Episode 79

full
Published on:

3rd Sep 2025

Hacking AI: The Risks for Businesses

Understanding AI security threats before they become your next crisis

On this episode of Razorwire, I explore the emerging frontier of AI security with leading experts Jonathan Care and Martin Voelk. We examine the latest risks, show you how adversaries are exploiting AI systems and share practical advice for professionals working with these rapidly advancing technologies.

We move past the marketing speak to reveal how attackers are using generative AI, what it really takes to test these complex systems and what the rise of agentic, self-operating AI means for defenders. Security leaders, penetration testers and anyone implementing business technology need to understand these threats before committing to new AI solutions.

This conversation addresses real incidents, examines practical realities and highlights why many enterprises are dangerously unprepared for what's ahead in AI security.

Key Topics

  1. Inside the Mind of the Attacker: Learn how both ethical hackers and financially motivated criminals are already using AI to automate attacks, spread misinformation and create new vulnerabilities. Martin and Jonathan share examples of prompt injection, data poisoning and “model jailbreaking” - all tactics reshaping the cyber threat landscape right now.
  2. Pen Testing AI: What’s Different and What’s Still the Same: Go behind the scenes with insights into penetration testing for large language models and agentic AI. The episode discusses fresh attack surfaces, why classic testing skills are still vital and the new OWASP Top 10 for LLMs. If you’re considering buying AI-powered tools, take away concrete advice on how to stress-test these systems before attackers do.
  3. Business Risk, Legal Headaches and What to Demand from Vendors: With AI now touching everything from customer bots giving dodgy medical advice to autonomous agents able to cause chaos, the conversation gives practical advice about reputational, legal and operational risks. Listen for the must-ask questions every business should take to their vendors as well as new regulatory requirements that mean robust AI testing can’t be left as an afterthought.

If you want to stay ahead of AI and cybersecurity developments and avoid building tomorrow's biggest headache, this episode is essential listening.

AI Model Bias Debate: 

" 77% of enterprises are reporting at least one AI related security incident. 62% of enterprises lack any dedicated testing programme.”

Jonathan Care



Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen



In this episode, we covered the following topics:


  • Test Your AI Before Attackers Do - With 77% of enterprises already hit by AI security incidents but 62% lacking testing programmes, discover what specific vulnerabilities to check for and how to implement proper AI red teaming.
  • Stop AI Hallucinations From Damaging Your Business - Understand how AI systems fabricate information and create legal liability, plus practical steps to identify and mitigate these risks before they affect customers or operations.
  • Protect Against Medical and Legal AI Disasters - Learn from real cases where AI gave dangerous advice and created legal obligations, including what liability questions you need to address with vendors and internal teams.
  • Secure Agentic AI That Can Take Real Actions - Discover why AI agents that can invoke APIs, modify data and trigger real-world changes require completely different security approaches than traditional chatbots.
  • Defend Against Prompt Injection Attacks - Get specific techniques for testing and protecting against AI-specific vulnerabilities that traditional cybersecurity controls cannot address.
  • Identify Poisoned Training Data and Supply Chain Attacks - Understand how attackers manipulate AI training data and learn what questions to ask about data sources and model provenance.
  • Implement Automated and Continuous AI Testing - Explore new tools and frameworks for always-on adversarial testing of AI systems, including what capabilities to build in-house versus buy.
  • Navigate AI Model Bias and Censorship Issues - Understand how different AI models reflect their creators' biases and learn strategies for getting balanced information across multiple sources.
  • Meet New Regulatory Requirements for AI Testing - Prepare for mandatory adversarial testing under the EU AI Act and US executive orders, including what documentation and processes you'll need.
  • Build AI Security Skills and Career Paths - Identify the specific certifications, training and technical skills needed for AI security roles, plus advice for both newcomers and experienced professionals transitioning to AI security.



Resources Mentioned 


Connect with your host James Rees

Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.

Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.

With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.


For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com.

If you need consultation, visit www.razorthorn.com. We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.


LinkedIn: Razorthorn Security

YouTube: Razorthorn Security

TikTok: Razorwire Podcast

Twitter:   @RazorThornLTD

Website: www.razorthorn.com


All rights reserved. © Razorthorn Security LTD 2025

All Episodes Previous Episode

Listen for free

Show artwork for Razorwire Cyber Security Insights

About the Podcast

Razorwire Cyber Security Insights
Real conversations helping cybersecurity professionals sharpen their insights, strategy & leadership skills.
Cybersecurity is evolving — and so should you. Razorwire brings the open conversations that give you the edge.

Welcome to the Razorwire podcast — your resource for practical advice, expert insights, and real-world conversations on cybersecurity, information security (InfoSec), risk management, governance, security leadership, human factors, and industry trends.

Our mission is to help you build a stronger cybersecurity career while supporting a dynamic, agile community of professionals committed to continuous improvement.

Each episode brings you actionable advice and real experiences from your host, James Rees — an information security specialist with over 25 years of experience — and from a range of respected guests across the cybersecurity industry. Together, we explore everything from technical strategies and compliance challenges to security culture, communication skills, and leadership development.

James Rees is the founder of Razorthorn Security, providing expert consultancy and testing services to a wide range of organisations, including many Fortune 500 companies. His practical, no-nonsense approach helps organisations manage cybersecurity risks effectively while strengthening resilience.

The Razorwire podcast is designed for cybersecurity professionals who want to stay ahead, sharpen their skills, and confidently respond to the challenges of today's evolving threat landscape. We believe collaboration is key to stronger security — and Razorwire gives you the conversations that help you achieve it.

For more information about us, or if you have questions you'd like discussed on the show, email podcast@razorthorn.com or visit www.razorthorn.com.