Shadow AI is emerging as one of the most dangerous enterprise risk vectors, eclipsing the shadow IT problem that plagued the cloud era. As employees experiment with generative AI tools, organizations face mounting compliance exposure, data leakage and regulatory penalties that dwarf the consequences of unsanctioned cloud instances.

The urgency is compounding as agentic AI security takes center stage and with the European Union’s AI Act now enforcing fines of up to 35 million euros. Attackers operate at machine speed, while defenders are still constrained by human pace, according to Russ Schafer (pictured), executive vice president of marketing at Fortinet Inc.

“It takes about four minutes to enact and deploy a ransomware incident,” Schafer told theCUBE. “Last year, an average discovery timeline for an IT organization was 168 hours to discover that ransomware and then another 12 hours to resolve it. During that time — they call it dwell time — the attackers are basically going throughout the organization and gathering all the information they can to then give them maximum leverage when they actually make a ransomware request. By implementing agentic AI on a unified platform versus a fragmented, tool-based system that most people are using today, you’ll be able to take that [resolution] timeline down to about 38 seconds.”

Schafer spoke with theCUBE’s Dave Vellante and Christophe Bertrand at the RSAC 2026 Conference, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed agentic AI security, shadow AI governance and Fortinet’s unified platform strategy for operating at machine speed. (* Disclosure below.)

Shadow AI bolsters the case for unified security operations

The real-world consequences of ungoverned AI use are mounting. A healthcare company was fined $3.5 million for feeding patient notes into ChatGPT in violation of the Health Insurance Portability and Accountability Act and a manufacturer that lost $54 million after a coding assistant leaked proprietary data, Schafer noted. These cases underscore why agentic AI security should start with governance and visibility.

“The challenge is that most people don’t know where the source is or where the information is going when they’re using a public gen AI application,” he said. “Part of our mission is to sort of protect people from themselves.”

To close those gaps, Fortinet is unifying network and security operations into a single platform. With the recent FortiOS 8.0 release, the company introduced more than 21 AI agents, Model Context Protocol support and an agent fabric designed to provide visibility and control across both Fortinet and third-party environments, Schafer explained.

“You need to make sure that [agents] have the right context,” he said. “If you have a series of agents that are working on your behalf, what if one of them goes rogue or gets occupied by an attacker and then it impacts everything else downflow?”

Three major pillars support an agentic AI security framework, Schafer explained. First is the ability to identify and manage access. Second, architecture is needed to manage, deploy, and communicate to agents for access privileges. Third is the agent fabric, which is how the framework is implemented within an organization.

“We have context, we have the ability to hand off responsibility, we know what they’re looking at, we know what they’re learning,” Schafer said. “You can keep that under control by using those three pillars: trust, architecture and a fabric that has them all connected together.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the RSAC 2026 Conference:

(* Disclosure: Fortinet sponsored this segment of theCUBE. Neither Fortinet nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE