Technology

AI working group aims to secure and streamline generative AI deployment amid rising vulnerabilities

Wednesday, 5 November 2025 5:06AM UTC

Amid significant investment and rapid technological growth, the Bace Cybersecurity Institute proposes an AI Working Group to address security and integration challenges in deploying generative AI across industries, highlighting the risks of vulnerabilities, shadow AI, and flawed implementations.

Generative Artificial Intelligence (GenAI) and intelligent agents powered by it hold transformative potential to significantly boost productivity across various sectors. However, the cybersecurity landscape and application development of these technologies remain in early stages, with the industry just starting to grapple with inherent vulnerabilities and integration challenges. According to Dr. Mark Cummings of the Bace Cybersecurity Institute (BCI), accelerating the learning curve demands collaborative frameworks that enable professionals to share experiences and establish best practices. To this end, BCI is exploring the creation of an AI Working Group (AIWG), a platform aiming to unify expertise to tackle both the security and developmental hurdles of GenAI deployment.

Security concerns with GenAI are multifaceted. Early apprehensions focused on how GenAI could enhance the scale and sophistication of cyberattacks. Subsequently, attention shifted to the susceptibility of AI models themselves—especially during training phases, where model corruption can occur unintentionally or through malicious interference. These risks underscore the necessity for stringent controls over training data sources and supply chains. Moreover, prompt injection attacks, where corrupted or malicious data infiltrate the AI’s context window, pose a rising threat. These attacks can manifest through direct user prompts or embedded data, including imperceptible manipulations like invisible text or embedded characters in images, sometimes in multiple languages. This vulnerability is particularly significant as AI-powered intelligent agents gain traction in critical environments such as contact centre automation, but the risk spans far broader, endangering business-to-business and consumer applications, as well as industrial and infrastructure control systems.

From a development perspective, while AI chatbots have achieved widespread acceptance, the evolution towards more autonomous intelligent agents—capable of executing complex tasks—mirrors the leap from basic personal computing to the era of computers actively performing work on users' behalf. Yet, industry progress is hampered by a steep learning curve. A notable MIT study reveals a striking statistic: 95% of current GenAI pilots within companies fail to deliver meaningful revenue or productivity improvements, indicating that effective application remains elusive despite rapid technological advancements.

The MIT NANDA initiative’s research highlights that success is predominantly seen among nimble startups focusing on highly specialised use cases and leveraging external expertise, achieving up to $20 million in annual revenue. In contrast, large enterprises often falter due to flawed integration of GenAI tools within existing workflows, misaligned budgets prioritising sales and marketing over high-return areas like back-office automation, and a tendency to develop in-house solutions rather than partnering with specialised vendors. These challenges are compounded by the phenomenon of 'shadow AI', where employees adopt unapproved AI tools, complicating governance and increasing security risks.

Additional insights reveal that many organisations overspend on cloud infrastructure without adequately addressing associated IT gaps, such as outdated help desk systems—identified by more than half of enterprises as a cybersecurity vulnerability. Cloud-based IT support solutions are emerging as crucial enablers of improved security and efficiency, with reported gains of 42% in IT process effectiveness and 29% in cybersecurity levels, thereby underscoring the importance of modernised, secure infrastructure in underpinning AI initiatives.

Despite substantial investment—reportedly between $30 billion to $40 billion in GenAI—the broader corporate world remains cautious. The integration difficulties are not purely technological but also cultural and organisational. Barriers such as lack of system interoperability, concerns over sensitive data leaks, regulatory compliance, traceability, and limited customisation capabilities slow adoption. The rise of shadow AI demonstrates both the desire for AI tools and corporate hesitation to fully embrace them officially due to security and governance concerns.

In summary, while generative AI promises sweeping productivity gains and transformative changes akin to the personal computing revolution, the journey to realising this potential is fraught with security risks, developmental setbacks, and organisational obstacles. Initiatives like the AI Working Group proposed by the Bace Cybersecurity Institute represent critical steps towards collective knowledge-building and resilience. Meanwhile, the corporate community’s cautious approach and the ongoing evolution of best practices suggest that a more secure, specialised, and integrated future for GenAI applications is on the horizon.

📌 Reference Map:

^[1] (Pipeline Pub - Cybersecurity GenAI Agentic AI) - Paragraph 1, Paragraph 2, Paragraph 3, Paragraph 4
^[2] (Pipeline Pub - Cybersecurity GenAI Agentic AI) - Paragraph 1, Paragraph 2
^[3] (TechRadar - MIT GenAI Pilots) - Paragraph 3, Paragraph 4
^[4] (Tom’s Hardware - MIT GenAI Study) - Paragraph 3, Paragraph 4
^[5] (NoHold - MIT GenAI Pilots) - Paragraph 4
^[6] (BusinessOf.Tech - MIT GenAI Pilots and Cloud) - Paragraph 5
^[7] (El País - Generative AI Corporate Caution) - Paragraph 6

Source: Noah Wire Services

More on this

https://www.pipelinepub.com/cybersecurity-asssurance-2025/cybersecurity-GenAI-agentic-AI - Please view link - unable to able to access data
https://www.pipelinepub.com/cybersecurity-asssurance-2025/cybersecurity-GenAI-agentic-AI - This article discusses the potential of Generative AI (GenAI) and intelligent agents to enhance productivity. It highlights the industry's nascent understanding of security vulnerabilities and the challenges in developing effective applications. The Bace Cybersecurity Institute (BCI) is exploring the creation of an AI Working Group (AIWG) to facilitate the sharing of experiences and development of best practices among professionals. The article also addresses AI security challenges, including the risk of increased security attacks and the need for adequate controls during training to prevent model corruption.
https://www.techradar.com/pro/almost-all-genai-pilots-companies-deploy-are-failing-are-they-really-worth-the-hype - A recent report by MIT's NANDA initiative reveals that 95% of companies deploying Generative AI (GenAI) initiatives aimed at accelerating revenue are failing, producing little to no tangible financial impact. Only a small fraction—about 5%—are achieving success, mostly driven by agile startups led by very young founders who have rapidly scaled revenues up to $20 million annually. The study highlights that specialization is critical to successful GenAI implementation. Effective strategies focus on solving a single, well-defined problem, often through partnerships with specialized vendors, who demonstrate a 67% success rate compared to significantly lower success with internal model development.
https://www.tomshardware.com/tech-industry/artificial-intelligence/95-percent-of-generative-ai-implementations-in-enterprise-have-no-measurable-impact-on-p-and-l-says-mit-flawed-integration-cited-as-why-ai-projects-underperform - An MIT study revealed that 95% of generative AI implementations in enterprises fail to impact profit and loss (P&L) due to flawed integration with existing workflows, not because the AI tools malfunction. The study, based on 150 interviews, a survey of 350 employees, and 300 public AI deployments, showed that only 5% of AI pilot programs led to rapid revenue growth by focusing on specific problems and pairing with the right partners. Many companies misuse generative AI by prioritizing sales and marketing instead of back-office automation tasks where AI excels. In-house AI implementations also have lower success rates compared to those using specialized providers, though industries like finance and healthcare prefer in-house tools to mitigate regulatory risks. Additionally, while AI hasn’t triggered massive layoffs, companies are increasingly not replacing vacated entry-level administrative and customer support roles, signaling potential future job displacement in these areas.
https://www.nohold.com/2025/mit-genai-pilots-are-failing/ - A recent MIT article uncovered a surprising truth: while GenAI technology is advancing rapidly, most enterprise pilots are falling flat—not due to technical limitations, but because of organizational and strategic missteps. The core reasons for these failures include integration failure, budget misalignment, vendor success over in-house development, and the rise of 'shadow AI' complicating governance. The report emphasizes the importance of aligning AI tools with existing workflows, properly allocating budgets, partnering with specialized vendors, and managing unauthorized AI tool usage to improve the success rate of GenAI initiatives.
https://businessof.tech/2025/08/25/mit-finds-95-of-genai-pilots-fail-while-businesses-overspend-on-cloud-and-ignore-it-gaps/ - Aditya Challapally, the lead author, noted that many companies are faltering not due to the quality of AI models, but rather a 'learning gap' in integrating these tools into their operations. The report highlights that more than half of generative AI budgets are allocated to sales and marketing, even though the highest returns are found in back-office automation. Outdated IT help desks are proving to be a significant barrier for businesses, as highlighted by recent research from Aberdeen, which indicates that 55% of organizations identify data breaches as a major hurdle in IT support. The increased reliance on cloud services is pressing 45% of businesses to modernize their support systems, with 28% actively pursuing automation to enhance efficiency. Cloud-based help desk solutions are emerging as a promising answer, with 49% of businesses already utilizing these systems to improve service quality and security. Notably, organizations using cloud solutions report a 42% increase in efficient IT processes and a 29% improvement in cybersecurity, illustrating the transformative potential of modern IT support systems.
https://elpais.com/proyecto-tendencias/2025-09-19/la-ia-generativa-se-tropieza-con-la-cautela-del-mundo-corporativo.html - Despite the rise of generative artificial intelligence (AI) in the workplace, its effective integration into companies remains limited. According to an MIT report, 95% of pilot projects fail to achieve measurable results, primarily due to technological adaptation difficulties rather than a lack of infrastructure or talent. While between $30,000 and $40,000 million have been invested in generative AI, only the media and programming sectors show real disruptions. Issues such as lack of personalization, traceability, integration with internal systems, and regulatory compliance hinder its adoption. The phenomenon of 'shadow AI', where employees use tools on their own without corporate control, shows that the technology offers value but lacks official and secure implementation. Business distrust, fear of leaks of sensitive data, and the lack of autonomy of the models also act as brakes. Although the situation recalls other technologies in early stages like blockchain, the report maintains that the future of AI remains promising and that there is still room for more vertical, automated, and secure developments. Meanwhile, there is growing demand for solutions that guarantee the security and reliability of these systems.

Noah Fact Check Pro

The draft above was created using the information available at the time the story first emerged. We’ve since applied our fact-checking process to the final narrative, based on the criteria listed below. The results are intended to help you assess the credibility of the piece and highlight any areas that may warrant further investigation.

Freshness check

Score: 7

Notes: The narrative presents recent developments in generative AI and intelligent agents within cybersecurity, with references to studies and initiatives from 2025. However, the Bace Cybersecurity Institute (BCI) and its proposed AI Working Group (AIWG) lack verifiable online presence, raising concerns about the authenticity of these claims. Additionally, the article is hosted on Pipeline Publishing, which has previously published similar content, suggesting potential recycling of material. The earliest known publication date of similar content is from 2024. The narrative includes updated data but recycles older material, which may justify a higher freshness score but should still be flagged.

Quotes check

Score: 6

Notes: The article includes direct quotes attributed to Dr. Mark Cummings of the Bace Cybersecurity Institute. However, no online matches for these quotes were found, raising questions about their authenticity. The lack of verifiable sources for these quotes suggests potential fabrication or misattribution.

Source reliability

Score: 4

Notes: The narrative originates from Pipeline Publishing, which has previously published similar content, suggesting potential recycling of material. The Bace Cybersecurity Institute and its proposed AI Working Group lack verifiable online presence, raising concerns about the authenticity of these claims. The absence of verifiable sources for the quotes attributed to Dr. Mark Cummings further diminishes the reliability of the source.

Plausability check

Score: 5

Notes: The narrative discusses the challenges and developments in generative AI and intelligent agents within cybersecurity, referencing studies and initiatives from 2025. However, the lack of verifiable sources for key claims, such as the existence of the Bace Cybersecurity Institute and its proposed AI Working Group, raises questions about the plausibility of the information presented. The absence of supporting details from other reputable outlets further diminishes the credibility of the claims.

Overall assessment

Verdict (FAIL, OPEN, PASS): FAIL

Confidence (LOW, MEDIUM, HIGH): HIGH

Summary: The narrative presents recent developments in generative AI and intelligent agents within cybersecurity, referencing studies and initiatives from 2025. However, the Bace Cybersecurity Institute and its proposed AI Working Group lack verifiable online presence, raising concerns about the authenticity of these claims. The article is hosted on Pipeline Publishing, which has previously published similar content, suggesting potential recycling of material. The lack of verifiable sources for the quotes attributed to Dr. Mark Cummings further diminishes the reliability of the source. The absence of supporting details from other reputable outlets and the lack of verifiable sources for key claims raise significant questions about the plausibility and credibility of the information presented.

Generative AI
Cybersecurity
AI development
Corporate adoption