On July 1, Team CloudSEK joined the Elite CISOs Enterprise Security Summit 2026, Delhi/NCR Edition, at The Westin, Gurgaon, as a Platinum Partner. One thing was clear by the end of the day. CISOs in the room are not asking if AI will change their threat landscape. They are asking how fast it already has.
A Summit Built for the Moment
The summit brought together India's top CISOs, security leaders, and technology decision-makers to talk about cyber resilience, digital risk, and enterprise trust. But most conversations kept coming back to one theme: AI-driven attacks are not a future problem. They are already happening.
At Booth B6, the CloudSEK team spent the day talking to CISOs from banking, technology, and manufacturing. The questions were consistent. What does an AI attack surface actually look like? How do you find AI tools your team is using without approval? Can your current security tools even see this risk?
.jpg)
Koushik Sivaraman, VP - Security Consulting at CloudSEK, took the stage to explain what AI-powered attacks look like in the real world, not in theory.
He opened with a simple but important shift in thinking. Most people picture AI risk as a chatbot giving out the wrong answer. That picture is outdated. The real risk lives in the infrastructure behind AI: tools your team spun up without telling security, AI systems left open on the internet, and automated workflows now making real business decisions on their own.
The case that made the room go quiet. In September 2025, a state-sponsored group ran what is now known as the first large-scale cyberattack carried out mostly by AI itself, not humans. Koushik shared numbers that stopped side conversations across the room:
- The AI carried out 80 to 90 percent of the attack on its own.
- Around 30 organizations were hit, across tech, finance, and government.
- The AI used tools normally meant for legitimate security work, tricked into thinking it was helping defend a company rather than attack one.
His point was simple. In this case, AI was not helping a hacker. It was the hacker. It moved at machine speed, and none of the usual warning signs showed up, because nothing about the activity looked wrong. It was just very fast.
A pattern, not a one-off. Koushik walked through several real incidents from the past two years, each hitting a different part of the AI stack. A single email tricked a company's AI assistant into leaking files. Employees at a major electronics company pasted confidential code into ChatGPT, leading to a company-wide ban. Researchers found dozens of tampered AI models hiding in public repositories, built to steal data the moment someone downloaded them. Attackers are now actively scanning the internet looking for exposed AI tools, the same way they once scanned for open computer ports.
.jpg)
Why your current tools miss it. He explained, in plain terms, why traditional security tools are not built to catch this. They were designed to protect websites, cloud accounts, and company networks. AI tools are a different kind of asset entirely, and most security teams cannot see them, let alone secure them. He backed this up with a striking number: over 1,000 new AI-related tools go live and exposed on the internet every single week.
Introducing AIVigil: Built to Close This Gap
Koushik closed his talk by introducing AIVigil, CloudSEK's new AI Attack Surface Platform, already running across enterprise environments since May 2026.
In simple terms, AIVigil finds every AI tool an organization uses, sanctioned or not, checks whether it is exposed to attackers, and flags the risk before it becomes a breach. It looks both from the outside in, the way an attacker would, and from the inside out, working with a company's own systems.
To make the risk real for the room, Koushik shared findings from a recent 30-day scan across enterprise environments: over 100 live security issues found, more than a third of discovered AI tools running with no password protection at all, and multiple working company AI credentials recovered before an attacker could find and misuse them.
His closing message was direct. These companies did not lack security teams. They lacked visibility into a layer of their business that did not exist two years ago.
What CISOs Wanted to Know at the Booth
The conversations at Booth B6 picked up right where Koushik's talk left off. CISOs wanted to know what AI tools already exist inside their own company, beyond the ones officially approved. Several asked whether the exact issues shared on stage might already be sitting in their own environment. And more than once, the conversation landed on the same question: who in the organization actually owns this risk?
The CloudSEK team walked CISOs through the full range of what the company offers: visibility into external threats, protection against digital risk, threat intelligence, and now, AI attack surface management through AIVigil. Across every conversation, the ask was the same. Security leaders want to get ahead of AI-driven attacks, not just react to them after the fact.
.jpg)
The Takeaway
ESS 2026 confirmed something CloudSEK has believed for a while. AI is already changing how attacks happen, and most companies cannot see the risk yet. The gap is real, but it is closeable.
If your team is asking the same questions raised in Gurgaon, what AI tools are we actually using, are any of them exposed, and who owns this risk, CloudSEK can help you find out.
Reach us at [email protected] or visit www.cloudsek.com.
.jpg)