How much cyber risk does AI create for organizations? 457 million security issues. Here’s what you can do about it.

Over a 30 day period, Tenable detected 457 million AI-related security issues among 7,000-plus organizations, an average of 62,000 exposures per organization. If we didn’t already know that shadow AI was a problem, data like this makes it clear every organization needs to visualize, map, assess, and protect with a comprehensive exposure management program.

How much cybersecurity risk does AI create for organizations?

For years, some security leaders have lived by a simple, comforting truism: If the service-level agreement (SLA) dashboard for vulnerability remediation is green, the organization is safe. By focusing on tracking CVEs and patching schedules, they believe they’re effectively managing cyber risk. 

Today, as AI boosts cyber threats and transforms cyber defenses, this maxim has morphed from a risky platitude into an outright dangerous fallacy. Cyber teams that operate under this model risk drowning in what Tenable calls the “vulnami” — a tsunami of CVEs fueled by AI vulnerability discovery. They also risk failing to see and address the vast expanse of non-CVE threats in their hybrid environments.

In this blog, we’ll answer the question, “How much cybersecurity risk does AI create for organizations?” and we’ll unpack how exposure management can empower security teams to not only stay ahead of the CVE “vulnami,” but also tackle non-CVE issues across their entire attack surface, both on premises and in the cloud.

The sad state of vulnerability remediation

Almost one-third of breaches (31%) start with an unpatched CVE, making vulnerability exploitation the most common initial access vector, according to the 2026 Verizon Data Breach Investigations Report (DBIR).

Here is the kicker: most of these CVEs aren’t headline-grabbing zero-days. Often, these are years-old vulnerabilities for which patches have long been available. 

To illustrate this point, here’s what recent telemetry from the Tenable One Exposure Management Platform showed:

• 1,865 organizations still exposed to the 2024 vulnerability in Fortinet FortiOS CVE-2024-21762
• 3,569 organizations still exposed to the 2021 Log4Shell vulnerability CVE-2021-44228
• 1,430 organizations still exposed to the 2017 WannaCry vulnerability CVE-2017-0144

Moreover, based on aggregated data from more than 13,000 organizations, the 2026 Verizon DBIR report found that those organizations fully remediated only 26% of the CVEs in the Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) catalog, which lists CVEs being actively exploited in the wild.

And with regard to timely patching, the DBIR finds most organizations aren’t making progress; they’re going backward. The median time-to-patch stands at 43 days, up from 32 days reported in last year’s Verizon DBIR. In short, it’s taking companies longer to patch at the exact moment AI allows attackers to discover and exploit flaws at unprecedented speeds.

Given this reality, it’s time for defenders to use AI to automate vulnerability prioritization and remediation. This requires trusting your security stack, including agentic AI security tools, and your team, so that you can fix your most critical vulnerabilities in hours, not weeks or months.

It’s also time to go beyond vulnerability management, which remains essential but is insufficient on its own. To keep your organization secure in the age of AI, you need to assess all security threats, including identity flaws and misconfigurations, across your IT, operational technology (OT), AI, IoT, and cloud assets and see how they combine to create attack paths leading to your organization’s most sensitive systems and data.

The staggering scope and impact of non-CVE threats

If, according to the 2026 DBIR, 31% of breaches start with a CVE, that means two-thirds of cyber incidents begin with something else entirely, such as:

• A misconfiguration
• A stolen credential
• An exposed secret

How relevant are non-CVE security issues? Based on Tenable telemetry, about 37% of findings are not CVEs but they account for 63% of breach entry points. Let that sink in: one-third of your findings account for two-thirds of your risk.

Thus, if your security program only or primarily looks at CVEs, you are functionally blind to the majority of your attack surface.

The invisible yet massive threat: Shadow AI

This visibility gap is widening every week because of AI. Every time a new AI tool explodes onto the market, employees adopt it, often without asking for approval from your organization.

How often does your team scramble to figure out if an unapproved AI tool is running in your environment? And just like other areas of your infrastructure, most AI risks aren’t standard CVEs, but rather LLM misconfigurations, unmanaged model dependencies, exposed credentials within AI workloads, and more.

To put the scale of this problem into perspective, during a recent 30-day period, the Tenable One Exposure Management Platform found 457 million security issues across our customer base using 274 detection plugins built specifically for AI. That averages out to 62,000 AI-related exposures per customer.

Here’s one specific example of shadow AI risk. A customer, using our AI detection plug-ins, found 12 instances of OpenClaw, the agentic AI personal assistant tool previously known as Clawdbot and Moltbot. Not that bad at first glance, although the organization hadn’t approved the use of OpenClaw in their environment. But upon deeper inspection, they discovered a much more serious situation.

The OpenClaw instances had been installed on the customer’s cloud workloads by a contractor they had hired to do quality assurance testing. They had given the contractor their API keys, as well as access to a large portion of their source code. Moreover, the contractor configured the OpenClaw instances so that he could manage them remotely via Telegram — another unapproved tool. 

In other words, they had a dozen instances of an unapproved AI tool with autonomous capabilities that was accessing their source code and that had been installed by a third-party contractor. Furthermore, OpenClaw was remotely downloading who knows what software from the internet, while being controlled through a communications channel into which the company had no visibility nor access to. 

The lesson for all of us: You need security for AI because your AI attack surface isn’t a future problem. It is already here.

Enter AI-driven exposure management

If traditional CVE programs are necessary but insufficient, what is the answer? You guessed it: it’s AI-driven exposure management.

Exposure management goes way beyond legacy, point-in-time vulnerability scanning to continuously assess vulnerabilities, misconfigurations, excessive permissions, and exposed secrets that attackers could exploit across your entire attack surface: on premises, in the cloud, in OT environments, and across AI tools and infrastructure. Crucially, exposure management goes beyond simply listing these problems by mapping the attack paths that connect them.

Notably, research from Tenable shows that, on average, an organization faces three attack paths for every single security finding, so if you have 50,000 findings, your environment offers attackers 150,000 potential paths to breach. Of course, they don’t all matter equally. Here, exposure management also helps you by isolating and cutting off the paths that lead directly to your most critical assets.

Does your team know the top five or top ten attack paths an attacker would most likely use at any given time to reach your organization’s crown jewels today? Does your team know how long it would take them to break those attack-path chains? If the answer to those questions is “no”, then your priorities for exposure remediation are probably wrong.

The clock is ticking

AI is making defenders’ jobs even harder. The challenge of keeping pace with the speed of attacks, vulnerability discovery, exploitation, and attack surface expansion demands a preemptive security operating model and a new approach to reducing cyber risk. 

The good news is that with AI-driven exposure management automating attack path mapping and prioritization, you can outpace the threat by gaining:

• Unified visibility via continuous asset discovery across your entire hybrid attack surface, capturing all vulnerabilities, misconfigurations, excessive permissions, and other security issues
• Contextual, AI-powered insights that map how seemingly isolated security issues interconnect to create dangerous, exploitable attack paths
• Machine-speed action that triggers automated, orchestrated fixes via agentic AI workflows with appropriate guardrails, including human oversight

Exposure management is here, and it offers comprehensive asset discovery, including unapproved shadow AI tools, full attack surface visibility, more precise prioritization, and machine-speed remediation.

It won’t be easy, but exposure management makes it possible to secure your organization in the age of AI. Let’s do it. 

To learn more, read the blog “Beating the Mythos clock: Using Tenable Hexa AI custom agents for automated patching.”