Zero Trust in the Age of Artificial Intelligence: Data, AI, and Security

Informatec Digital » Resources » Zero Trust in the Age of Artificial Intelligence: Data, AI, and Security

The irruption of Generative Artificial Intelligence has changed the game in cybersecurity: The same technologies that drive business innovation also enable faster, more credible, and automated attacks.Security teams are forced to defend hybrid infrastructures, with remote users, cloud services, and connected industrial systems, while regulations tighten and budgets don't always keep pace.

In this scenario, it is becoming increasingly clear that The old "secure perimeter" model is dead, and the Zero Trust philosophy has become the new standard.The challenge now is to adapt it to a world where it's not just about controlling people and devices, but also AI models, autonomous agents, and data flows that move at machine speed between platforms, applications, and clouds.

Why AI is challenging the traditional security model

Artificial intelligence has become a double-edged sword: It strengthens defenses, but it also enhances the arsenal of cybercriminals.Today it is trivial to generate hyper-personalized phishing campaigns, voice or video deepfakes, polymorphic malware or automated frauds supported by generative AI.

At the same time, Organizations manage increasingly heterogeneous infrastructures: multicloud environments (AWS, Azure, Google Cloud, Oracle), SaaS, proprietary data centers, industrial OT networks and thousands of remote workersAll of this with critical data scattered everywhere, complex digital supply chains, and increasing regulatory pressure (NIS2, DORA, sector regulations).

Cybersecurity experts agree that The problem isn't the attacks that are blocked, but those that go undetected.The adversaries camouflage themselves within legitimate traffic, they exploit stolen credentialsThey abuse APIs and rely on AI to move laterally with great stealth, often taking advantage of poorly controlled "trusted" access.

Faced with this scenario, inherited architectures focused on the perimeter —Traditional VPNsflat networks, implicit trust in what “is inside”

From perimeter security to the Zero Trust approach

For years, IT security was based on the metaphor of the castle with walls: Inside everything is reliable, outside everything is suspiciousFirewalls at the edge, VPNs for entry, and once inside, unrestricted access to the internal network. This model falls apart when employees work from anywhere, applications are hosted in the cloud, and data travels between vendors, partners, and IoT devices.

To respond to this change, in 2010 Forrester popularized the Zero Trust model, conceptually driven by John Kindervag, with an idea as simple as it is radical: “Never trust, always verify”It doesn't matter if the connection comes "from inside" or "from outside", all access must be authenticated, authorized and continuously monitored.

The basic principles of Zero Trust can be summarized in three pillars: rigorous and independent verification of origin, access with least privilege, and permanent commitmentIn other words, it is assumed that the network may be compromised and that any user—even an internal one—can become a threat, whether by mistake or in bad faith.

Over time, this approach has gone from being a theory to having concrete guidelines. The publication of NIST SP 800-207 and the CISA maturity model marked a turning point.providing reference architectures for networks, applications, and data. In parallel, in Europe, NIS2 and ENISA recommendations are pushing critical sectors to incorporate strong authentication, segmentation, and continuous access control.

Zero Trust in the Age of AI: When Autonomous Agents Break the Mold

The first wave of Zero Trust was designed with people and relatively static devicesHuman users, corporate teams, and traditional business applications used to be the norm. But AI has profoundly changed this reality.

AI models—especially large language models (LLMs) and autonomous agents— They operate dynamically, cross boundaries between systems, and manipulate sensitive data in a matter of seconds.They can read emails, launch workflows, modify files, interact with APIs, or make decisions without constant human supervision.

OWASP, in its Top 10 risks for GenAI and LLM, warns about so-called “excessive agency”: when AI is granted too much autonomy or capacity for actionAgents sending emails on behalf of executives, bots moving money between accounts, assistants making changes to production systems… Each of these functions opens up new attack vectors if not properly controlled.

Zero Trust approaches focused on the human user fall short: They don't scale to handle thousands of decisions per minute made by algorithmsAttempting to manually apply principles of least privilege to every action of every agent is simply unfeasible. This is where a key evolution emerges: shifting the focus from identity to data.

Zero Trust focused on data: data as the new control plane

In an AI-dominated environment, what truly matters is no longer just who has access, but what data it accesses, how it transforms it, and with whom it shares it.The network perimeter loses meaning and the new perimeter becomes the data itself.

Analysts like Forrester, with frameworks like AEGIS for AI governance, emphasize that Security must pivot towards data observability, context, and accountabilityThe goal is to enable innovation with AI, but under controls based on information classification, data lineage, and auditable rules for its use. To protect sensitive information, it's advisable to implement practices and controls that reduce the risk of data leaks and theft.

Specialized platforms combine DSPM (Data Security Posture Management) and AI-SPM (AI Security Posture Management) capabilities to Discover where sensitive data resides in cloud, SaaS, and hybrid environmentshow they are used and which AI systems interact with them. From there, governance policies are applied that detect risky behaviors (malicious prompts, exfiltration, unusual movements) and automate blocking or alerts.

This change transforms Zero Trust into a living, data-driven architecturecapable of scaling at the pace of autonomous agents and self-learning models. Instead of blindly trusting that AI will do “the right thing,” dynamic safeguards are established that limit what it can see and do based on sensitivity and context.

AI as an ally: next-generation SOC and “minimal agency”

AI doesn't just create problems; It is also a key component in sustaining Zero Trust on a large scaleThe amount of current security signals (logs, network telemetry, cloud activity, identity events, etc.) is overwhelming for any human team without automated support.

Cybersecurity manufacturers are integrating Advanced AI in its protection, detection, and response platformsFrom engines that analyze hundreds of trillions of events to discover anomalies, to intelligent agents in the SOC capable of investigating incidents, correlating alerts, and executing actions without manual intervention.

Leading companies are experimenting with the concept of Agentic SOC: security operations centers powered by AI agents that “work side-by-side” with analystsThese agents understand the context of the infrastructure, recommend containment measures, write reports, automate playbooks, and, in certain cases, execute responses directly within well-defined limits.

The key is to apply a principle similar to least privilege to AI, but adapted: the “minimum agency” model recommended by OWASPNot only are the data an agent can access restricted, but also the specific actions it can perform. No bot should be given the power to "do everything" in production unless absolutely necessary.

Real-world examples: Zero Trust and AI in banking, energy, industry, and food

The theory is fine, but where Zero Trust proves its worth is in the trenches of critical sectorswhere a mistake can shut down a plant, bring down a financial service, or leave millions of users without power.

In the banking sector, concerns revolve around fraud, identity theft and data theftFinancial institutions are working to build highly scalable Security Operations Centers (SOCs) that combine massive telemetry, AI-powered analytics, and automation. The goal is to anticipate fraud patterns, block suspicious activity in real time, and shift from a purely reactive to a proactive model. The ability to recover and secure compromised accounts is key to reducing the impact of these attacks.

In the energy sector, players such as large electricity companies face a gigantic exposure perimeter: Millions of smart meters, thousands of transformer substations, and field crews accessing central systemsFurthermore, there is often a very strict separation between IT and OT environments, which are frequently considered mutually "untrustworthy." Migrating to Zero Trust in this context means achieving unified visibility and distinguishing within the SOC what constitutes an attack from, for example, a scheduled mass device update.

In the manufacturing industry, where the priority is the continuity of production, Zero Trust is experienced in a very tangible way: If a PLC or a robot stops, the impact is immediate.Manufacturers with products that last for decades are dealing with legacy OT technologies, insecure protocols, and a growing cloud presence. One of the key challenges is unifying visibility and control over this mix of IT and OT solutions, achieving a single pane of glass that displays everything from the machine network to the customer's cloud.

In food companies with automated plants, the concern is that Unauthorized remote access to industrial equipment can directly affect productionThe principle is clear: no supplier should enter a PLC or robot without a strictly controlled, monitored and revocable session in real time, with activity recording and permission expiration.

Digital supply chains, LLM and data breach risk

Beyond internal infrastructure, many organizations are discovering that Its main weakness lies in the digital supply chainWe work daily with banks, technology partners, integrators, fintech companies, cloud providers, and many more, all of whom are connected in one way or another to the company's systems.

Each link introduces a possible input vector: A third party with poor security practices can become the backdoor for a larger attackThis necessitates a thorough evaluation of B2B access, limiting permissions, segmenting environments, and monitoring API-based integrations.

This is compounded by a growing concern about the use of external LLMs: the risk that internal information will end up "feeding" public-private models without control or traceabilityStrategic documents, customer data, or proprietary code can be inadvertently leaked when used as context in AI tools without proper safeguards.

Zero Trust applied to AI implies here establish strong DLP (Data Loss Prevention) controlsRegulate what can be sent to which models, require data residency (logical isolation), and, where possible, opt for private deployments or "walled gardens" where the organization has real control over what is trained and what is not.

Implementing Zero Trust with AI: practical steps and challenges

Implementing a Zero Trust strategy is not simply a matter of installing a couple of tools: It is a strategic, technical and cultural journeyEven so, some practical steps can be defined to get off to a good start.

The first block is visibility: inventory assets, data, identities, and flowsIt's essential to know what systems exist, what critical information they handle, who (or what AI agent) accesses them, and from where. Data discovery and classification tools help identify "crown jewels" in public clouds, SaaS, and on-premises environments.

Next comes risk assessment and policy definition: classify business processes according to impact, define who can access what and under what conditionsThis includes granular access policies, network segmentation, definition of OT/IT "zones", API protection, and clear rules on the use of AI services.

Implementation is usually done in phases: Starting with identity (phishing-resistant MFA, Single Sign-On, modern privilege management), followed by ZTNA/SASE for access and, later, microsegmentation and deep data protectionEach wave is accompanied by continuous monitoring to adjust policies and prevent overly restrictive measures from paralyzing the business.

Throughout this journey, familiar obstacles arise: Resistance to change, technical complexity, legacy that is difficult to adapt, and fragmentation of toolsTraining, change management, and consolidation on integrated platforms (SSE, SASE, observability suites) are essential levers to avoid dying of success.

AI, smart authentication, and managed services

AI is also reshaping authentication. Instead of relying solely on passwords or static factors, Modern systems implement risk-based adaptive authenticationThey analyze location, device, usage patterns, typing speed, or even mouse behavior to decide whether a request is normal or suspicious.

This type of AI-powered authentication is a perfect fit for Zero Trust: Each access attempt is dynamically evaluated, and may require additional factors, limit permissions, or directly block access. when the risk is high. All of this is done almost transparently for the legitimate user, who experiences less friction when behaving in the usual way.

Another area where AI shines is in automated response: If a device starts exfiltrating data, a malicious agent moves laterally, or a user downloads anomalous volumes of informationThe detection engines can isolate the endpoint, revoke tokens, close sessions, and launch investigations almost instantly.

For many organizations, especially medium-sized ones, building this level of sophistication internally is complicated. This is where managed cybersecurity services come into play, which They offer 24/7 SOC, advanced monitoring, AI-based access management, and security automation. without forcing the company to build everything from scratch.

Cultural change: the “Zero Trust generation” and the digital divide

Beyond technology, Zero Trust demands a cultural shift in how trust is understood in digital environmentsIt's not about "distrusting people," but about accepting that every system can fail and that the best way to protect users and businesses is not to assume that nothing bad will happen.

Interestingly, the younger generations have grown up using social media, online video games, and digital services since childhood. They are quite familiar with environments where trust has to be earned and the rules are strict.This group is beginning to be called, somewhat ironically, the "Zero Trust generation".

At the other end of the digital divide, some of the most senior staff They may perceive security measures as unnecessary obstacles or as a symptom of personal distrustThe key here is to clearly explain the reason for each control, show real-life incident cases, and reinforce that the goal is to protect both the organization and the employees themselves.

Multi-factor authentication, access segmentation, or continuous verification cease to be seen as "nuisances" when it is understood that A single click on a malicious email can trigger extremely sophisticated AI-supported attacks, with serious economic, legal and reputational consequences.

Looking at the short and medium term, everything points to the fact that Zero Trust and Artificial Intelligence will continue to converge until they become two sides of the same coinAI as an engine for observing, analyzing, and responding to what happens in real time; and Zero Trust as a framework for limiting, verifying, and governing what people, machines, and models can do. Organizations that manage to balance autonomy and control, protecting data without stifling innovation, will be the ones that thrive in a digital environment where trust is no longer given, it's built.