Spend enough time around cybersecurity types, and questions like the one above might feel like lighthearted chitchat.

But such questions were actually the hot topic at the RSA conference in San Francisco last week. The annual confab is one of the largest gatherings of cybersecurity professionals, and the timing of this year’s gathering proved particularly apt. Near the end of the week, an internal document from Anthropic leaked to the public , about a new AI model so powerful that it poses significant cybersecurity risks because of its potential to become a tool for hackers.

Investors took that as yet another sign that AI models will eventually disrupt established software businesses. Stocks of cybersecurity providers like Palo Alto Networks , CrowdStrike and Zscaler all fell more than 5% on Friday following reports about the new model. This despite the fact that the leak actually made a strong case for robust cybersecurity defenses in a world where AI tools can give hackers new superpowers . In a report, BTIG analyst Gray Powell noted that Anthropic “is effectively giving the world a warning on the increased cyber risk associated with AI.”

But that warning may not be heeded very widely. A common theme in conversations around the conference was how quickly companies are rushing to adopt AI without putting proper security protocols in place. That seems particularly the case with agents, which are AI systems empowered to take actions on behalf of a user, like booking an airfare or initiating a refund on a purchase. AI agents have become all the rage in business, with some companies even referring to them as digital workers and assigning them human names .

NEWSLETTER TABLE TALK

Never miss a story.
Subscribe now.

The most important news & topics every week in your inbox.

AI agents can actually be designed to enhance a company’s cyber defenses . But they can be a major vulnerability as well, depending on what data they have access to and what actions they are empowered to take. The ability of an AI agent to do tasks at blinding speeds around the clock means they could also do far more damage than a human working the 9-5 shift.

Many seem to have free rein so far. A recent survey of 100 large companies by Guggenheim Securities found that 77% are now using AI agents but only 4% have secured them. Jefferies analyst Joseph Gallo joked in his own report that RSA this year stood for “Rarely Securing Agents.”

That could turn out very badly for some. Cybersecurity has already become a pervasive risk in the modern, connected world. High profile attacks like the infamous “ Sony Hack” of 2014 helped convince corporate America of the need for robust cybersecurity defenses. But even those aren’t always enough. The late FBI director Robert Mueller is often quoted as saying: “There are two types of companies: those that have been hacked and those that will be hacked.”

The race among companies trying to adopt AI quickly opens a new range of vulnerabilities. Companies love digital workers because they don’t need sleep, coffee breaks or vacations. Hackers may come to love them for the same reasons.

This is an edition of the WSJ AI & Business newsletter, a weekly digest to help you make sense of AI’s impact on business with news, insights and data from our global team of technology journalists. If you’re not subscribed, sign up here .

Why OpenAI Pulled the Plug on Sora

OpenAI was weeks away from finishing work on a new AI model and needed to free up more computing resources to power the coding and enterprise products that would run on it. AI chips are the most precious commodity at any leading research lab, and at OpenAI, the video-generating app Sora was eating up far too many of them.

The product wasn’t profitable, and every user who spliced themselves into a World War II newsreel or Hollywood chase scene drew down a finite resource. Sora now looks like an expensive strategic miscalculation, one that was led by key employees who were at the center of the AI talent war raging across Silicon Valley.

The Number

Nvidia’s   investment in rival chip maker   Marvell , which helps companies like Amazon develop their own internal processors for their AI needs.

What the Humans Are Saying

AI in Charts

After years of licensing out its designs to other chip companies, Arm Holdings is jumping into the market with its own product. The timing is great for a CPU chip focused on powering AI agent workloads. But a run-up has made Arm’s stock far more expensive than other chip companies relative to future earnings, leaving little room for error in the company’s new endeavor.

AI in the Wild

Andy Coravos has a new home helper—named Claude. She assigns her tedious tasks to Anthropic’s AI tool, including evaluating health insurance plans and locating new doctors. By offloading the menial stuff to an artificial-intelligence, she says she has freed up time she wouldn’t otherwise have, which she now spends taking guitar and singing lessons. People really do see productivity gains at home by using AI, according to a new study .

Other Highlights From the Week in AI

About Us

WSJ AI & Business is a weekly look at AI’s transformation of the business world. This newsletter was curated and edited by Dan Gallagher and Asa Fitch. Reach them at dan.gallagher@wsj.com and asa.fitch@wsj.com (if you’re reading this in your inbox, you can just hit reply). Got a tip for us? Here’s how to submit .