Logo - Pure Storage
Blog Home

7 Challenges with AI and Data Security—and Tips for Building Resilience

In cybersecurity, AI can help us, but it can lend a hand to the bad guys, too. Here are seven things to consider when leveraging AI for security and what you need to solve them.

Challenges with Applying AI to Data Security
Share
image_pdfimage_print

AI is both sword and shield in modern cybersecurity. It sifts through massive data sets in seconds, flags anomalies early, and buys defenders time to act. And according to new research from the Ponemon Institute, 47% of U.S. organizations already use AI to help protect their most valuable asset: their data.

To understand how teams are building resilience for data in storage, Ponemon Institute surveyed 610 IT and security practitioners for “The State of Cyber Resilience” study, sponsored by Pure Storage. The findings show 45% of practitioners expect AI-based security technologies will strengthen their organization’s data security storage. More than half (53%) say AI simplifies protection by handling tasks previously managed by human teams more efficiently and cost-effectively.

However, AI also introduces new data security risks. Half of the practitioners surveyed by Ponemon Institute cited data poisoning as the top AI-driven storage threat. Others pointed to poor system setup and misconfigurations stemming from overreliance on AI for cyber risk management. 

The key takeaway from these findings: While AI tools can help you spot trouble sooner, achieving true cyber resilience depends on how well you can protect and recover data. With that in mind, let’s examine seven AI and data security challenges, along with examples of practical ways to enhance resilience.

1. AI Won’t Eliminate the Human Element in Cybersecurity

AI can spot patterns and speed triage, but judgment still rests with people—what to investigate, when to escalate, and how to contain threats. With attackers using generative AI to craft more convincing lures, the bigger risk to data security isn’t “AI replacing humans,” but teams overtrusting automation without the necessary training, decision frameworks, and incident playbooks.

Tips for Building Resilience

  • Keep people in charge of outcomes. Use AI monitoring to flag unusual activity—such as unexpected deletions or atypical data movements—but require human review before triggering containment steps or major responses.
  • Train for escalation. Make sure staff know when to escalate alerts, how to interpret and use AI-driven insights, and who has final authority during an incident.
  • Rehearse incident response. Run tabletop exercises that combine AI alerts with human decisions, so teams practice containment and communication under real-world conditions.

2. Even with AI, There Is No Silver Bullet in Security

AI is valuable for early warnings—like flagging unusual reads, deletes, and transfers—but it doesn’t keep data safe or get you back to a steady state by itself. Strong data security controls reduce the likelihood of loss, and disciplined cyber resilience practices ensure you can recover quickly when an incident occurs. 

Tips for Building Resilience

  • Harden the data layer. Modern cybersecurity is all about layers. Apply least-privilege permissions, secure key vaults, and lock down storage consoles to prevent misuse or tampering.
  • Keep clean, tamper-resistant, indelible copies. Maintain protected copies of critical data sets and configurations, and rehearse restores to ensure you can reliably meet recovery point objective (RPO) and recovery time objective (RTO) targets. That will help you to better defend against backup tampering, ransomware encryption, and accidental or insider deletions.
  • Contain damage by design. Segment networks and enforce strict separation of duties to prevent a single breach from spreading across your entire environment.

Discover how layered resilience safeguards data integrity and facilitates rapid recovery at any scale

3. AI Is Still More Reactive than Preventive

AI is powerful at surfacing data storage risks such as unusual reads, deletes, or data movements. However, it doesn’t prevent the root causes, such as the initial phishing click or a stolen token. The good news is that, according to the “State of Cyber Resilience” study, AI is helping reduce manual workloads for security teams. That means practitioners have more bandwidth to invest in preventive measures, like stronger configurations, employee training, and routine system hardening.

Tips for Building Resilience

  • Close easy doors. Keep systems patched, remove stale accounts, and close unused access paths to prevent simple attacks from gaining momentum. Pair this with security awareness training that teaches employees how to recognize phishing, malicious links, and other social engineering tricks—turning users into front-line defenders.
  • Put a speed bump in front of risky changes. Add a brief pause and quick review for actions that could erase data or weaken protections, like deleting backups or changing retention/keys. Clear labels and a short checklist help people know they’re in risky territory.
  • Recover on autopilot—after a human “go.” Before implementing major updates or policy changes, take indelible snapshots, maintain a one-page rollback plan, and conduct quick restore drills on sample data to ensure everyone understands how to return to a safe state.

4. AI Models Must Evolve—or Risk Bad Calls

AI only helps if it learns from clean, current data. Left unchecked, AI models can drift—flagging normal activity as suspicious or missing new patterns. And, as we know from the Ponemon Institute study, IT and security practitioners consider deliberate data poisoning—corrupting training data or labels—as the most significant AI-driven storage risk.

Tips for Building Resilience

  • Refresh models with trusted data. Retrain models regularly using vetted, representative data sets, and note the source of the data. Leave out anything you can’t stand behind.
  • Watch the signals. Monitor false alarms and misses. If noise increases, fine-tune alerts or retrain—and always keep a fallback model at the ready in case changes misfire.
  • Protect the pipeline. Limit who can change training data, labels, or detection rules. For bulk updates, require a quick peer review and keep a simple change log.

5. Oversight Is Essential to Prevent ‘Automation without Supervision’

AI can generate or adjust security rules in real time. Without guardrails, it can oversecure (blocking business-critical access) or undersecure (missing real threats). According to Ponemon Institute’s research for Pure Storage, misconfigured systems are the second-leading AI-driven storage risk—underscoring the danger of automation without appropriate oversight.

Tips for Building Resilience

  • Set the boundaries first. Spell out what AI can tune on its own (e.g., alert thresholds), what a person needs to confirm, and what’s off-limits (e.g., deletion policies).
  • Trial before trust. Let AI-proposed changes run in shadow mode (recommend/alert-only) first. Also, use time-limited changes that expire unless a human confirms they should continue; this helps ensure unverified rules don’t persist.
  • Roll out safely, then review. Stage updates to a small group of users, auto-revert if errors spike, and do a quick weekly review of changes made or tuned by AI to decide on adjustments.

6. Effective Anomaly Detection Needs (Very) Broad Context

To spot “needle in a haystack” attacks, AI needs context across users, systems, and data stores. In other words, it needs massive amounts of data from diverse sources. But scale cuts both ways: Without the proper guardrails, the data firehose can easily overwhelm tools and people.

Tips for Building Resilience

  • Monitor what matters. Track a short list of red flags, like unusual deletions and large transfers. Make sure there is a designated owner of every system and data set to help speed decisions.
  • Keep data manageable. Deduplicate as data arrives, keep detailed records for a short period and summaries for longer, and maintain a clear baseline of normal activity.
  • Make alerts useful. Correlate related events, set sensible thresholds, and send only high-priority alerts to people—especially when changes could potentially destroy or expose data.

Learn how Pure Storage is delivering the actionable CVE information customers need to understand and mitigate vulnerabilities. 

7. AI’s Data Hunger Raises Privacy and Compliance Risk

Generative AI systems often need access to sensitive data to deliver relevant outcomes. That increases the odds of accidental exposure and compliance missteps—especially under the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and emerging AI accountability rules. The goal is to enable AI without widening your privacy attack surface.

Tips for Building Resilience

  • Limit what AI can see. Label sensitive data and provide models with only the necessary information. By default, mask or remove personal information, and when possible, test with fake or smaller sample data.
  • Build privacy into storage. Use strong access controls, time-limited permissions, and locked, unchangeable copies (immutable/retention-locked) so sensitive data can’t be altered or exposed. Additionally, ensure that data is encrypted both at rest and in transit.
  • Set guardrails for usage and sharing. Decide where prompts, results, and logs will live, who can access them, and how long you will retain them. Follow a least-privilege approach so only authorized users or systems can view sensitive outputs. Keep an audit trail, and turn off any feature that saves prompts or results unless you truly need it.

Resilience Is the Way Forward for AI and Data Security

AI is already simplifying data security by automating repetitive tasks, lowering costs, and giving teams back valuable time. But it also introduces new risks. The sensible path forward with AI is to prioritize resilience at every turn—building security into your foundation with layered defenses, immutable data, and recovery-ready, tiered infrastructure. Pure Storage helps organizations achieve this resilience by simplifying operations at the data layer and enabling fast, predictable recovery when it matters most.

While the AI and data security challenges outlined above persist year-round, Cybersecurity Awareness Month serves as a timely reminder to assess your security posture, revisit your recovery strategies, and ensure that your AI ambitions are built on a secure, compliant, and resilient data platform like Pure Storage. Looking ahead to 2026 and beyond, these challenges will only intensify—which makes now the time to prepare.

Ponemon Institute

The State of Cyber Resilience

Learn how 620 US-based IT security practitioners are approaching their data storage and keeping it safe.

Read the Report

AI Efficiency Every Step of the Way

Power your AI infrastructure with the storage platform that delivers maximum efficiency for the entire AI process from data curation to training and inference.

Read More

Top Stories