A harmful pattern has persisted in cybersecurity for years: products are launched before they are truly secure. Security-by-design principles are often ignored, and security teams are left to deal with the fallout. The common mindset is, “We’ll patch it later” or “It’ll be fixed in the next version.” Even though this approach has clear flaws, it continues—and is getting worse. According to the 2025 Verizon Data Breach Investigations Report (DBIR), breaches caused by exploited vulnerabilities increased by 34% in the past year, and over half of edge device vulnerabilities were still unpatched a full year later.
Now, the same issue is happening with artificial intelligence. AI systems are being pushed through development too quickly, released with known flaws and weak safeguards. IBM’s Cost of a Data Breach report found that 97% of organizations hit by an AI-related security incident did not have proper AI access controls in place. Yet many in the tech industry are strongly opposing safety rules and standards, claiming they will slow down progress and limit innovation.
The dangers of prioritizing speed and marketing over safety are becoming clear—and they make the old “break it, then fix it” approach seem almost harmless by comparison. AI is less understood than many past disruptive technologies. It’s evolving faster than defenses can keep up, and it’s being built into critical systems before anyone fully understands the risks.
AI agents are the newest feature being rolled out across the industry, but they bring a new kind of internal threat that current security systems were never designed to handle. These agents are entering development workflows and supply chains before anyone fully grasps how they work. Unlike simple chatbots, they can create, delete, and modify files on their own—without human approval. Their presence alone creates a new risk: automated actors with write access inside company networks. The 2025 Verizon DBIR found that third-party involvement in breaches doubled in one year, rising from 15% to 30%. As AI agents become another type of third-party dependency, that risk will only grow.
At the same time, many organizations are letting go of experienced security experts and replacing them with AI tools or staff who lack the deep security knowledge needed to judge whether AI-generated outputs are truly safe. The people who were let go usually understood the specific business environment and threats their company faced and adapted accordingly. Losing that expertise creates its own security risks. AI doesn’t have the same institutional knowledge or real-world context those employees had. More importantly, AI doesn’t have any real domain expertise at all. Companies are quick to cut that kind of talent, but rebuilding it takes years. In the meantime, those organizations will keep piling up technical debt.
Any one of these risks should make security leaders rethink how fast they adopt AI. But it’s also worth questioning the belief that regulation will slow innovation. Looking at other high-tech industries, we see that regulation hasn’t stopped progress—it’s guided it. For example, the global community set strict standards for genetic research, including tight safety rules for gain-of-function studies. Those rules haven’t blocked major advances in genomics and biotech—CRISPR-based treatments are now used in medicine. But they’ve helped prevent serious harm. Similar safety frameworks exist for nuclear energy, commercial aviation, and spacecraft development. In every case, the question was never whether to move forward, but how to move forward without causing damage that can’t be undone.
Making AI systems safe starts with requiring security-by-design and safety-by-design for any AI tool used in an organization—with clear, testable proof that these principles were followed from the beginning. Vendor promises aren’t enough, because many lack the internal ability to assess their own security, and they have little reason to be fully honest. Security leaders, as buyers, should demand the same things they’d require for any critical system: test results, audit logs, and documented security reviews.
Experienced human experts must stay part of the verification process—because AI systems can fake compliance reports just as easily as they generate fake code or fake citations. An AI agent asked to follow security-by-design might claim it did, even if it didn’t; this kind of overly agreeable behavior is well-documented.
For organizations already using AI widely, it’s important to audit what’s actually in use across the company—because much of it is likely unauthorized. Upguard’s State of Shadow AI report found that 81% of regular employees and 88% of security staff use unapproved AI tools at work. That raises both risk and cost. As noted, companies using unsanctioned AI tools pay significantly more when breaches happen.
But none of these steps matter if security leaders won’t challenge hype-driven timelines and explain to their executives that responsible adoption isn’t slow adoption. The ACM Code of Ethics and Professional Conduct states clearly: professionals must anticipate and avoid harm. Security leaders can and should use that principle when advising their boards and leadership to take a thoughtful, careful approach to AI. They have the knowledge to spot the dangers in this technology—and that knowledge comes with a responsibility.
The decisions made in the next few years will decide whether AI is built on a solid foundation—or one that must be torn down and rebuilt at huge cost. Organizations that invest in safeguards now are more likely to create stable, trustworthy systems and build lasting customer trust. Those that don’t may end up stuck with systems they can’t easily fix, defending technology they don’t fully understand, with few or no experienced staff to help them fix it.
The argument for moving fast without safety measures assumes that the cost of caution is higher than the cost of failure. The evidence shows the opposite. IBM’s 2025 breach report found the global average cost of a data breach was $4.44 million, and companies with high levels of shadow AI paid an extra $670,000 on average. So far, no company has gained a lasting market edge by being first to launch an AI feature that later had to be pulled back, patched, or publicly explained.
The organizations that will succeed long-term are the ones whose systems can withstand scrutiny from regulators, customers, and attackers. Security leaders making this case to their boards aren’t arguing for slower adoption—they’re arguing for adoption that doesn’t have to be redone. Hasty decisions often lead to regret. Being the first to cause a preventable disaster is never a smart strategy.
About the Author
Eugene H. Spafford is a Distinguished Professor of Computer Science at Purdue University. Over his 48-year career in computing—including 39 years as a faculty member at Purdue—Spaf (as he’s widely known) has worked on issues in privacy, public policy, law enforcement, software engineering, education, social networks, operating systems, and cybersecurity. He helped develop foundational technologies in intrusion detection, incident response, firewalls, integrity management, and forensic investigation. He is a Fellow of the American Academy of Arts and Sciences (AAA&S) and the Association for the Advancement of Science (AAAS); a Life Fellow of the ACM, IEEE, and ISC2; a Distinguished Fellow of the ISSA; and a member of the Cyber Security Hall of Fame—the only person ever to hold all these honors.
Spaf can be reached online at linkedin.com/in/spafford.
