惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

N
Netflix TechBlog - Medium
V
Vulnerabilities – Threatpost
Google Online Security Blog
Google Online Security Blog
Hugging Face - Blog
Hugging Face - Blog
L
LINUX DO - 热门话题
云风的 BLOG
云风的 BLOG
P
Proofpoint News Feed
D
Docker
C
Cyber Attacks, Cyber Crime and Cyber Security
MyScale Blog
MyScale Blog
P
Palo Alto Networks Blog
T
Tenable Blog
P
Privacy International News Feed
Google DeepMind News
Google DeepMind News
小众软件
小众软件
Cisco Talos Blog
Cisco Talos Blog
aimingoo的专栏
aimingoo的专栏
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
A
Arctic Wolf
C
Cybersecurity and Infrastructure Security Agency CISA
C
Cisco Blogs
T
Threat Research - Cisco Blogs
NISL@THU
NISL@THU
The Hacker News
The Hacker News
Project Zero
Project Zero
AWS News Blog
AWS News Blog
Simon Willison's Weblog
Simon Willison's Weblog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
T
Threatpost
V
Visual Studio Blog
The GitHub Blog
The GitHub Blog
The Cloudflare Blog
Last Week in AI
Last Week in AI
Jina AI
Jina AI
Cyberwarzone
Cyberwarzone
The Register - Security
The Register - Security
C
CXSECURITY Database RSS Feed - CXSecurity.com
Vercel News
Vercel News
D
Darknet – Hacking Tools, Hacker News & Cyber Security
MongoDB | Blog
MongoDB | Blog
U
Unit 42
Scott Helme
Scott Helme
A
About on SuperTechFans
WordPress大学
WordPress大学
F
Fortinet All Blogs
大猫的无限游戏
大猫的无限游戏
G
GRAHAM CLULEY
Latest news
Latest news
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
S
Schneier on Security

Check Point Blog

AI Is Changing Cyber Careers. NICE 2026 Showed What Students Need Next - Check Point Blog 90% of the World's Businesses are SMEs and MSMEs and AI Is Reshaping Both Their Future and Their Risk - Check Point Blog Prevention Before the Inbox: Reading the Microsoft Defender Benchmark Report in Context - Check Point Blog ClickFix: The Attack That Turns Users Into Their Own Attackers - Check Point Blog From Prompt Testing to AI Red Teaming at Enterprise Scale - Check Point Blog AI Has Moved From Assistance to Action. Is Your Security Model Ready? AI Security Governance: How to Secure AI Agents, Copilots, and Autonomous AI in 2026 - Check Point Blog OpenAI Frontier AI Models Powering Check Point's Leading Cyber Security Solutions The Operational Reality of Zero Trust- And How You Can Change It - Check Point Blog Amazon Prime Day 2026: Bargains Begin June 23 — and So Do the Scams - Check Point Blog Securing AI Agent Behavior with Amazon Bedrock AgentCore and CheckPoint AI Security - Check Point Blog What Successful Exposure Management Deployments Had in Common in 2026 - Check Point Blog From Stars to Upvotes: The Fake Reputation Economy Behind a Crypto Clipboard Hijackers - Check Point Blog AI Red Teaming Makes the Unknowns Known - Check Point Blog Check Point and Illumio Expand Partnership to Secure Hybrid Environments - Check Point Blog The NCSC Patch Wave Is Coming. Do You Know Where Your Risk Lives? - Check Point Blog NCSC Warns of AI-Driven Patch Wave: Is Your Attack Surface Ready? Energy, Healthcare, and Finance: Why Midwest Industries Are Facing Surging Cyber Attacks - Check Point Blog Midwest Cyber Attacks Surge in 2026: Energy, Healthcare, and Finance Under Growing Threat Travel Phishing and Cyber Attacks are Surging in 2026, Growing 122% over the last 3 years. Here's What Cyber Criminals Are Actually Doing - Check Point Blog Travel Phishing Scams Surge 122%: How Cybercriminals Are Targeting Travelers in 2026 The AI Your Security Team Can’t See Is the One You Should Worry About Check Point Engage Public Sector 2026: AI Is the New Battlefield Check Point Joins OpenAI’s Trusted Access for Cyber Program and Daybreak Initiative When Your AI Agent’s Memory Becomes a Security Liability AI Agents Are Becoming Enterprise Workers. Who Secures Them? Global Cyber Attacks Ease in May 2026, But Ransomware Surges 48% As Threats Reorganize Security Advisory – Action Required – Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751) Fraud, Ransomware, and Fake Apps Are Already Targeting FIFA 2026 The AI Defense Plane: Securing the New Enterprise Execution Layer The Meta AI Account Recovery Incident Wasn’t Just a Chatbot Problem Check Point Lays the Groundwork for the Future of AI Factory Security with NVIDIA - Check Point Blog Check ... The 2026 U.S. Midterms Have a Cyber Problem, But it’s Not at the Ballot Box The Server Seizure That Affects Also Iran’s Cyber Operations The Autonomous Security Platform Built for Attacker Speed Check Point Frontier AI Models Readiness Program – Security Update 2026 Cloud Security Report: Why Traditional Network, Cloud, and Security Architecture Are Lagging Behind t ... AI Attacks Are No Longer Experimental: Key Findings from the March-April 2026 AI Threat Landscape - Check ... Protect GenAI Chatbots with Check Point WAF The Network Security Problem No One Could Solve – Until Now. Hacktivists, Ransomware, and a 124% Surge Across DACH The Case for a Vulnerability Operations Center Before the First Whistle: How Cyber Criminals Are Targeting World Cup 2026 - Check Point Blog World Cup 20 ... When the Ransomware Gang Gets Hacked: What the Gentlemen Leak Reveals About Modern Ransomware Risk - Check ... Cyber Threats Spike in April 2026 as Ransomware Expands and Attack Volumes Climb After Short-Lived Moderation Q1 2026 Ransomware Report: Fewer Groups, Higher Impact - Check Point Blog World Password Day 2026: Why "Strong Passwords" Can’t Save You from AI, Infostealers, and the Telegram Underground - Check Point Blog Resilient by Design: When the Network Itself Becomes the Target AI Threat Readiness: Defending Against Attacks Powered by Frontier AI Models Check Point Cyber Security Now Available Across All Levels of U.S. Government - Check Point Blog Check Poi ... VECT Ransomware: Why Paying Won’t Get Your Files Back Check Point WAF Leads Application Security-Validated by Frost & Sullivan Check Point WAF Leads Application ... From Access Control to Outcome Control: Securing AI Agents with Check Point and Google Cloud Experience AI-Powered Check Point Firewall at Google Cloud Next AI Finds Every Gap: How Many Can Your Network Survive? The Gentlemen RaaS Is Surging in 2026 The Phishing Paradox: The World’s Most Trusted Brands Are Cyber Criminals’ Entry Point of Choice World Quantum Day 2026: The Harvest Has Already Begun, Are You Prepared? Why Manufacturing Cyber Security is Becoming More Complex as Cyber Attacks Accelerate March 2026 Cyber Threat Report: Ransomware & GenAI Risk PS Private Training: Turning Cyber Complexity into Operational Control Tax Season 2026: How Cyber Criminals Are Preparing Their Attacks Months in Advance Claude Mythos Wake-Up Call: What AI Vulnerability Discovery Means for Cyber Defense Iran-nexus Password Spray Campaign Targeting Cloud Environments, with a Focus on the Middle East ROI of Hybrid Mesh Network Security (IDC Study 2026) Operation TrueChaos: TrueConf Zero‑Day Supply‑Chain Attack ChatGPT Data Leak (Fixed Feb 2026): Key Takeaways Spring Cleaning Has Arrived: Meet the New Check Point Portal Experience North America’s Cyber Security Threat Reality in 2026
Shadow AI Is Not a Tool Problem. It's a Timing Problem. - Check Point Blog
maciejd@checkpoint.com · 2026-06-30 · via Check Point Blog

Most AI policies are written in the future tense.

Employees use AI in the present tense.

That gap explains a lot about shadow AI. A governance committee may still be defining good AI use. Meanwhile, AI has already become part of how work moves: in the browser, inside SaaS platforms, and across everyday applications.

The mismatch is not only organizational. It is temporal.

AI governance often moves through meetings, documents, reviews, and audits. Employee AI use moves through prompts, uploads, browser tabs, and embedded copilots that operate in seconds.

That is why shadow AI is not just a tool problem. It is a timing problem.

If security only learns about the interaction after it happens, the most important decision has already passed. The prompt has been submitted, the file has been processed, or the AI system has already taken the next step.

At that point, the organization may have a log, a policy gap, or an investigation.

What it needed was a decision in the moment.

Upcoming webinar

Ready or Not: Securing the AI Enterprise

Session 3: Workforce AI Security

Tuesday, July 14, 2026  ·  10:00 AM PT  ·  45-minute live session

Explore how organizations can close the timing gap around shadow AI, protect sensitive data at the point of use, and give employees a safer path to AI-powered productivity.

Reserve your spot →

The New Control Point Is the Moment Before

Security teams are used to asking familiar access questions: is the application approved, is the user allowed, and should this data leave a trusted environment?

AI adds a new control point: the moment before context enters the AI system.

That context may be source code, a customer record, a contract clause, or the accumulated knowledge inside a SaaS workspace. It may not look sensitive in isolation. The risk depends on the surrounding situation: who is using it, where it is going, and what the AI system can do next.

This is what makes employee AI use different from ordinary application governance. The question is not simply, “Is this app allowed?”

It becomes:

  • Is this use of the app allowed?
  • Is this account appropriate for this work?
  • Is this data safe to submit?
  • Is the AI system only responding, or can it retrieve, connect, or act?

Those are timing-sensitive questions. They lose value when answered too late.

Shadow AI Is a Symptom of Speed

The phrase “shadow AI” can make the problem sound like a disciplinary issue: employees using tools they should not use, outside processes they should follow.

Sometimes that is true. But it is not the whole story.

Shadow AI is also a signal that employee workflows have changed faster than enterprise controls. People have discovered that AI can remove friction from work. They are not waiting for a perfect operating model before using it.

Microsoft and LinkedIn’s 2024 Work Trend Index captured this shift clearly: 75% of global knowledge workers were already using AI at work, and 78% of AI users were bringing their own AI tools.

That is the human reason shadow AI spreads. AI is useful at the exact moment work becomes too slow, too messy, or too much.

Security programs that treat this only as unauthorized tool use risk missing the deeper lesson. The business has found a faster path. If the secure path is slower, unclear, or less useful, employees will keep reaching for the faster one.

The answer is not to pretend the pressure is not real. It is to make the safer path work at the same speed as the business.

Why After-the-Fact Visibility Is Not Enough

Visibility is essential. Security teams need to know where AI is being used and where patterns suggest risk.

But visibility is not the same as control.

A report can show that employees are using unsanctioned AI tools. It cannot redact sensitive data that has already been pasted. A dashboard can show which applications are popular. It cannot decide whether one specific upload should have been allowed.

The risk in employee AI use is often perishable. It appears, changes shape, and resolves into an outcome quickly.

That outcome may be benign: a better draft, a faster analysis, a solved issue.

Or it may create exposure. Sensitive data leaves the expected boundary. Confidential context enters an unmanaged service. An AI assistant acts on data it should not have used.

The difference may depend on context that static tools were not built to understand. That is why AI data security has to account for how information is used at runtime, not only where it is stored.

That is why security needs both visibility and intervention. Not intervention everywhere, and not intervention for its own sake. But the ability to make a risk-based decision before the interaction becomes a record of something that already happened.

Policy Has to Reach the Point of Use

NIST’s AI Risk Management Framework frames AI risk management as an ongoing discipline: organizations need to govern, map, measure, and manage risk in context. For employees using AI tools, that context lives at the point of use.

That is where policy becomes practical or theoretical. A rule that says “do not submit sensitive data to unmanaged AI tools” is necessary. But the real test is whether the organization can recognize the risk while there is still time to change the outcome.

The same is true for sanctioned tools. An approved AI feature can still create risk if it is used with the wrong data or account. Approval lowers one kind of risk; it does not remove the need for context.

The control model has to be more granular than yes or no: allow ordinary low-risk use, coach when behavior is risky but fixable, and block interactions that cross a clear line.

This is how AI policy becomes operational. It stops being only a document employees are expected to remember and becomes help at the moment they need it.

From AI Permission to AI Judgment

Traditional access control asks whether a user has permission.

Securing employee AI use has to ask whether the interaction makes sense.

That is a subtle but important difference. A user may be allowed to access a document, but that does not mean the document should be uploaded to a public AI tool. A developer may be allowed to view source code, but that does not mean the surrounding context belongs in an unmanaged assistant.

Permission is necessary. Judgment is contextual.

AI forces more of those contextual judgments to happen at machine speed. The model does not wait for a quarterly governance cycle. The browser does not wait for the next policy update. When AI can retrieve, connect, or act, agentic AI security risks make that timing gap even sharper.

That does not make employees careless. It makes the control model incomplete.

If AI is now part of the workflow, security has to become part of the workflow too.

Secure AI Where Work Happens

Shadow AI will not be solved by naming every tool employees might use. The list changes too quickly, and the tool name is only one part of the risk.

The more durable question is whether the organization can act at the moment AI use becomes consequential.

That means giving employees a safer path, not forcing them back into slower work they will route around. It means policy that reflects real workflows, visibility that arrives early enough to matter, and controls that can protect sensitive data before exposure becomes an incident.

For security leaders, the shift is subtle but important. The question is no longer only, “How do we stop unauthorized AI tools?”

It is, “How do we help employees use AI safely at the speed of work?”

That is also where a broader enterprise AI security strategy and AI Defense Plane become useful: security has to follow AI across employees, applications, and agents. For employee AI usage specifically, Check Point helps organizations secure AI interactions across browsers, SaaS tools, copilots, and shadow AI workflows without forcing productivity back into older patterns.

Upcoming webinar

Ready or Not: Securing the AI Enterprise

Session 3: Workforce AI Security

Tuesday, July 14, 2026  ·  10:00 AM PT  ·  45-minute live session

Explore how organizations can close the timing gap around shadow AI, protect sensitive data at the point of use, and give employees a safer path to AI-powered productivity.

Reserve your spot →