Skip to main content
CybersecurityAI & Machine Learning

Palo Alto CEO Exclusive: AI Risky for Business, Yet

Palo Alto CEO Exclusive: AI Risky for Business, Yet

AI Risky for Business, Nikesh Arora warned — and yet enterprises keep inching toward the promise and the peril at the same time.

“Most companies aren’t showing us what they’ve deployed,” Nikesh Arora, CEO of Palo Alto Networks, told reporters after the vendor’s Q2 briefing, arguing that business uptake of generative AI trails consumer use by at least a couple of years, with the notable exception of coding assistants. His posture is cautious: embrace the utility, respect the hazards, and don’t confuse hype for readiness. That balance — between commercial opportunity and operational exposure — frames the dilemma facing boards and CISOs today.

Current picture: adoption, caution, and a strategic bet
– Enterprises have begun experimenting with large language models and automation, but, according to Arora, widespread production deployments remain limited outside developer productivity tools such as coding assistants. He signaled that the market has two speeds: consumer-facing features and developer tooling first; mission-critical, regulated workflows later. For context, Palo Alto Networks recently acquired Koi to position itself for what comes next in model-aware security and governance, a move that underscores the company’s view that AI brings a distinct class of enterprise risk. The Register covered Arora’s remarks and the company’s Q2 results. https://go.theregister.com/feed/www.theregister.com/2026/02/18/palo_alto_q2_26/

Why it matters: a new class of enterprise risk
Generative and predictive systems are not merely faster automation tools; they introduce attack surfaces and failure modes that differ qualitatively from traditional software:
– Models can be poisoned, inverted, or manipulated through adversarial inputs that produce biased, incorrect, or leaked outputs.
– Confidential training data and proprietary logic can be exfiltrated via clever queries or model extraction techniques.
– Automated decisioning amplifies reputational, regulatory, and financial exposure when errors occur at scale.

Cyber and risk practitioners have begun to treat AI as an operational, legal and strategic challenge rather than a purely technical one. That assessment is supported by industry analyses that call out new vulnerabilities — from data-poisoning in training to inference attacks in production — and recommend treating model governance as a first-order security concern .

What organizations can (and should) do now
Mitigating AI risk does not require reinventing governance from scratch; it requires adapting tried-and-true controls to a novel technical terrain. Practical steps include:
– Inventory and risk assessment: catalog models, data sources, and likely impacts on business processes.
– Stronger data governance: enforce lineage, quality checks, and access controls to reduce exposure.
– Independent model validation: bring third-party or cross-functional review to surface biases and blind spots.
– Continuous monitoring and observability: detect drift, degradation, and anomalous behavior in production.
– Incident response planning: rehearse playbooks for model failure, data leakage, and regulatory inquiries.
– Board-level accountability: place AI risk on the agenda at the director level with cross-functional ownership.

These are not theoretical prescriptions. Analysts and consultancies now argue that organizations must elevate AI to board-level risk and balance speed with controls — because the alternative, ad hoc deployments and reactive remediation, is costly in money and trust .

Different perspectives and tensions
– Technologists: Many researchers accept that AI offers productivity gains but caution against rushed productionization. Effective defenses require red‑teaming, adversarial testing, and continuous validation — capabilities that take time and specialized skill to scale .
– Policymakers: Regulators want demonstrable safeguards. Robust governance, transparency, and auditable controls can ease regulatory scrutiny, but opaque, proprietary remedies may complicate independent verification.
– Users and customers: Enterprises that rush to productize AI risk eroding customer trust with biased outputs or privacy lapses. Conversely, measured deployment with good explainability and contestability features can lift adoption.
– Adversaries: Attackers are already leveraging AI to scale phishing, discover vulnerabilities, and weaponize compromised models. Prioritizing AI security raises the bar — but also highlights the assets adversaries will try hardest to attack .

The business calculus: opportunity versus cost
Boards and executives face trade-offs. Tight controls slow time-to-market and increase cost; insufficient controls risk regulatory fines, broken contracts, and reputational damage. Firms must ask pragmatic questions: do risk frameworks scale with model impact? Are directors asking the right questions about provenance, third-party dependencies and measurement of exposure before incidents occur? Industry evidence suggests that failures are expensive: they impair customer trust and invite enforcement attention, reframing AI as an operational risk as much as a competitive advantage .

Why Palo Alto’s Koi acquisition matters
Palo Alto’s purchase of Koi signals two related bets: first, that enterprises will move beyond narrow developer tooling into areas where governance, observability and security are critical; second, that there is a market for integrating model-aware controls into existing security stacks. For a vendor positioned at the intersection of networking, security and cloud, anchoring product strategy to AI governance is both defensive (protect customers) and offensive (capture a new taxonomy of security spend). Arora’s public tone — wary but pragmatic — mirrors that strategic posture.

Conclusion: proceed, but prepare
Companies can no longer treat AI like a fringe experiment or a mere productivity add-on. It is both an asset and an enterprise risk that requires board oversight, technical rigor, and continuous monitoring. Nikesh Arora’s assessment — that broad enterprise adoption lags consumer use and that only certain categories like coding assistants are pervasive today — is a timely reminder that the fastest route to value is not always the safest. Will firms resist the rush to production long enough to build the controls they will need when the inevitable incident arrives? Or will the next headline be about what happens when speed outruns prudence?

Source: The Register reporting on Palo Alto Networks Q2 commentary and related coverage — https://go.theregister.com/feed/www.theregister.com/2026/02/18/palo_alto_q2_26/