The Director's Cut: When a Helpful AI Shortcut Becomes a Board Issue

Recent incidents and regulatory signals highlight a changing cyber risk landscape: employee AI misuse, ransomware-driven data extortion, AI-enabled attacker advantage, and cyber-physical social engineering all raise new oversight questions for boards.

When a Helpful AI Shortcut Becomes a Board Issue

CB Financial Services’ May 8K disclosure is a useful warning for directors: one employee’s use of an unauthorized AI application was enough to trigger a material cyber incident filing. The event did not require a core-system breach or a sophisticated external attack. It began with a well-intentioned shortcut involving sensitive customer data.

According to the company, the exposure involved non-public customer information, including names, Social Security numbers, and dates of birth. The risk was created not by malicious intent, but by weak control over how employees use fast-moving AI tools in everyday work.

This is no isolated edge case. Zscaler research found that its customers used roughly 3,400 different AI applications in 2025, many of them unsanctioned. That points to a governance problem at scale: employees are adopting AI faster than most companies are defining which tools are trusted, what data can be entered, and how usage is monitored.

AI policy is not enough. Management needs enforceable guardrails that limit access to untrusted AI apps, protect sensitive data, and enable the safe use of approved public AI. Directors should treat shadow AI as a live compliance, disclosure, and resilience issue, not a future concern.

What Directors Should Ask Management:

• What controls do we have to prevent employees from entering sensitive, regulated, or customer data into unsanctioned AI applications?

• Do we know which AI tools employees are actually using across the enterprise, and how much of that activity falls outside approved policy?

• If an employee exposes sensitive information through an unauthorized AI tool, how quickly would management detect it, assess materiality, and escalate it for legal, compliance, and board review?

Double Extortion Still Raises the Stakes After Initial Compromise 

Double extortion ransomware remains effective because attackers no longer depend on encryption alone. They steal data first, then threaten to publish it unless the victim pays. That dynamic appears in recent cases involving Instructure, which confirmed it reached an agreement with the attackers that included a ransom payment to prevent the leak of data tied to schools and users, and Foxconn, where a ransomware group claimed it stole large volumes of data and threatened disclosure. There is no official confirmation or evidence that Foxconn paid a ransom.

For directors, the key point is that extortion pressure grows when attackers can move beyond the first compromised device and reach sensitive systems or data. Once that happens, the business faces harder decisions on operations, disclosure, legal exposure, and extortion. The solution is Zero Trust segmentation, which helps contain compromises by limiting the blast radius of an attack, so one infected endpoint is less likely to become an enterprise-wide data-loss event.

What Directors Should Ask Management:

• If a single endpoint were compromised, what technical controls would stop an attacker from reaching sensitive data or critical systems?

NYDFS Signals That Frontier AI Is Changing the Attacker’s Advantage

New guidance issued by the New York Department of Financial Services argues that frontier AI models are not just another technology trend; they are changing the economics and speed of cyber attacks. AI can compress the time between vulnerability discovery and exploitation, increase the scale of automated attacks, and lower the skill required to execute them. For companies, that means threats may arrive faster and from a broader range of adversaries than many existing assumptions anticipate.

For directors, the message is distinct from employee AI misuse. This is about AI improving the attacker’s side of the equation. Regulators are signaling that management should revisit cyber risk assessments, vulnerability management, secure development, and third-party oversight in light of AI-enabled threats. Boards should ask not only whether the company is using AI safely, but whether it is prepared for a threat environment in which attackers can operate with greater speed and leverage.

What Directors Should Ask Management:

• Where are we most exposed if AI reduces the time between a vulnerability becoming known and being actively exploited?

When Cyber Extortion Walks Through the Front Door

The FBI has warned that Silent Ransom Group is targeting U.S. law firms with a blended cyber-physical approach that often begins with phone-based social engineering. Attackers impersonate IT support, pressure employees to grant access, and in some cases escalate to sending an in-person operative to the office to insert a rogue device. The tactic stands out because it targets a specific industry and bypasses the assumption that cyber incidents begin with phishing links or software flaws.

For directors, this is both an employee education issue and a third-party risk issue. Companies need staff who know how to verify suspicious calls, unexpected IT instructions, and unsolicited onsite visits. They also need confidence that outside law firms and other trusted advisors are protecting sensitive information with equal rigor. Resilience depends on stronger alignment between employee awareness, physical security, and third-party oversight.

What Directors Should Ask Management:

• What assurance do we have that our outside law firms and other trusted advisors are protecting our sensitive information against both social-engineering and physical intrusion tactics?

*****

Zscaler is a proud partner of NACD's Northern California chapter. We are here as a resource for directors to answer questions about cybersecurity or AI risks, and are happy to arrange dedicated board briefings. Please email rsloan[@]zscaler.com to learn more.