AI and Cybersecurity: The Hidden Risks Companies Miss
Most companies can tell you how fast they are adopting AI. Far fewer can describe what that adoption did to their security posture.
The adoption numbers are settled. McKinsey found that 88% of organizations now use AI in at least one business function, up from 78% a year earlier. Protection has not kept pace. IBM’s 2025 Cost of a Data Breach Report found that 63% of breached organizations had no AI governance policy in place or were still writing one. That distance between fast arrival and slow protection is where the damage happens.
To understand the gap, we sat down with Yair Gaon, a Strategic Solution Partner at Euvic US who has spent decades at the intersection of software engineering and enterprise security. After years away from the public eye, he returned to technology for this specific moment.
His return traces to a relationship that predates most of today’s AI companies. Gaon first worked with Leszek James, who now leads Euvic US, as a student at James’s U.S. startup Metrosoft more than 35 years ago.
The Security Question Most Companies Skip
Every leader Gaon meets wants to talk about speed. How quickly can we implement AI, where does it fit, how do we stay competitive. That urgency makes sense. One question rarely comes up alongside it.
The data supports him. Among organizations that reported an AI-related breach, 97% lacked proper AI access controls, according to IBM. Thirteen percent reported a breach of their AI models or applications, the first year IBM tracked the category, a sign AI is already a high-value target.
The cost of skipping the question tends to surface late.
Teams weighing that tradeoff can borrow the lens from our 15-point outsourcing risk assessment, where security and compliance gaps sit as a named category to score.
What the Wrong AI Partner Leaves Behind
Demand has produced a crowded field. Gaon watches new AI firms surface every week, each promising enterprise-grade delivery.
Skip the groundwork and a familiar pattern follows: the solution performs on the surface while quietly opening holes in systems that used to be secure.
That pattern carries a measurable price. Breaches tied to shadow AI, the unsanctioned tools employees adopt without oversight, ran roughly $670,000 above the average incident in IBM’s data, and one in five breached organizations traced an incident back to it. Attackers have joined the same wave, with 16% of breaches involving AI on the offensive side, most often AI-generated phishing and deepfake impersonation. Gaon reduces the equation to a single sentence.
Regulated sectors feel this first. Our writing on cybersecurity in the financial sector and cloud computing security shows where those access points open.
How Euvic Builds AI Securely
The counterweight to a rushed rollout is a partner that has protected regulated systems for years. Gaon frames the choice plainly.
His method reads as a sequence rather than a bolt-on.
Experience anchors the distinction he draws.
That same security-first posture shapes our broader AI solutions and the industries we serve.
How to Adopt AI Without Widening Your Attack Surface
Security discipline in AI comes down to sequencing. A handful of practices separate careful adopters from the organizations IBM keeps counting.
- Map the attack surface before you build: List every system the AI will touch, every data flow it opens, and every new access point it creates. Choices made at the architecture stage cost far less than the ones forced after an incident.
- Write the governance policy first: With 63% of breached organizations missing one, a documented standard for approved tools, access, and audits is table stakes.
- Vet partners on security depth, not demo polish: Ask how a vendor handles data governance, encryption, and regulatory compliance on day one. Thin answers there are a signal worth trusting.
- Treat shadow AI as an active threat: Give teams sanctioned tools and clear guardrails so productivity stops routing around security.
Build AI on a Secure Foundation with Euvic
AI adoption will keep accelerating. The organizations that come out ahead pair that speed with security built in from the first line of code. Gaon left an open door for leaders wrestling with the tradeoff.
For more than 20 years, Euvic has built and secured software for finance, healthcare, and manufacturing clients, with 6,000+ engineers in specialized teams. Review our case studies, explore our services across custom development, cloud, data, and cybersecurity, or reach out to run a security-first read on your AI roadmap.
Euvic is a competitive advantage for us. The technical excellence that Euvic has brought is not easily matched and their support has become integral to our growth strategy.

Euvic is a competitive advantage for us. The technical excellence that Euvic has brought is not easily matched and their support has become integral to our growth strategy.

Euvic is a competitive advantage for us. The technical excellence that Euvic has brought is not easily matched and their support has become integral to our growth strategy.

Talk to Your Local Euvic Team











.png)
.png)

.jpg)
%201%20(1).jpg)

%20(1).png)








.webp)










































































