A virtual panel hosted by InfoQ recently brought together security researchers, AI engineers, and enterprise risk leaders to map the threat landscape that artificial intelligence is reshaping. The conversation was not about distant scenarios. The attacks they described are happening to businesses right now — including businesses that look a lot like yours.
For the past decade, cybersecurity conversations centered on defending systems against human attackers. The machine age partially inverts that equation: AI is now on both sides of every security event.
Attackers use large language models to generate convincing phishing emails at industrial scale, synthesize voice and video to impersonate executives, and probe systems for vulnerabilities faster than any manual process could. Defenders, meanwhile, use AI to detect anomalies, correlate signals, and automate incident response.
The asymmetry that concerns experts most is speed. A well-resourced threat actor with AI tools can run hundreds of targeted campaigns simultaneously. The average mid-sized Latin American company has a security team — if it has one at all — that is responding manually to alerts it often sees hours after the fact.
Business Email Compromise used to be relatively easy to spot: a slightly off sender address, awkward phrasing, an unusual payment request. That detection heuristic is breaking down.
Security researchers now document a growing category of attack that combines voice synthesis with social context scraped from LinkedIn, press releases, and public interviews. A call arrives that sounds exactly like the CEO, references a real negotiation the company is in, and asks the CFO to move funds on a tight deadline. In several cases, the transfer happened before anyone attempted to verify the source.
For LATAM companies this is particularly acute. Regional business cultures often operate on direct executive authority — when the CEO calls, people move fast. That cultural dynamic is now a vulnerability that sophisticated attackers understand and exploit deliberately. A Colombian logistics company, a Mexican distributor, an Argentine manufacturer: none are immune, and all fit the target profile.
Beyond social engineering, the panel discussed risk that is specific to companies actively deploying AI tools inside their operations: the attack surface created by every AI integration you add.
When an organization connects a language model to its CRM, document storage, or internal knowledge base, it creates a data pathway. If that pathway is not properly scoped — with tight permissions, audit logging, and output controls — it becomes exploitable. The attack does not need to breach your perimeter at all. It works by feeding the model crafted inputs that cause it to surface sensitive records, trigger unintended actions, or expose information to unauthorized users.
This is distinct from the supply chain poisoning risks discussed elsewhere. This is about live, operational AI systems and the risks introduced by how they are wired to your business data. Every automation workflow in which an AI model reads internal data is a workflow that requires a security review before it goes into production.
One of the more clarifying segments of the panel focused on embedded AI risk. Most enterprise software now ships with AI features baked in. Your ERP may include a generative assistant. Your customer support platform may route tickets using a model you never explicitly chose or evaluated.
Each of those embedded models introduces a dependency you did not negotiate. If the underlying model is updated by the vendor, fine-tuned on new data, or compromised at the infrastructure level, the behavior of your software changes — without a notification reaching anyone in your organization. Experts framed this as a governance problem as much as a technical one: you need to know what AI components you are running, who controls them, and what their update and audit policies are.
The practical implication is not that companies need to hire a Chief AI Security Officer immediately. Most mid-sized LATAM businesses do not have the budget or pipeline for that role today. What they need is a set of minimum viable controls applied with some urgency.
Know what is running. Conduct an inventory of every AI-enabled tool your team uses — officially sanctioned tools and shadow deployments alike. You cannot secure what you have not mapped.
Define who authorizes AI connections to company data. When any tool requests access to internal records to power an AI feature, that approval should require someone with data governance authority. Default vendor settings almost always over-share; they should never be accepted without deliberate review.
Run tabletop exercises for AI-specific scenarios. A call that sounds like your CFO requesting an urgent transfer. A document that instructs an automated workflow to export client records. An AI assistant that surfaces confidential data to the wrong internal user. These scenarios need to be practiced before they happen in production.
Add a human checkpoint before high-stakes automated actions. The panel was unanimous on this: any AI-driven workflow that triggers a financial transaction, a bulk data export, or a system access change should require explicit human verification. Automation speed has real value. Unreviewed automation on consequential actions is a liability that compounds as you scale.
LATAM markets are watching AI regulation evolve in the EU and the United States, and Colombia, Brazil, and Mexico are advancing their own frameworks. The panel touched on the inevitable direction: documented AI risk assessments and incident reporting requirements are coming for most categories of AI deployment.
Companies that treat AI security as a compliance checkbox will be perpetually behind the curve. Companies that treat it as an operational discipline — part of how every AI project is scoped and run from day one — will find that compliance follows naturally from what they already do.
The machine age security challenge is not a technology problem that vendors will eventually solve on your behalf. It is a leadership problem: who in your organization is responsible for knowing how AI tools are being used, what data they can access, and what the escalation path is when something goes wrong?
That question does not require a large team or a large budget to answer. It requires that someone asks it — and that the answer is not "nobody."
At Xenturia, we help leadership teams at mid-sized companies build AI stacks that are not just capable but defensible. If you are moving fast with AI adoption and have not yet mapped the security implications, that conversation is worth scheduling before an incident forces it.
Schedule a free consultation with our team and discover how AI can transform your operations.
Schedule a consultation
Strategic AIAIOpenAI restricted GPT-5.6 after a government request—then pushed back hard. Here's what frontier AI access battles mean for your company's strategy.
Strategic AIAIDapr 1.18 introduces tamper-proof audit trails for every AI agent action. Here's what Verifiable Execution means for LATAM operations leaders.
Strategic AIAIAmazon just committed $13B to AI infrastructure in India. The move isn't just about India — it's a signal every LATAM business leader should decode before the window shifts.
