What happened
Developing Telecoms reported analysis from Dell'Oro's Mauricio Sanchez and BCG Platinion's Hakim Hamane on May 13, 2026, documenting how AI-driven threats exploit new control points that legacy cybersecurity tools were never designed to detect. Specifically: prompt injection attacks can manipulate AI systems without dropping files; data poisoning compromises outcomes before model deployment; agentic AI raises stakes because agents take actions through APIs and SaaS tools, not just respond to prompts. These attack vectors disproportionately impact emerging markets where SOC maturity and incident response capacity are still developing, because attackers gain access to global frontier AI capabilities (Mythos, GPT-5.5) while defenders rely on legacy tools built for predictable threat models.
Why it matters
This analysis broadens the threat model beyond 'vulnerable code' to 'vulnerable AI systems' — a category that includes prompt injection, data poisoning, agentic lateral movement via APIs, and tool-use exploitation. The disproportionate impact on emerging markets is particularly significant: it suggests that AI-driven threats will widen the capability gap between well-resourced (Western, developed-market) security teams and those in developing regions. This has geopolitical implications: emerging markets with less mature cybersecurity infrastructure may become high-value targets precisely because they lack visibility into AI-specific attack vectors.
Action needed
Expand security visibility to data, model, prompt, identity, and tool-use layers — not just endpoint and network layers. Organizations in emerging markets should prioritize AI-specific threat modeling: which agentic systems have access to critical data? Which APIs can agents invoke? Organizations in developed markets should prepare to export or share AI-specific detection capabilities (e.g., prompt injection signatures, agentic API anomaly detection) to developing-region partners and subsidiaries.