Securing Enterprise GenAI: The Invisible Risk in RAG Pipelines and AI Agents
Published 2026-03-25AI Regulation and GovernanceHigh
Summary
Nasscom published an article highlighting the security risks inherent in enterprise generative AI deployments, specifically focusing on RAG (Retrieval-Augmented Generation) pipelines and AI agents. The piece draws attention to attack surfaces that are often overlooked in production AI systems, including prompt injection through retrieved documents, data poisoning in vector stores, and unauthorized data access via agentic workflows that interact with enterprise systems. The article underscores t
Alignment: Reinforces current position
Related Positions: ai-governance-and-risk.md, agentic-workflows.md, enterprise-ai-delivery.md, ai-infrastructure-strategy.md
Related Partnerships: glean.md
rag-securityenterprise-genaiai-agentsprompt-injectionai-governancedata-securityagentic-riskvector-store-securitynasscomenterprise-ai-security