Organizations are deploying artificial intelligence at unprecedented speed, yet most lack the governance structures, technical controls, and operational processes needed to secure these systems. This growing mismatch between AI adoption and AI security is creating a critical vulnerability window that both regulators and cybersecurity experts say must be closed immediately.

Why Are Organizations Struggling to Secure AI Systems?

The core problem is straightforward: AI is reshaping both the attack surface and the defense landscape faster than organizations can adapt. Adversaries are weaponizing AI to launch more sophisticated, faster-moving attacks that outpace traditional defenses, while enterprises simultaneously lack clear roadmaps for securing their own AI deployments.

In the financial sector, the urgency has become impossible to ignore. US banking regulators, including the Federal Reserve, the Office of the Comptroller of the Currency (OCC), and the Federal Deposit Insurance Corporation (FDIC), have intensified their focus on AI risk management, warning banks to strengthen controls around AI-powered systems due to rising threats of cyberattacks, sophisticated fraud schemes, and operational failures linked to opaque or unreliable AI models. This regulatory push comes as banks accelerate AI adoption for efficiency and competitive advantage, but face mounting risks from adversarial attacks, deepfake-enabled fraud, and black-box decision-making that challenge existing controls and transparency requirements.

The regulatory warnings reference the NIST AI Risk Management Framework and align with global standards, while cautioning that current model validation, audit, and incident response practices may be insufficient for AI-specific threats. Regulators are signaling imminent updates to supervisory expectations and risk management frameworks within the next 30 to 90 days.

What Are the Five Key Challenges Organizations Face?

Security leaders across industries are grappling with five consistent themes as they work to close the AI security gap:

• AI-Specific Compliance and Risk Controls: Organizations must develop governance structures that address the unique risks posed by AI systems, including model drift, adversarial attacks, and data poisoning.
• Enterprise AI Governance Models: Most organizations lack mature governance frameworks to oversee AI development, deployment, and monitoring across the enterprise.
• AI-Powered Cyber Defense: While AI can strengthen defense operations, organizations must first secure the AI tools themselves before deploying them defensively.
• Defense Against AI-Driven Threats: Adversaries are using AI to launch fraud schemes and deepfake attacks that require specialized detection and response capabilities.
• Cost Savings Through AI-Enabled Automation: Organizations want to unlock efficiency gains through AI, but cannot do so without embedding security at the center of every deployment.

How to Implement Secure AI at Scale: The MLSecOps Framework

To address these challenges, SANS Institute has developed a structured, lifecycle-based approach called MLSecOps (Machine Learning Security Operations) that provides a practical roadmap for organizations at any maturity level. The framework consists of six phases, each designed with both core controls and advanced controls to match investment to risk posture:

• Scoping: Define the AI security requirements and risk profile for each AI system before development begins.
• Data Ops: Establish controls for data collection, validation, and integrity to prevent poisoning attacks and ensure model reliability.
• Development: Implement secure coding practices and model development standards that account for adversarial threats.
• Validation: Test AI models for robustness, fairness, and resilience against adversarial attacks before deployment.
• Deployment: Establish controls for safe, monitored rollout of AI systems with real-time monitoring and incident response capabilities.
• Operations: Continuously monitor deployed AI systems for model drift, performance degradation, and emerging threats.

The MLSecOps approach is designed to progressively mature AI security across the full lifecycle, ensuring that as AI capabilities grow, the security program grows with them. This phased approach allows organizations to start with foundational controls and advance to more sophisticated protections as their AI maturity increases.

What Are Regulators Demanding From Financial Institutions?

For banks and financial institutions, the regulatory expectations are becoming concrete and enforceable. Compliance teams must immediately review their AI governance, model validation, and cybersecurity protocols, anticipating new regulatory requirements within the next 30 to 90 days. Banks should expect more frequent supervisory reviews, targeted examinations of AI systems, and potential enforcement actions for inadequate controls, especially regarding fraud detection, explainability, and third-party AI vendor risk.

Financial institutions are being directed to prioritize enhanced fraud detection mechanisms, including real-time monitoring for AI-enabled scams and deepfakes, and ensure that incident response plans specifically address AI-driven attack vectors. Third-party AI vendors must be subject to rigorous due diligence and contractual controls to mitigate supply chain and model integrity risks. Failure to demonstrate effective AI governance could result in enforcement actions, reputational damage, and increased regulatory scrutiny in the coming quarter.

The regulatory push reflects a broader recognition that AI systems are now critical infrastructure in financial services, and that traditional cybersecurity and risk management frameworks are insufficient for protecting them. As organizations continue to deploy AI at scale, the gap between adoption speed and security maturity will only widen unless deliberate, structured approaches like MLSecOps are implemented immediately across all roles and organizational levels.