Thought Leaders

AI Won’t Fix Broken Security Foundations

mm
Published

AI sharpens visibility, analysis, and decision-making, but its effectiveness is constrained by the quality of the underlying environment

“Does it use AI?” has become the default question in conversations about security products, raised by security leaders and echoed in nearly every vendor pitch.  

The problem is that it is the wrong question. Whether a product uses AI doesn’t mean it will help strengthen an organization’s security posture. AI isn’t a cure-all for all cybersecurity issues. Its value depends on how it is applied, which starts with clearly defining the problem you want to solve. 

 The better question is: “What specific security gap are we trying to close, and does this AI-powered technology actually help close it?”  

What AI does well 

AI delivers value in security across three key areas. First, it fills in data gaps. Security teams pull data from dozens of sources, including outdated asset inventories, identity systems that do not capture all access relationships, and network telemetry that miss certain traffic. AI can infer context from incomplete datasets to build a more complete picture of assets, identities, connectivity, and workload behavior.  

AI also improves analysis at scale. The signal-to-noise problem in security operations is severe and worsening. AI can correlate events across multiple data sources, surface the alerts that warrant attention, and push low-priority noise out of the analyst’s field of view. This is where most security vendors have focused their AI investment. SOC teams spend less time triaging low-value alerts and more time on activities that require human judgment. 

Third, once AI has enriched data and analyzed signals, it can guide action by recommending the next step, such as which policy change will mitigate risk, which response action fits the behavioral pattern, or where a configuration needs to change.  

AI delivers the most value when it improves context, analysis, and decision-making. It enhances strong security practices, but it cannot compensate for missing ones. 

Why Weak Foundations Still Fail 

AI is constrained by the inputs an organization feeds it. Those inputs (e.g., telemetry, architecture, policies, controls, and existing tools) define the boundaries of what AI can do. Sharpen those inputs, and AI produces sharper results. Weaken them, and the output degrades. 

Without the context to identify an absence, AI has no way to report one. It won’t take it upon itself to examine an environment and flag what is missing. It will not tell a security team that the network lacks adequate segmentation, that access controls are too permissive, or that visibility gaps are leaving entire segments of the environment unmonitored.  

AI does not escape the old data quality principle, “garbage in, garbage out,” it reinforces it. Weak telemetry produces weak analysis. Flawed controls give AI something to optimize in the wrong direction. Incomplete visibility means decisions are made from a partial picture, and AI makes those decisions faster, not more accurate. Speed is not an improvement when the underlying information is unreliable. 

That is why the quality of the foundation matters before any AI capability comes into play. A strong foundation includes identity and access controls that enforce meaningful boundaries, least privilege across users, workloads, applications, data, microsegmentation to limit lateral movement, and comprehensive visibility/observability across the environment. It also requires reliable telemetry and a clear understanding of how systems connect and depend on each other. 

None of this is new. These are the same disciplines security teams have discussed for years, from the shift to mobile to the move to cloud. What has changed is the cost of neglecting them. AI can amplify a strong security foundation, but it cannot replace one. 

Agentic AI changes the risk equation 

The shift isn’t from no AI to AI; it’s from AI that assists AI that acts. Traditional AI analyzes data, surfaces insights, and recommends next steps. Agentic AI executes across systems, data, and workflows without waiting for a human decision. 

Think of it this way: deploying 100 AI agents overnight is effectively like hiring 100 new employees who never log off, operate at machine speed, and have access to whatever systems their permissions allow. But unlike human employees, these agents don’t pause, question, or apply judgment about when that access should be used. They execute continuously, moving across systems and touching multiple applications exactly as they are allowed. 

That’s the gap. Your access model assumes human behavior (e.g., discrete actions, slower pace, and some level of judgment). AI agents remove those constraints. So, if permissions are too broad (or inaccurate), they don’t just sit unused or get misused occasionally; they’re exercising constantly, at scale, across every system they touch. 

The risk compounds when an organization assigns an agent the same access profile as a specific user, they create a clone, not a helpful proxy. That clone has the same broad permissions as the original, runs continuously and may expose the organization to the same risks whether its behavior is malicious or only misconfigured. 

In the age of AI, identity, access control, least privilege, segmentation, and observability are no longer just best practices—they are foundational security requirements. A recent Cloud Security Alliance briefing developed with SANS, the OWASP Gen AI Security Project, and a community of practitioners, reinforces the point that agentic AI does not make these fundamentals obsolete. It makes them nonnegotiable.  

What AI-ready security looks like 

Treating AI readiness as a procurement question and focusing on which AI-enabled tools to implement ignores the fact that AI readiness is an architecture, governance, and controls issue. The question is not which tools to buy, but whether the environment will support AI operating safely. 

Start with visibility. Before deploying any AI capability, security teams need a clear picture of what exists in the environment: assets, workloads, identities, applications, data, AI models, agents, and third-party connections. That inventory is not something AI can build for you. It is the starting point AI needs to do anything useful. 

From there, define the problem. Identify the control gap or specific risk first. Decide which outcome needs to improve. Then ask whether AI can help close that gap better than other approaches. Organizations that reverse this order by starting with an AI tool and then looking for a problem to apply it to tend to generate activity without improving security. 

Applying zero trust principles to AI agents is where this becomes operational. The instinct is often to define what agents should not do, but that list will always be incomplete. A more reliable approach is to be prescriptive about what each agent can do, give it only the access a defined task requires and enforce those limits across every layer of the stack. Segment the systems agents can reach so that if one behaves in ways outside its defined boundaries or an attacker abuses it, the damage stays contained. 

Finally, an increase in activity is not a success metric. AI will increase the volume of actions a security team takes, but that does not mean it’s improving security. A dashboard that presents a lot of activity doesn’t signal that AI is delivering value. 

Measure outcomes, such as whether alert volumes are falling in ways that reflect genuine signal and the level of risk is dropping faster in the areas that count most. Ensure policy recommendations strengthen controls, enable the security team to contain incidents faster, and allow SOC analysts to spend more time on work that requires human judgment.  

The foundation comes first 

AI is not the foundation of a strong security posture. It is a force multiplier, and like any multiplier, its value depends entirely on what you apply it to. 

Organizations that have built sound architecture with clear visibility, enforced least privilege, segmentation, and strong identity controls can use AI to sharpen their context, accelerate analysis, and act on better information. Those who have not will find that AI moves them faster in the wrong direction, optimizing flawed controls and surfacing insights from an incomplete picture. 

The question that must be asked before making any AI investment is the same one that should drive every security decision: What problem are we trying to solve? If the answer is clear, and the architecture to support it is in place, then AI can make the solution more effective. If the answer is vague or the foundation is weak, adding AI will not change that. It will just make the gap harder to see. 

AI won’t fix a broken foundation. It will just make the cracks visible faster.

mm

Raghu Nandakumara is Vice President of Industry Strategy at Illumio, the breach containment company. Based in London, UK, he helps customers and prospects across many industries build resilience and accelerate Zero Trust outcomes with Illumio Segmentation.

Previously, Raghu spent 15 years at Citibank, where he held a number of network security operations and engineering roles. Most recently, he served as a Senior Vice President, where he was responsible for defining strategy, engineering, and delivery of solutions to secure Citi’s private, public, and hybrid cloud environments. Raghu holds an undergraduate degree in mathematics and computer science from the University of Cambridge, and a master’s degree in advanced computing from Imperial College London.