Robyn Tongol 
This week on the Cyber Uncut podcast, host Liam Garman speaks with Qualys ANZ managing director Sam Salehi about the rapidly evolving “AI attack surface” – from shadow AI usage and prompt injection risks to data leakage and model vulnerabilities – and why a lack of visibility is leaving businesses exposed before they even realise it.
Salehi outlines the core problem facing security leaders: organisations often don’t know what AI tools are already in use, let alone how to secure them. The conversation explores how fragmented tooling, poor asset inventory, and missing business context are undermining risk management efforts, while boards continue to push AI adoption for efficiency gains. Salehi argues that leaders are flying blind, prioritising the wrong threats while leaving critical exposures unaddressed.
From data minimisation and API security to continuous monitoring and the rise of the “risk operations centre”, Salehi emphasises the need for a unified, risk-based approach. His bottom line is blunt: in an environment where exploitation timelines are shrinking to hours, the only metric that matters is how quickly organisations can detect and close exposure – before attackers do.
Enjoy,
The Cyber Uncut team
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.