Tenable has released its Cloud and AI Security Risk Report 2026, warning that organizations are inheriting AI-driven cyber risks faster than they can contain them.
The cybersecurity firm said rapid engineering velocity — fueled by AI adoption, third-party code and cloud expansion — has outpaced the human-led ability to assess, prioritize and remediate risks before attackers exploit them.
At the center of the report is what Tenable calls the “AI Exposure Gap,” a largely invisible layer of risk emerging across applications, infrastructure, identities, AI agents and data. According to the company, most security teams are not fully equipped to manage this expanding attack surface.
Tenable’s analysis of cloud environments found severe risks across AI security posture, software supply chains, least-privilege implementation and cloud workload exposure.
The report revealed that 70 percent of organizations have integrated at least one AI or Model Context Protocol third-party package, often embedding AI into applications and infrastructure without centralized security oversight.
Meanwhile, 86 percent host third-party code packages with critical-severity vulnerabilities, reinforcing the software supply chain as a primary and persistent exposure point. Nearly 13 percent have deployed packages previously associated with compromise, including malware strains such as s1ngularity and Shai-Hulud.
Identity-based risk also emerged as a growing concern. The study found that 18 percent of organizations have granted AI services administrative permissions that are rarely audited, creating what Tenable describes as a ready-made privilege catalog for attackers.
Non-human identities, including AI agents and service accounts, now represent a higher risk level at 52 percent compared to 37 percent for human users. These accounts often form what the report describes as “toxic combinations” of permissions that fragmented security tools fail to detect.
The research further showed that 65 percent of organizations possess so-called “ghost” secrets — unused or unrotated cloud credentials — with 17 percent tied to critical administrative privileges. Additionally, 49 percent of identities with excessive critical permissions are dormant, increasing the likelihood of unnoticed exploitation.
“AI systems embedded in infrastructure pose a critical risk that CISOs and defenders must address, in addition to anticipating emerging threats from both AI and cloud technologies. Lack of visibility and governance means teams are at the mercy of new exposures, including over-privileged identities in the cloud,” said Liat Hayun, senior vice president of Product Management and Research at Tenable. “By focusing on the unified exposure path, organizations can stop managing ‘security debt’ and start managing actual business risk.”
The company said organizations must secure AI integration through comprehensive visibility and identity-centric controls, including enforcing least privilege for AI roles, eliminating static secrets and reducing third-party supply chain exposure.
The findings are based on anonymized telemetry collected from public cloud and enterprise environments between April and October 2025, with AI-related data extending through December 2025.
Tenable defines exposure management as the practice of identifying, evaluating and prioritizing risks across all potential attack entry points, including software vulnerabilities, misconfigurations, identity risks, cloud gaps and shadow assets introduced through AI and third-party supply chains.