Monday Morning Impact – June 15
Gartner Identifies Critical AI Security Threats
Gartner has released a document geared towards resource-limited organizations seeking to get the most out of their security investments.
“The introduction of security initiatives by frontier AI companies creates significant noise to an already noisy threat landscape,” said John Watts, VP Analyst at Gartner. “Cybersecurity leaders must be able to find the threat signal in all the noise in order to respond to shifts in the threat landscape.”
Among the highlights, Watts discussed the “AI Application Compromise,” which has become the critical threat section as attackers target the growing number of production-ready public-facing and internal enterprise AI tools. The attack surface has grown to include custom-built agents, third-party integrations and employee-only applications, often exposing sensitive data or credentials when controls are weak.
“Cybersecurity teams need to expand their programs beyond traditional software protections by mapping new attack surfaces introduced by GenAI models or agentic tools,” said Watts.
Securing an AI application does not always mean starting from scratch, according to Watts. There are many AI security startups that offer broader and deeper capabilities as organizations mature and need more security around their use of AI. To address this threat, CISOs are advised to apply secure development life cycle and threat modeling best practices to AI applications. They should also strengthen data security by improving data classification, adopt purpose-based access control (PBAC) and implement runtime monitoring.
The advent of GenAI has dramatically increased the volume, fidelity and accessibility of deepfake creation across voice, video, and images, both as pre-recorded artifacts or generated in real-time. This has expanded the opportunity for attackers to impersonate identities across a range of attack surfaces. Deepfakes can be used to attack biometric authentication processes, can be combined with social engineering in real-time attacks on employees and can be used to subvert recruitment processes.
Cybersecurity teams are advised to look beyond deepfake detection and strengthen controls to protect the integrity of real‑time communications, as well as biometric authentication and verification processes.
Cybersecurity teams should also build comprehensive inventories of software assets while integrating strong controls at every stage of development. These measures help defend against emerging threats that target both traditional applications and modern AI-powered pipelines.
Meanwhile, “Prompt Injection” has become a cybersecurity threat targeting AI systems, especially those using large language models (LLMs). Attackers manipulate prompts to alter the model’s behavior, causing it to leak sensitive information, perform unauthorized actions, or bypass controls. As organizations increasingly adopt GenAI, the risk of prompt injection expands, making it a critical issue for cybersecurity teams.
To effectively counter prompt injection threats, Gartner advises cybersecurity teams to implement a layered mitigation strategy. This involves AI security testing to proactively identify vulnerabilities, establishing strong system prompts to guide AI behavior, and deploying AI runtime guardrails that monitor for and block suspicious activity.
The findings were discussed at a recent event held in National Harbor, Maryland.
Channel Impact®
Channel partners can provide a variety of useful assistance, such as the establishment f multiple layers of control, in order to counter deepfakes; protect biometric identity verification by focusing on presentation and injection attack detection in addition to contextual signals; secure online meetings by implementing conditional access policies to enforce strong authentication for call participants; and integrate prompt injection testing into the AI system development lifecycle.
Cisco Unveils Agentic Platform for Operating and Defending Critical IT Infrastructure
Cisco has unveiled its new “Cloud Control” platform, which becomes the foundation of the company’s AgenticOps operating model, billed as a unified platform built for humans and AI agents to manage, monitor and defend critical IT infrastructure.
The platform delivers a single view of Cisco networking, security, compute, observability, and collaboration in one secure environment. People and agents work from a single data layer, sharing the same operational context and the same system of action. Customers can build their own applications and agents using natural language directly within the platform, which also connects to a large ecosystem, including AWS, Linear, Microsoft, PagerDuty, ServiceNow, Slack, and Google Cloud, which now includes Wiz.
“AI agents reason and act continuously at software speed, and that changes everything about how we scale, manage, and defend our critical infrastructure,” said Jeetu Patel, President and Chief Product Officer, Cisco. “Cisco Cloud Control is a command center for agentic AI: a platform where your team and your AI agents work together, in the same environment, with the same information, and with humans in control.”
Elements include cross-domain telemetry, purpose-built models, and trusted agents. The platform also includes “Cisco AI Canvas,” a generative workspace where operators and agents work from the same live evidence to investigate and resolve complex issues together in real time. In addition, the Cloud Control Studio feature is a design space that unlocks two customization environments. Agent Builder lets customers build agents for Cloud Control tailored to their own policies and workflows. App Builder lets customers build and publish apps and workflows for Cloud Control from natural-language prompt, with OpenAI Codex, an agentic platform that helps you build and ship with AI, built in.
Cisco Cloud Control is currently available in the U.S with global availability to follow.
Channel Impact®
The platform promises to help channel partners and their customers act and defend at machine speed and scale in an agentic AI world.
Optiv Sells Advisory, Consulting and Transformation Business to Vobis Ventures
Cybersecurity company Optiv has announced the sale of its advisory, consulting and transformation (ACT) project-based services business to Vobis Ventures, a global technology investment firm with AI-native cybersecurity as its priority investment theme.
The Vobis Ventures-backed ACT business will initially operate under the name Optiv Consulting [formerly part of Optiv Security]. As Optiv’s new priority services partner for the next year, Vobis Ventures will leverage ACT as the foundation of its cybersecurity services business.
“We went to great lengths to find the ideal partner, a true unicorn, with a commitment to client excellence and innovation,” said Optiv CEO Kevin Lynch. “Partnering with Vobis Ventures enables us to continue serving clients with the same world-class resource base, while reinvesting back in the business to further accelerate strategic priorities and fuel growth.”
Industry veteran Anup Kumar, Operations Executive Partner at Vobis Ventures, is stepping in as CEO of the Optiv Consulting business, where he will focus on driving growth and establishing the firm as a trusted partner for enterprises deploying agentic AI with built-in governance at scale.
The deal officially closed June 1, 2026. Terms were not disclosed.
Channel Impact®
Through the acquisition, ACT becomes the foundation of Vobis Ventures’ cybersecurity services business for the agentic AI era.
Stay in the Know
Keep tabs on what’s happening in the channel and the impact it will have on the partner community by subscribing to Channel Impact communications.
Recent News
Search Buzz
Buzz Categories
