AI security

CrowdStrike has earned Frost & Sullivan’s “Company of the Year” awards for Cloud Workload Security and Global SaaS Security Posture Management for the second consecutive year. These accolades highlight CrowdStrike’s leadership in cloud runtime security, especially for AI workloads and SaaS platforms. Their unified, runtime-first approach provides comprehensive visibility and real-time protection, addressing the expanding digital attack surface in the cloud era.

Financial services globally are heavily adopting AI, with Singapore leading. Its institutions are integrating AI into production, particularly in payments, driven by a focus on compliance and leveraging advanced cloud infrastructure. Despite talent shortages and budget concerns, partnerships with fintechs are common. The sector is moving beyond experimentation to operational AI, with a parallel rise in AI-enabled security threats requiring increased spending and advanced defenses.

ETSI has released EN 304 223, the first global European Standard for AI cybersecurity. It mandates organizations embed baseline AI security requirements into their governance, clarifying responsibilities for Developers, System Operators, and Data Custodians. The standard addresses AI-specific risks and emphasizes security throughout the AI lifecycle, from design to end-of-life, promoting secure AI adoption.

.Resemble AI closed a $13 million strategic round—bringing its total funding to $25 million—with investors including Berkeley CalFund, Comcast Ventures, Google’s AI Futures Fund and others. The capital will expand its real‑time deep‑fake detection platform, featuring DETECT‑3B Omni (98 % accuracy across 38+ languages) and Resemble Intelligence, an explainability tool powered by Gemini 3. Deployed in entertainment, telecom and government, the solution addresses rising fraud losses projected at $40 billion by 2027. The company’s 2026 outlook predicts mandatory verification for official communications, identity‑centric security models, heightened regulatory readiness, and rising cyber‑insurance premiums.

Verkada, a cloud‑based physical‑security startup, secured $100 million in a CapitalG‑led round, lifting its valuation to $5.8 billion. The funding will accelerate its AI product stack, complementing $1 billion in annualized bookings from 30,000 enterprise customers across retail, education and transportation. Verkada’s platform unifies cameras, sensors and access control, delivering AI features such as a Unified Timeline that stitches video clips into searchable narratives. Partnerships, like with TeraWatt, showcase AI‑driven analytics for high‑value assets.

A Wiz report reveals widespread security vulnerabilities within leading AI companies due to rapid innovation outpacing security measures. Analyzing the top 50 AI firms, 65% had exposed secrets like API keys on GitHub, granting unauthorized access to sensitive systems and models. The report advocates for a “Depth, Perimeter, and Coverage” scanning approach to uncover hidden risks and improve AI supply chain security. It also urges companies to treat employees as part of the attack surface and prioritize proactive secret scanning to mitigate potential data breaches and IP theft.

Security researchers have identified a novel cybersecurity threat called ‘prompt hijacking’ that exploits vulnerabilities in AI communication protocols like the Model Context Protocol (MCP). A flaw in the *oatpp-mcp* implementation allows attackers to inject malicious commands into user sessions, potentially leading to code injection, data exfiltration, or arbitrary command execution. Organizations should enforce secure session management with cryptographically secure session IDs, strengthen client-side defenses, and implement zero-trust principles for AI protocols to mitigate this and similar attacks. This highlights the need to adapt established security practices to protect the growing AI ecosystem.

The “Dialogue on AI & Cyber Governance” in London addressed the growing need for corporate AI security as AI integrates into physical infrastructure. Experts from academia and industry, including Tuya Smart, discussed building robust cyber governance frameworks and using AI to enhance cybersecurity. Key topics included addressing vulnerabilities from AI adoption, standardizing security frameworks, and the geopolitical aspects of supply chain security. Participants agreed on the need for global collaboration to develop effective AI security standards. Tuya Smart highlighted its security initiatives and collaborative approach to fostering secure AI development.

CrowdStrike (CRWD) shares jumped over 12% after an investor day presentation outlining strong long-term financial projections, including a 20% net new ARR growth rate by 2027 and a $10 billion ARR goal by 2031. The company’s acquisition of Pangea, an AI security platform, and a strategic partnership with Salesforce further boosted investor confidence. Analysts cite CrowdStrike’s advanced AI security capabilities and proactive market approach that led to revised upward price targets, highlighting the company’s leadership in the expanding cybersecurity landscape.

Palo Alto Networks (PANW) launched “Be A Genius. Deploy Bravely,” an AI-driven marketing campaign featuring historical innovators. Utilizing tools like Google Veo and Gemini, PANW significantly reduced ad production time from nine months to one week and costs from millions to under $1,000 per ad. AI was also used to predict ad effectiveness. The campaign, appearing on platforms like CNBC and LinkedIn, signals a move towards AI in marketing, mirroring a broader industry trend of AI adoption. PANW emphasizes the security of AI initiatives with its Prisma® AIRS™ platform.