Key takeaways
Regardless of hype, AI-driven attacks have already industrialized. This shift has triggered a 113% surge in API attacks since 2023.
Because AI endpoints are fundamentally APIs, protecting them requires more than just perimeter security.
By combining robust protection with Zero Trust microsegmentation, organizations can safeguard sensitive training data and mitigate agentic AI risks like goal hijacking through workload-level isolation.
Microsegmentation transforms inevitable breaches into manageable events, reducing the blast radius of machine-speed attacks.
Our acquisition of LayerX secures the human element and turns browsers from a vulnerability into a powerful point of control.
Our now-integrated portfolio empowers partners to build resilient AI security practices that protect the models and APIs of the future.
The reality of AI-driven threats: Hype vs. hazard
Walk into any security summit or executive briefing today and you’ll find one topic overshadowing all others: What is the true impact of AI on the threat landscape?
While some experts still question whether the technology is overhyped, threat actors are already providing a definitive answer by using AI to scale their operations with devastating efficiency. The shift toward industrialized cyberattacks is no longer a trend to watch — it is the urgent reality that our partners must address today.
AI at the entrance
The latest intelligence from the Apps, APIs, and DDoS 2026 State of the Internet report reveals an industrialized threat landscape in which daily API attacks have surged by 113% year over year. This surge has transformed API abuse into a legitimate business continuity crisis. In this environment, attack timelines have collapsed from weeks to hours as AI-powered reconnaissance and adaptive payloads allow threats to bypass perimeter defenses with machine-speed precision.
However, the API is merely the initial entry point. The true hazard of AI-driven threats lies in what happens after the initial breach.
The security gap: Machine speed vs. static defenses
Most enterprises remain dangerously exposed after a breach because internal security hasn't kept pace with the velocity of AI.
Our 2025 Segmentation Impact Study highlights a widening security gap:
The perimeter reality. Although 92% of organizations use basic segmentation, these static defenses are designed for human-speed adversaries.
The containment crisis. Only 35% of organizations have the microsegmentation maturity needed to stop an AI agent from moving laterally.
The bottom line. When an API is compromised, it acts as a digital skeleton key. Without microsegmentation, there is nothing to stop an AI-driven threat from mapping the east-west corridor in seconds.
From localized entry to organizational crisis
Without the granular ability to restrict traffic at the workload level, a single compromised AI node can quietly escalate privileges and locate high-value assets at a speed that renders traditional manual intervention obsolete. By failing to address internal visibility, organizations allow a localized entry point to evolve into a full-scale organizational crisis before the first alert is even triaged.
WWT’s ARMOR: A blueprint for AI security frameworks
To combat these sophisticated threats and provide a standardized path forward, our partner, World Wide Technology (WWT), recently established the AI Readiness Model for Operational Resilience (ARMOR).
For our broader partner community, WWT's ARMOR serves as a powerful example of how to build a successful go-to-market blueprint for AI security. It illustrates a structured methodology to sell, deploy, and manage AI infrastructure securely.
At Akamai, we are proud to be one of the first six vendors selected to power WWT's program, validating how seamlessly our portfolio integrates into top-tier partner frameworks.
The ARMOR framework demonstrates how partners can build a dynamic, repeatable architecture by focusing on several critical domains:
Cyber resilience
Governance, risk, and compliance (GRC)
Secure AI operations
Model protection
Secure development lifecycle (SDLC)
Infrastructure security
Data protection
By looking to frameworks like this as a model and aligning your own managed service offerings with these critical domains, you can transition from merely selling discrete products to delivering the comprehensive, secure AI outcomes that your enterprise clients are actively demanding.
Our role in your AI security ecosystem: Differentiating your services
We bring a deep, integrated portfolio to frameworks like ARMOR to ensure enterprise AI workloads remain secure and resilient. By choosing to integrate Akamai Guardicore Segmentation, API Security, and Prolexic solutions into your own AI security practices, you can offer your clients a distinct competitive advantage.
However, even the most robust security software faces a hurdle in the AI era: the “security tax.” As AI clusters demand every available cycle, traditional security agents begin to compete for the very resources required for model training. To solve this, we must evolve where security lives by creating a true synergy between our software intelligence and the underlying hardware.
The path forward: Decoupling security via NVIDIA BlueField
The velocity of AI demands a fundamental rethinking of internal infrastructure security. Traditional security agents were functional in the past but now compete directly with the very AI workloads they are trying to protect. To advance, the industry must embrace the NVIDIA BlueField data processing unit (DPU) as a purpose-built security processor for AI infrastructure.
This is not just an architectural tweak; it is a strategic necessity. By offloading networking and security functions to hardware like the NVIDIA BlueField, high-performance AI training and inference workloads can operate at peak efficiency without the overhead of traditional security agents.
More importantly, this transition establishes a genuinely resilient architecture. When modern segmentation integrates with NVIDIA BlueField, it functions as a logically isolated security layer. Because security enforcement runs completely separate from the host operating system, the security partition on the DPU remains intact even if a host is compromised.
For our partner community, this represents a unique opportunity to shape the conversation about tomorrow. Instead of merely securing complex back-end AI infrastructure, you are delivering a proactive methodology to isolate large-scale GPU clusters and prevent the lateral movement of threats.
Expanding to OT, IoT, and agentic AI
While Akamai Guardicore Segmentation secures the internal infrastructure, our API security solutions secure the connective tissue of agentic AI. This gives you the visibility to monitor complex behaviors and prevent unauthorized access to the sensitive data lakes that are feeding your clients' AI models.
Furthermore, the Akamai Guardicore–NVIDIA BlueField integration extends the protection to the AI factory, delivering hardware-accelerated microsegmentation:
Ensuring that high-performance AI workloads remain secure without sacrificing throughput or latency
Enabling agentless Zero Trust for operational technology (OT) and Internet of Things (IoT)
Securing industrial systems at the hardware level without touching the devices themselves
Reducing overall exposure with a hardware-isolated model
Strengthening your cyber insurance risk profile
End-to-end resilience
With our Prolexic DDoS mitigation platforms, we empower you to provide a multilayered defense against the massive volumetric attacks designed to overwhelm new, mission-critical architectures. By combining internal network segmentation accelerated by NVIDIA BlueField, application-layer API security, and edge DDoS protection, partners can architect an end-to-end defense strategy that enterprise clients simply cannot build on their own.
This integration is a core component of the ARMOR framework, ensuring that AI infrastructure is both fast and inherently secure.
The “last mile” of AI security: Controlling the user interface
While the ARMOR domains provide a robust blueprint for infrastructure and data, a significant risk remains: the human element. Even the most secure model is vulnerable if sensitive data is leaked through the browser.
Our acquisition of LayerX addresses this specific gap. By adding browser-based security and AI use control, we enable partners to offer visibility into how employees use generative AI (GenAI) tools. This ensures that while the back-end infrastructure is locked down, the front-end interaction is also governed — preventing accidental data leakage or the use of shadow AI that could bypass corporate policy.
This latest addition to our portfolio is perfect for AI frameworks like ARMOR, particularly for GRC because it enables customers to create AI use policies and monitor for insider risk and shadow AI. Ultimately, this acquisition transforms the browser from a potential vulnerability into a powerful point of control, ensuring that AI adoption is as safe as it is productive.
Empowering partners to lead
No single vendor can secure the AI frontier alone, and no single product is a complete solution. Solving the AI security challenge requires tight collaboration across our entire channel community.
We rely heavily on our distributors, resellers, and integrators to contextualize and deliver these architectures to the global market. Furthermore, our technology partnerships with industry leaders like Apiiro, Armis, Aqua Security, Kong, MuleSoft, Tufin, and Snyk play a pivotal role. Together, we ensure that security is seamlessly embedded throughout the entire SDLC and cloud native environments.
By aligning our edge and security capabilities and our broader partner network with your proprietary service frameworks, we are equipping you to help organizations innovate fearlessly. This is your opportunity to lead the market, capture new service revenue, and turn the hype of secure enterprise AI into a reality for your customers.
Find out more
Learn more about WWT’s ARMOR framework and reach out to our Partner team to discuss how we can deliver secure AI with our partners.
Tags