Before AI, the goal was simple (but not easy): build something people actually wanted. Then AI came along, and the race became about speed — build faster, ship faster, grow faster.

Now the goalpost is moving again. The next challenge isn’t just growth. It’s keeping everything working and safe in a world where AI itself can be hacked, manipulated, or poisoned.

And it’s not theory — it’s already happening.

The reality check

In just the last few weeks of Sept 2025:

• Jaguar Land Rover was hit by a cyberattack that stopped production — costing an estimated £50m a week.
   

• Airports across Europe — from Heathrow to Brussels to Berlin — were paralysed when a single software supplier, Collins Aerospace, got hit with ransomware.
   

• London nurseries had the personal data of 8,000 children stolen and leaked online.

These are not small businesses. They have budgets, IT teams, and protocols. And yet they still got taken down.

So what happens to smaller companies, startups, and growing businesses that are now building their systems around AI — often without security in mind?

The new attack surface: AI itself

AI isn’t just another tool. It’s a new attack surface.

Researchers recently disclosed EchoLeak, a vulnerability in Microsoft Copilot that allowed hackers to exfiltrate data through a simple email — no clicks required.

Google’s Gemini and Microsoft’s Copilot have both shown vulnerability to prompt injection attacks, where hidden instructions in text trick the AI into following commands it shouldn’t.

Even AI-powered browsers can be hijacked by invisible text embedded in web pages — text that humans can’t see, but AI interprets as instructions.

Attackers no longer need to break into your systems. They can simply manipulate the inputs your AI receives — from you or your customers.

That’s the modern threat landscape.

Why businesses are more exposed than ever

Unlike a multinational, most businesses don’t have a CISO or security team. Many rely on open-source tools or external APIs they barely understand.

AI is speeding up workflows, but it’s also speeding up exposure. Attackers now use AI to automate phishing, create malware, or even clone voices for scams.

The same technology that helps you grow can also help hackers scale their attacks.

What business leaders should do

You don’t need a 10-person security team. You just need awareness and a few smart habits:

• Audit your AI stack — know what tools you’re using, where your data goes, and who owns the infrastructure.
   

• Limit what data you feed into AI tools — treat sensitive info as if it’s already public.
   

• Validate AI outputs — especially when using them for customer communication or financial decisions.
   

• Have a simple incident plan — even a one-page checklist is better than chaos.
   

AI can absolutely help your business grow — but only if you keep it under control.

Because in 2025, the real race isn’t about who builds the fastest.

It’s about who builds the safest.

👉 Want more insights like this?

Join thousands of founders and business leaders who read the Rare Founders Newsletter for practical advice, investor insights, and event invites: https://startups.rarefounders.com/