Security Experts Warn Against Using AI Without Rules

Got story updates? Submit your updates here. ›

According to a new warning from the cybersecurity firm Armor, companies that are quickly adopting artificial intelligence (AI) tools without strict policies and guidelines are creating dangerous security vulnerabilities. The firm says these blind spots leave organizations open to data theft, lawsuits, and other unforeseen threats. Armor's Chief Security Officer Chris Stouff emphasized the urgency for companies to develop and enforce AI usage policies, as traditional security measures were not built to handle these new technologies.

Why it matters

As more businesses and industries turn to AI to boost efficiency, the lack of clear rules around AI usage is creating compliance liabilities and operational risks. This includes issues like sensitive data being shared with public AI chatbots, as well as 'Shadow AI' where departments use unapproved tools without IT or security oversight. Healthcare providers face particular challenges in balancing AI adoption with strict patient privacy laws.

The details

Armor, which protects over 1,700 businesses worldwide, says that without a clear game plan, companies are opening themselves up to data theft, lawsuits, and security threats they aren't even looking for yet. The main issue is that traditional security measures weren't built to handle these new AI tools. Employees might inadvertently share sensitive information with public AI chatbots, and different departments could be using their own unapproved AI tools without the IT team's knowledge.

• Armor released a new five-part framework in January 2026 to help businesses address the transparency and security gaps around AI usage.

What they’re saying

What’s next

Armor's new framework aims to help businesses classify AI tools by risk level, set clear boundaries on sensitive data usage, and train employees to understand safe AI practices as part of their job responsibilities.