The New AI Attack Surface: Why Organizations Must Prepare for Secure Innovation

Artificial intelligence is rapidly moving from pilot projects and productivity experiments into the core of how organizations operate. Companies are using AI to analyze data, automate workflows, improve decision-making and develop new services. In healthcare, transport, public administration and critical infrastructure, AI has the potential to unlock significant value.

But the same development is also reshaping the cyber threat landscape. As large language models and AI agents become more advanced, they are not only creating new opportunities for innovation. They are also opening a new attack surface. More powerful models may make it faster, cheaper, and easier to identify vulnerabilities, automate parts of attacks, and exploit weaknesses across digital infrastructure. For many organizations, this creates a new strategic dilemma: they cannot afford to fall behind on AI — but they also cannot afford to adopt it without the right security, infrastructure, and governance in place.

AI Technology Changes the Economics of Cyberattacks

Cyberattacks have traditionally required time, expertise, and resources. AI is beginning to change that. Advanced models can help analyze systems, identify weaknesses, write code, and automate repetitive tasks. For defenders, this can strengthen security operations and speed up response. For attackers, it may lower the barrier to entry and make attacks easier to scale.

Anthropic’s Claude Mythos Preview has already shown why these matters. The UK AI Security Institute found that the model showed significant improvement in multi-step cyber-attack simulations, while reporting also suggests that it was able to complete a difficult cybersecurity test that previously evaluated models had not solved. Anthropic has kept the model in a limited defensive cybersecurity program rather than releasing it publicly, underlining how powerful AI systems can create both defensive opportunities and serious misuse concerns.

The concern is not one specific tool, but the broader development of AI systems and agents that can increase the speed and sophistication of both legitimate and malicious activity. Future AI capabilities may help attackers find vulnerabilities, exploit poorly maintained infrastructure, or extract value from stolen data more efficiently. As a result, old weaknesses — unpatched systems, unclear access rights, exposed data, and poorly governed cloud environments — become more dangerous.

For Nordic and European organizations, this matters because many depend on complex digital infrastructure, supply chains, and sensitive data. In sectors such as healthcare, transport, public services, and critical infrastructure, cyber incidents are not only a financial risk. They can disrupt essential services and, in extreme cases, put human safety at risk.

Avoiding AI Is Not a Strategy

The answer is not to avoid AI. Organizations need AI to remain competitive. They need to use data more effectively, automate manual processes, improve decision-making, and create better services. Companies that fail to do so risk falling behind both local competitors and global players with stronger digital capabilities. But using AI without the right foundation introduces serious risks.

Sensitive information can be exposed through public tools. Critical data can be processed in environments outside the organization’s control. Employees may adopt AI services without clear policies. Automated agents may be given access to systems without proper governance. And organizations may become dependent on infrastructure that raises questions around security, compliance, and jurisdiction.

“AI opens new possibilities for organizations, but it also opens new attack surfaces. The answer is not to avoid AI, but to understand where your data is, who has access to it, and which tools are being used. That responsibility has to sit with management — not only with IT,” says Business Development Manager at NetNordic, Robin Frantzen.

The real challenge is therefore not whether to use AI, but how to use it securely. A useful way to frame the issue is this: organizations should not fall behind by avoiding AI, but they should not expose themselves by adopting AI on the wrong infrastructure.

Why Infrastructure Has Become Part of the AI Discussion

Advanced AI requires significant computing power, making GPU capacity a strategic infrastructure issue. But capacity alone is not enough. Organizations also need to know where AI workloads run, where data is processed, and who controls the environment.

For organizations handling sensitive or regulated data, public AI services may raise legal, security, and compliance concerns. This is why local AI and private language models are becoming more relevant. Local AI means running models in a controlled environment, either on the organization’s own infrastructure or in a private cloud.

In NetNordic’s case, this can mean giving customers access to language models and GPU capacity in Nordic data centers, with isolated environments that are not exposed to the public internet.

A private AI environment can help keep data on Nordic soil, reduce dependency on public AI platforms, lower the risk of data leakage, and give organizations stronger control over infrastructure and costs. For organizations with sensitive data, this can make it possible to innovate with AI without sending critical information into public cloud environments.

Data Sovereignty is Becoming a Security Issue

The AI discussion is also increasingly tied to data sovereignty. Many AI and cloud services are operated by providers under foreign jurisdiction. For European and Nordic organizations, this raises important questions: Where is the data processed? Who has access to it? Which legal frameworks apply? What happens if the data is subject to requests from authorities outside Europe?

The point is not that all foreign cloud services are unsafe. Many organizations will continue to use global cloud platforms as part of their digital infrastructure. But they need to understand the legal, operational, and security implications of doing so — especially when handling sensitive data.

This is particularly relevant for healthcare, public sector organizations, critical infrastructure, financial services, and other regulated industries. For these organizations, data sovereignty is no longer only a legal or procurement matter. It is becoming part of cybersecurity strategy.

AI Agents Create a New Governance Challenge

AI agents go beyond traditional AI models that answer questions, generate content, or analyze information. They can execute tasks, which makes them significantly more powerful — and riskier.

An AI agent may be connected to workflows, business systems, databases, or production environments. It may retrieve information, trigger actions, update systems, or support operational processes. In practice, agents can start to function like digital workers inside an organization.

This creates a new access management challenge. Organizations need to know which agents exist, what they can do, which systems they can access, who approved them, and how their actions are monitored. They also need processes for reviewing permissions and deactivating agents that are no longer needed.

An AI agent with access to production systems should be governed like any other privileged identity. Without that governance, organizations may create powerful internal risks without realizing it.

Patching and Resilience Become More Urgent

The new AI attack surface also makes infrastructure readiness more important. If AI makes vulnerability discovery faster, organizations need to become faster and more systematic in how they patch systems, manage infrastructure risk, and close known weaknesses. Slow patching, unclear ownership, and outdated systems are already common problems. In an AI-enabled threat landscape, they become even more dangerous.

The question organizations should ask is simple: if attackers can move faster, are we prepared to respond faster? For many, the honest answer will be no.

What Organizations Should Do Now

The first step is to understand current maturity: where the organization stands today, where the biggest gaps are, and which risks should be addressed first. “Map your systems, suppliers, access rights and shadow IT, then identify the gaps. You cannot secure what you do not know exists,” says Frantzen.

A maturity assessment can reveal weaknesses in infrastructure, access management, cloud usage, data protection, incident response, and compliance readiness. It also gives leadership a clearer basis for prioritizing investments.

Training is equally important. AI security is not only an IT issue. Leadership, security, legal, compliance, and relevant business units need a shared understanding of AI-enabled cyber risk, agentic AI, secure use of language models, data sovereignty, and regulatory expectations.

Risk assessments should also be updated. Many were not designed for a world where AI tools and agents are embedded in daily operations. Organizations should review subcontractors, cloud services, AI tools, supply chains, critical data, and operational dependencies.

Identity and access management should be a priority. Companies need to know who — and what — has access to their systems, including employees, privileged users, service accounts, and AI agents. Access rights should be reviewed, monitored, and removed when no longer needed.

Organizations should also identify their “crown jewel” data and systems: what is most sensitive, where it is stored, who can access it, and what would happen if it leaked or became unavailable.

Finally, companies should calculate the real cost of downtime. For some, a few hours of disruption can cost millions. For hospitals and critical services, the consequences may go far beyond financial loss.

The Future Belongs to Organizations that Can Use AI Securely

AI will become part of how organizations compete, operate, and deliver services. It will help them use data better, automate work, and create new value — but it will also give attackers new capabilities and increase pressure on infrastructure, governance, and security teams.

Avoiding AI is not sustainable. But adopting it without control is not safe. The organizations best prepared for the next phase will be those that understand the new attack surface and act early. They will combine innovation with stronger security, clearer governance, and better control over data and infrastructure.

In the age of advanced LLMs and AI agents, secure innovation is no longer optional. It is becoming a condition for staying competitive, resilient, and trusted.