Tenable flags widening AI exposure gap as supply chain risk and identity failures mount

Tenable has warned that enterprises are drifting into what it describes as a “zero-margin” AI exposure gap, where cyber risks are being inherited faster than organisations can identify or fix them. The finding comes from Tenable’s Cloud and AI Security Risk Report 2026, which points to a dangerous convergence of AI adoption, third-party software dependencies and poorly governed cloud identities.

Based on an analysis of real-world cloud environments, the report argues that engineering velocity—accelerated by AI tools and reusable code packages—has overtaken the human ability to assess, prioritise and remediate risk. As a result, exposures are accumulating quietly across applications, infrastructure, identities, agents and data, often without central security oversight.

Tenable describes this as an “AI exposure gap”: a largely invisible layer of risk that most security teams are not currently equipped to manage. The research highlights weaknesses across AI security posture, software supply chains, least-privilege enforcement and cloud workload exposure, all of which, it says, now require urgent attention.

The scale of the problem is illustrated by the report’s findings. More than two-thirds of organisations analysed have already integrated at least one AI-related or Model Context Protocol third-party package, embedding AI deeply into their environments. In doing so, many have also inherited supply chain risk: 86 per cent were found to be hosting third-party code packages with critical-severity vulnerabilities, and nearly one in eight had deployed packages with a known history of compromise.

Identity governance emerges as another major fault line. Tenable’s research shows that AI services are frequently granted powerful permissions that are rarely reviewed, effectively creating pre-assembled privilege sets that attackers can exploit. Non-human identities—such as AI agents and service accounts—now represent a higher risk profile than human users, driven by toxic combinations of access and permissions that fragmented security tools fail to correlate.

The report also draws attention to the persistence of “ghost” secrets: unused or unrotated cloud credentials that continue to exist long after their original purpose has disappeared. Sixty-five per cent of organisations were found to have such credentials, with a significant portion linked to administrative privileges. Nearly half of identities with critical excessive permissions were dormant, compounding the difficulty of detection.

According to Liat Hayun, Senior Vice President of Product Management and Research at Tenable, the findings underline how embedded AI is reshaping the threat landscape. She said that AI systems woven into infrastructure introduce risks that defenders must address alongside emerging cloud threats, particularly when visibility and governance are lacking. In her view, organisations need to shift away from managing abstract “security debt” and instead focus on understanding the unified exposure paths that translate directly into business risk.

Tenable’s guidance stresses that securing AI is inseparable from securing identity. It calls for tighter least-privilege controls for AI roles, the elimination of static secrets and stronger governance over non-human identities. Just as importantly, it argues that third-party code and external accounts should be treated as extensions of the enterprise itself, requiring unified visibility across software packages, identities, virtual machines and cloud services.

The Cloud and AI Security Risk Report 2026 draws on anonymised telemetry collected from public cloud and enterprise environments between April and October 2025, with AI-specific findings extended through December. Taken together, the data suggests that as AI becomes embedded by default, exposure management—rather than isolated vulnerability management—will increasingly determine whether organisations can keep pace with attackers in a cloud- and AI-driven world.