFA is a common element of zero-trust security frameworks.
Data encryption is another critical component of effective security for AI companies. Encrypting data at rest in a company’s servers makes it less vulnerable to exploitation in the event of a breach and less attractive to insider threats. Likewise, encrypting data in transit keeps it from being vulnerable if intercepted by hackers.
Encryption becomes especially valuable for AI companies that share data with third parties. AI data is commonly shared with data labeling and annotation services, data aggregators, and analytics providers. If it is not encrypted at each stage of the transfer to and from those companies, the risk of theft or insider manipulation increases.
When a breach or breakdown in security occurs, an incident response plan is essential. Everyone in the company should know what to do if they know or suspect a breach has occurred. Even with real-time detection, security won’t be effective if companies don’t quickly activate a plan for containing the breach and minimizing data loss.
Effective cybersecurity must go beyond addressing hackers who seek to gain access to AI company data by toppling security systems. A comprehensive system will also address insider threats and the data vulnerabilities that can occur due to internal oversights. Integrating real-time detection capabilities into those systems gives companies an added edge, allowing them to identify and contain malicious activity before it can lead to significant data loss.
