The Security Risks Behind Shadow ML Adoption 

Artificial Intelligence (AI) is at the centre of a global technological arms race, with enterprises and governments pushing the boundaries of what’s possible. The launch of DeepSeek has once again ignited discussions around AI’s sophistication and cost of development. However, as AI models become more advanced and widely deployed, security concerns continue to mount.

Companies rushing to keep pace with developments like DeepSeek risk cutting corners, leaving vulnerabilities that adversaries can exploit. 

A key concern is the rise of “Shadow ML”, where machine learning models are deployed without IT oversight, bypassing security protocols, compliance frameworks, and data governance policies. This proliferation of unauthorised AI tools introduces a host of security risks, from plagiarism and model bias to adversarial attacks and data poisoning. If left unchecked, these risks can undermine the integrity and trustworthiness of AI-driven decisions in critical sectors like finance, healthcare, and national security. 

Software Is Critical Infrastructure

Software is now a central component of modern infrastructure, akin to electricity grids and transportation networks. Failures in these systems can cascade across industries, causing widespread disruption. With AI/ML models now embedded in core software operations, the potential impact of security breaches is even more severe. 

Unlike traditional software, AI models operate more dynamically and unpredictably. They can continuously learn and adapt based on new data, meaning their behaviour can change over time—sometimes in unintended ways. Attackers can exploit these evolving behaviours, manipulating models to generate misleading or harmful outputs. The growing reliance on AI-driven automation makes it imperative to establish robust MLOps security practices to mitigate these emerging threats. 

The Security Challenges In MLOps 

The AI/ML model lifecycle presents several key vulnerabilities. One of the primary concerns is model backdooring, where pre-trained models can be compromised to produce biased or incorrect predictions, affecting everything from financial transactions to medical diagnoses. Data poisoning is another major risk, as attackers can inject malicious data during training, subtly altering a model’s behaviour in ways that are difficult to detect.

Additionally, adversarial attacks - where small modifications in input data trick AI models into making incorrect decisions - pose a serious challenge, particularly in security-sensitive applications. 

Later in the lifecycle, implementation vulnerabilities also play a critical role in AI security. Weak access controls can lead to authentication gaps, allowing unauthorised users to tamper with models or extract sensitive data. Improperly configured containers that host AI models can provide an entry point for attackers to access broader IT environments. Moreover, the use of open-source ML models and third-party datasets increases supply chain risks, making it critical to verify the integrity of every component. 

While AI promises groundbreaking advancements, security cannot be an afterthought. Securing AI can make the technology even more appealing for businesses. Organisations must prioritise secure MLOps practices to prevent cyber threats from exploiting the very tools designed to enhance corporate efficiency and decision-making. 

Best Practices For Secure MLOps 

To defend against evolving threats targeting AI models, organisations should adopt a proactive security posture. Model validation is key to identify potential biases, malicious models, and adversarial weaknesses before deployment. Dependency management ensures that ML frameworks and libraries- like TensorFlow and PyTorch- are sourced from trusted repositories and scanned for malicious model threats. Code security should also be a priority, with static and dynamic analysis conducted on source code to detect potential security flaws in AI model implementations. However, security shouldn’t stop at the source code level - threats can also be embedded within compiled binaries. A comprehensive approach must include binary code analysis to detect hidden risks, like supply chain attacks, malware, or vulnerable dependencies that may not be visible in the source code.  

On top of securing AI code, organisations must harden container environments by enforcing strict policies on container images, ensuring they are free from malware and misconfigurations. Digitally signing AI models and related artifacts helps maintain integrity and traceability throughout the development lifecycle. Continuous monitoring should also be implemented to detect suspicious activity, unauthorised access, or unexpected deviations in model behaviour. By embedding these security measures into the AI development lifecycle, companies can create resilient MLOps pipelines that balance innovation with robust protection. 

The Future Of AI Security 

As AI adoption accelerates, the conflict between innovation and security will intensify. AI is not just another tool, it's a critical asset that needs dedicated security strategies. The rise of Agentic AI, with its ability to make autonomous decisions, adds another layer of complexity, making governance and oversight more important than ever. Organisations that take a proactive approach now are better positioned to navigate these evolving risks without slowing down innovation. 

The launch of DeepSeek and similar AI advancements will continue to reshape industries, but the rush to innovate must not come at the expense of security.

Just as we wouldn’t build a skyscraper without a solid foundation, we cannot deploy AI without embedding security into its very core. The organisations that succeed in this new AI-driven world will be those that recognise security as an enhancer, not a barrier, to progress. 

By taking a proactive stance on AI security, enterprises can ensure that they are not only keeping up with the latest developments but also safeguarding their future in an increasingly AI-powered world.  

Shachar Menashe is VP of Security Research at JFrog 

You Might Also Read:

Half of Employees Use Shadow AI:


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Trump Gives TikTok Another 75 Days Extension
DDoS Trends & Predictions For 2025 »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Cyber Fusion Center - Maryville University

Cyber Fusion Center - Maryville University

Maryville University Cyber Fusion Center is a virtual lab for working on real-world cyber security challenges.

Axonius

Axonius

Axonius is the only solution that offers a unified view of all assets and their coverage, empowering customers to take action to enforce their organization’s security policies.

GMV

GMV

GMV is a technological business group offering solutions, services and products in diverse sectors including Intelligent Transportation Systems, Cybersecurity, Telecoms and IT.

Zymbit

Zymbit

Zymbit provides hardware security modules (HSM) for IoT devices, including Raspberry Pi and other single board computers.

GK8

GK8

GK8 is a cyber security company that offers a high security custodian technology for managing and safeguarding digital assets. Secure, Compliant and Practical.

Cyble

Cyble

Cyble Vision enables faster detection of cyber threats and focuses on identifying and analysing the motivations, methods, capabilities and tools of adversaries.

Netsurion

Netsurion

Netsurion powers secure and agile networks for highly distributed and small-to-medium enterprises and the IT providers that serve them.

Stealth Software Technologies

Stealth Software Technologies

Stealth Software Technologies is focused on the generation of research and software products focused on applied cryptography and cybersecurity.

InfoSec Conferences

InfoSec Conferences

InfoSec Conferences is an online directory of infosec conferences. We list every single Information Security conference, event and seminar within every niche in Cybersecurity.

ActZero

ActZero

ActZero’s security platform leverages proprietary AI-based systems and full-stack visibility to detect, analyze, contain, and disrupt threats.

Stone Forest IT (SFIT)

Stone Forest IT (SFIT)

Stone Forest IT specialises in providing advisory, implementation and managed services for IT infrastructure, IT security solutions, business applications (ERP and CRM) and business analytical tools.

Strata Identity

Strata Identity

Strata is pioneering identity orchestration to unify on-premises and cloud-based authentication and access systems for consistent identity management in multi-cloud environments.

Gravitee

Gravitee

Gravitee helps organizations manage and secure their entire API lifecycle with solutions for API design, management, security, productization, real-time observability, and more.

Bluefin Payment Systems

Bluefin Payment Systems

Bluefin is the recognized integrated payments leader in encryption and tokenization technologies that protect payments and sensitive data.

Riot Security

Riot Security

In today's world, most successful cyberattacks start by a human failure. Riot have developed a platform that makes it easy to prepare your employees for cyberattacks, in a way they love.

APIsentry

APIsentry

APIsentry is a leading provider of comprehensive API security solutions, specializing in protecting organizations from a wide range of cyber threats targeting their Application Programming Interfaces.