The AI Gold Rush Is Bringing Back Old Cybersecurity Blunders, Mandiant VP Warns

As organizations race to integrate artificial intelligence into their operations, a top executive at Mandiant Consulting has issued a stark warning: the AI rush cybersecurity mistakes of the past are resurfacing with a vengeance. Jurgen Kutscher, VP of Mandiant Consulting at Google Cloud, told Infosecurity Magazine during Google Cloud Next 26 that enterprises are so focused on novel threats like large language model poisoning that they are forgetting the fundamentals.

“A lot of the old problems are new again,” Kutscher said. “We’ve seen enterprises really worried about new AI threats while forgetting the most basic security controls.” This oversight, he argues, is creating a dangerous gap in enterprise defenses.

Mandiant Red Team Exposes Critical Failures in AI Deployments

Mandiant’s red team has been putting these concerns to the test. During simulated attacks that mimic real adversaries, testers have uncovered alarming weaknesses in AI-enabled environments. For instance, Kutscher revealed that attackers could change data classifications within an AI system, effectively bypassing protections like data loss prevention (DLP) solutions.

Even more troubling, Mandiant found basic hygiene issues that should have been caught years ago. “We observed an unencrypted communication stream between the AI and the browser when working with a financial company,” Kutscher noted. This kind of oversight—failing to encrypt data in transit—is a classic blunder that is now being repeated in the rush to deploy AI.

Social Engineering and AI as an Unwitting Accomplice

In multiple engagements, Mandiant’s red team successfully used social engineering to gain initial access. Once inside, they let the AI do the heavy lifting. “We’ve had the AI do the rest for us, including data theft and everything,” Kutscher said. Crucially, these were not shadow AI cases—these were authorized deployments where employees had company approval.

This means that even sanctioned AI workflows can become a liability if basic security controls are ignored. The problem is not just about rogue tools; it is about the absence of governance around sanctioned systems.

AI Security Governance: A Race Against Time

Kutscher emphasized that organizations must build AI security governance processes immediately. “Creating policies and governance is easier than cleaning up uncontrolled AI usage after the fact,” he warned. He recommends revisiting secure architecture and performing red-team validation to ensure critical assets are truly segmented.

For CISOs, the message is clear: don’t assume AI adoption absolves you of basic cybersecurity responsibilities. “It’s possible that these mistakes partly come from the fact that CISOs aren’t always involved in the deployment of AI workflows,” Kutscher speculated. “But the lack of basic security controls around AI workflow deployments is there, and it’s a significant risk.”

Lessons for Enterprise AI Deployment

So, what can organizations do to avoid repeating the AI rush cybersecurity mistakes that Mandiant has documented? First, ensure that AI deployments are included in existing security frameworks. Basic controls like encryption, access management, and data classification must not be overlooked. Second, involve the CISO and security teams from the start of any AI project. Finally, conduct regular red-team exercises to test AI-specific vulnerabilities.

As Kutscher put it, recognizing AI’s power for defense is important, but it should not come at the cost of fundamental security practices. For more insights, check out AI security best practices and red team testing for AI systems. The era of AI is here—but the basics still matter.