back
“AI agents are transforming business.” Insert the word “agentic” in front of AI, and suddenly you have magical abilities to…..well, we’re not sure. One thing we do know is that organizations expecting transformation in a good way need a robust Plan B in case their expectations are not met. Agents need data to work with. Data is the Achilles heel of AI. We know that. Attackers know that, too. They’re already taking full advantage of organizations’ inadequate understanding data destined for AI use and co-opting it to score major breaches.
We recently gave a presentation on why organizations’ data isn’t ready for use in agentic processes, and the response from this technical audience was threefold. “What?” “You’re kidding.” And “oh shit.” So we thought we’d share it with you.
In this series of posts, we’ll start with the fact that most organizations have zero visibility over their actual data—and why. We’ll end with a real-life negotiation between agentic robots. We’ll even hold your beer.
No One Really Knows their Data
Everyone thinks they know what data is moving around their organization, but they actually can’t see it at the binary level. Can you see the data moving between apps, users, agents and the cloud? Do you have control over it once it’s left a repository? Probably not. And you’re not alone. But it means that you now have risks that you can’t identify, let alone calculate. Let alone mitigate.
Invisible data going into AI results in compounded risk
If organizations really see and know their data, why would they be sending internal data to GenAI applications? How does non-public, employee, or customer information get into AI models?
You see what we mean. So how does that work out? There have been numerous examples of unintended consequences of not being able to see what data you have and what it’s doing, but here’s one.
Email as AI Attack Vector
We’ll use a real email breach as an example. Email is a universal data repository that everyone has, but few would name as a business-critical data asset. In many organizations, emails are retained for seven years or more, and they include messages, attachments, and sensitive information from employees who may have left the company long ago. That raises an important question: does anyone actually know what’s sitting in there right now?
In this particular attack, a malicious MCP npm package from a cyber attacker domain injected a prompt and exfiltrated an organization’s email. A single line of code silently directed thousands of high-trust messages to the domain. Imagine this is youremail system. Thousands of emails containing personal data, sensitive communications, password reset requests, two-factor authentication codes, financial information, and customer details are gone and you never knew.
It’s more than just the data compromised now. Even with cybersecurity controls on email, the company is compromised legally, financially, potentially operationally, and in the market through damaged brand reputation and lost customer/partner goodwill. In our next post, we’ll show you why this isn’t just a one-time, static data breach.
Want to see what’s in your data?
Contact us at https://www.flyingcloudtech.com/contact/ or your Google Sales Representative to arrange an assessment. We can implement CrowsNest from Google Cloud or Oracle Cloud Infrastructure on a chosen data store within minutes. We recommend beginning with email data, because it’s mission-critical to most organizations, enables real-time visibility, and represents a significant source of unidentified risk that can be quickly mitigated.