Meet with us
Meet with us
MENU
AI DEX

AI Supply Chain Attacks Are Here. And Most Organizations Aren’t Ready

May 04, 2026 | by Steve Evans

When I read about the Vercel breach tied to a Context AI compromise, I wasn’t surprised.

I’ve been talking with customers for a while now about how AI was going to introduce a new kind of supply chain risk. This is exactly what that looks like.

What stands out to me is how familiar the pattern is. We saw it with open source, then again with SaaS, and again with cloud. Teams move quickly to adopt something that clearly adds value, and security and governance tend to lag behind until something forces the issue.

AI is following the same path, just at a much faster pace.

AI Isn’t Just a Tool, It’s an Ecosystem

When I start talking to customers about AI, the responses are all over the place. Some will tell me they are not really sure how AI is being used across the organization. Others are still working through what their policy should be. And then there are organizations that feel like they have it under control because they are blocking access at the firewall, with the exception of an approved enterprise tool, usually something like Microsoft Copilot.

On the surface, enforcing controls at the firewall sounds reasonable. The problem is it only addresses part of what is actually happening.

It is relatively easy to see that users are going to something like ChatGPT. What is much harder to see is everything else. API usage, integrations inside SaaS platforms, plugins, and other AI-enabled features that are now built into tools people are already using every day.

When we take a closer look, it usually turns out that AI is being used in more places than expected, and often in ways that are not visible through traditional controls.

At that point, whether we call it one or not, it is effectively a supply chain. And like any supply chain, it introduces dependencies and trust relationships that can be exploited.

The Vercel situation is a good example of how that plays out. Something upstream gets compromised, and the impact shows up downstream in places that were not even thinking about that risk.

The Part Most Organizations Are Missing

The biggest issue I am seeing right now is pretty straightforward. Most organizations do not really know where AI is being used. They think they do, but when we look closer, there is always more going on.

There is usually a developer trying something out with an API key, a business user pasting data into a public tool, or a team building something “temporary” that quickly becomes part of a workflow.

I have been on the other side of this as well, inside an organization trying to keep things under control. These things do not start as risky decisions. They start as people trying to solve problems quickly so they can get their job done.

We have dealt with this before. It is shadow IT. This is just the next version of it, and it is moving faster because the barrier to entry is so low.

Establish Visibility First

The first step we take with customers at Teneo is helping them get a clear picture of what is actually happening.

That sounds obvious, but it is usually where the biggest surprises show up.

Using Teneo’s Managed DEX capabilities, we can see what AI tools are being used, how data is flowing, and where things do not line up with policy. More often than not, there is a moment where someone realizes they did not have nearly as much visibility as they thought. In one consumer goods customer engagement, we identified more than 400 instances of AI usage that the organization was not aware of.

That is not a failure. It is just the reality of how fast this space is moving. But you cannot make good decisions about risk until you have that baseline.

Controlling It Without Slowing Everyone Down

Once you have visibility, the next question is what to do about it.

The instinct is often to lock things down, but that usually backfires. People do not stop using tools that help them get their job done. They just find other ways to use them.

What is working better is putting controls closer to where the activity is actually happening. In most cases, that is the browser.

With Teneo’s browser-based security, powered by Palo Alto Networks, you can control how data is shared with AI tools in real time. You are not blocking access outright. You are ensuring proper usage, including blocking sensitive data from going where it should not.

It is a much more practical approach, especially in environments where speed matters.

The Model Is Not Where Most of the Risk Is

One thing I do push back on is the idea that securing the model is the main problem to solve.

It matters, but based on what I see working with customers, that is not where the biggest exposure tends to be. Subscribing to an enterprise or corporate plan greatly mitigates that risk.

The bigger risks usually come from how AI is being used. That includes what data is being entered into non-approved AI tools, what outputs are being trusted, and how these tools are connected to other systems.

If those pieces are not addressed, focusing only on the model does not really move the needle.

This Pattern Should Look Familiar

At a high level, this is not a new challenge. It is another wave of technology adoption where the business moves first and security has to catch up.

The organizations that are handling it well are not trying to shut AI down. They are treating it as something that needs structure. That includes governance, visibility, and controls that fit how people actually work.

The ones that struggle are usually the ones assuming they have more control than they really do.

Final Thought

AI is already being used across your organization, whether it is officially approved or not.

From a security perspective, it is better to start from that assumption and work backward. Figure out where it is happening, understand the risk, and put controls in place that do not get in the way of the business.

The supply chain issues we are starting to see are unlikely to be isolated events. As these ecosystems grow, so does the attack surface.

The good news is this is manageable, but only if you acknowledge what is actually happening in your environment.

If this is something you’re working through, we’re happy to help you get a clearer picture of what’s happening in your environment and where to start. You can book time with a Teneo expert here, or if you prefer something more informal, join our Live Managed DEX HelpDesk Chat every Thursday at 10am ET / 3pm BST to ask questions and start the conversation. You can access this live chat on Teneo’s Managed DEX webpage.

Author: Steve Evans, Field CTO, Teneo

Related articles

Read
DEX
Observable
From Monitoring to Observability: How DEX Integrations Strengthen IT Visibility and User Productivity
May 13, 2026
Read
DEX
7 Best Practices to Improve Digital Employee Experience in Modern IT Environments
May 07, 2026
Read
AI
DEX
AI Supply Chain Attacks Are Here. And Most Organizations Aren’t Ready
May 04, 2026

Contact us - We’d love to help you





    Teneo collects your personal data when you complete our online forms. We will use this information to provide an accurate response to your questions or requests and we will keep a record of your form completion in our CRM system. By submitting this form, you agree to us contacting you for the purpose of our response. For more information explaining how we use your personal data, please see our Privacy Policy.

    Cookie Policy
    Teneo Logo

    This website uses cookies so we can provide you with the best user experience possible.

    Cookies are small files containing information that enables a website to recognise you. They’re downloaded to the device you use when you visit a website and sent back to that website each time you re-visit, or sent to another website that recognises the same cookie.

    Our cookie policy tells you how and why we use cookies, and how this allows us to improve your online experience. You can read our full Cookie Policy here.

    Strictly Necessary Cookies

    Strictly necessary cookies include session cookies and persistent cookies. Session cookies keep track of your current visit and how you navigate the site. They only last for the duration of your visit and are deleted from your device when you close your Internet browser. Persistent cookies last after you’ve closed your Internet browser and enable our website to recognise you as a repeat visitor and remember your actions and preferences when you return.

    Third Party Cookies

    Third party cookies include performance cookies and targeting cookies. Performance cookies collect information about how you use a website, e.g. which pages you go to most often, and if you get error messages from web pages. These cookies don’t collect information that identifies you personally as a visitor, although they might collect the IP address of the device you use to access the site. Targeting cookies collect information about your browsing habits. They are usually placed by advertising networks such as Google. The cookies remember that you have visited a website and this information is shared with other organisations such as media publishers.

    Keeping these cookies enabled helps us to improve our website and display content that is more relevant to you and your interests across the Google content network.

    Powered by  GDPR Cookie Compliance