Cybersecurity teams have long been aware of the increasing prominence of artificial intelligence in the cybercrime playbook. Attackers use it with increasing frequency to scale phishing, automate reconnaissance, and generate plug-and-play malware.

The 2025 Comcast Business Cybersecurity Threat Report reveals another layer to the story: how security teams are managing the evolving cyber risk stemming from their own enterprise AI adoption. As AI usage soars in the workplace—both company sanctioned and through shadow IT—it is changing the foundation of modern cybersecurity.

Based on the analysis of 34.6 billion cybersecurity events detected across Comcast Business security customers, the threat report explores how AI-native infrastructure, non-human identities (NHIs), and new patterns of data movement are creating risks that traditional defenses weren’t built to handle. In this new environment, identity has become the new perimeter, serving as the lynchpin for establishing trust, managing access, and limiting risk.

Changing infrastructure, changing vulnerabilities


Enterprise environments today look markedly different from what they did just two years ago. Cloud-hosted models, automated DevOps pipelines, and edge AI devices are now widespread. These environments shift where sensitive data resides and how it moves:

  • Data at rest is distributed across on-prem systems, multiple clouds, and transient storage tied to model training or inference.
  • Data in motion flows between AI agents, APIs, and services across multiple trust boundaries, often in ephemeral, machine-to-machine exchanges.


This distribution expands the attack surface and raises the risk of unintentional data leakage into AI systems, especially when workflows span multiple environments.

Traditional Identity and Access Management (IAM) tools weren’t built for today’s scale and fluidity, or for the massive influx in machine identities. Rule-based detection systems struggle to keep up, since they rely on signatures and static rules. The volume, as well as the changing nature of the identities at play, can provide attackers with an opportunity to bypass defenses. More critically, it can provide cover for them to blend in once they do.

Detection challenges are compounded when defensive AI tools are poorly tuned. Overly aggressive configurations can generate alert fatigue through false positives, while under-sensitive ones create blind spots where adversaries move unnoticed. The result is the same: post-compromise activity that slips past security teams until it has already escalated. Enterprises must therefore rethink how they manage both the movement of data and the identities, human and non-human, that access it.

The new role of identity in the AI era


With data moving fluidly across clouds, pipelines, and APIs, there’s no fixed network edge left to defend. Every digital interaction, whether initiated by a user, an application, or an automated agent, hinges on identity.


And non-human identities now outnumber human users in most enterprise environments. They operate fast, often with long-lived credentials, and can accumulate excessive privileges if not actively managed. A single compromised NHI can open the door to large-scale lateral movement.

That’s why modern defenses focus on tightening access and continuously validating trust:

  • Extending IAM to non-human identities to give the same visibility, governance, and credential rotation that humans receive.
  • Enforcing least privilege and just-in-time access so identities only get the minimum rights, and only for the exact window of time needed.
  • Integrating zero trust principles and Secure Access Service Edge (SASE) to continuously verify every connection and help protect data at rest and in motion.

Identity-first security must also be layered with advanced detection. Managed detection and response (MDR) and similar capabilities help provide a safety net for when identities are compromised, catching post-compromise activity that IAM controls alone may not.

AI-driven analytics such as behavioral baselining and anomaly detection can uncover activity that static rules overlook. Their value, however, is greatest when paired with human expertise. Analysts bring the context that automation lacks, helping prioritize real threats over false alarms and ensuring the response is both timely and accurate.


In this environment, breaches should be assumed to be inevitable. The enterprises that build resilience will be those that treat identity as the control point, secure data flows across hybrid environments, and pair AI-driven analytics with human judgment to detect, respond, and contain threats at speed.


To learn more about how enterprise security is evolving in the age of AI, download the full 2025 Comcast Business Cybersecurity Threat Report.




Let’s talk more about your business needs

Together, we’ll figure out a solution to suit your size and budget.

Request a consultation

Complete the form, and a sales representative will contact you to discuss your needs and recommend solutions.

Don’t want to wait? You can reach out to our sales team at (877) 337-9303.
  1. Step 1
  2. Step 2

* REQUIRED

By entering your email address and selecting "continue," you agree to receive marketing and sales emails from Comcast Business.Privacy policy

Looking for customer support?

If you’re an existing customer and have questions about your account or services, our customer support team is available to help 24/7.

CONTACT SUPPORT