.jpg)
Fastly, Inc., a leader in global edge cloud platforms, has released its fourth annual Global Security Research Report, highlighting a significant "AI Speed Tax" paid by AI-first businesses. These organizations—those that integrate AI deeply into core processes and offerings from the start—experience substantially longer recovery times and elevated costs from cybersecurity incidents due to security modernization lagging behind rapid AI expansion.
AI-first businesses report an average recovery time of nearly seven months from incidents, which is 80 days longer than non-AI-first organizations. The financial impact is even more pronounced, with breach costs exceeding those of non-AI-first peers by over 135%. This disparity stems from extended downtime and a higher incidence of AI-specific compromises.
The rapid integration of AI introduces new vulnerabilities, including agentic workflows, decentralized data flows, and expanded infrastructure footprints that traditional defenses struggle to cover. Nearly half (44%) of AI-first organizations experienced direct AI exploitation in recent incidents, underscoring how AI-native systems broaden potential attack vectors.
Additionally, more than a third (34%) of AI-first respondents noted that AI usage created oversight or blind spots that contributed to their last breach. This visibility gap makes it challenging for security teams to track AI deployment, enforce policies, or isolate AI's role in incident response.
Beyond direct breaches, AI-driven activities like scraping impose substantial indirect costs. For 64% of organizations, AI scraping represents a material expense, with average annual infrastructure impacts surpassing $348,000. Broader effects include increased infrastructure spend (43% of organizations), operational disruptions (40%), and degraded user experiences such as slow load times or broken functionality (29%).
These creeping costs and added architectural complexity highlight how unmonitored AI expansion can erode efficiency and performance.
“The speed of AI adoption is reshaping security infrastructure almost overnight. For AI-first businesses, the priority isn’t to slow down innovation — it’s to modernize security at the same rate that AI is transforming their infrastructure,” said Marshall Erwin, CISO at Fastly. “That means securing AI and inference infrastructure, monitoring and throttling unwanted AI crawler activity, anticipating the rise of shadow AI and shoring up your outer perimeter.”
“There is a major shift happening in terms of what organizations are responsible for defending,” continued Erwin. “The challenge is no longer confined to malicious actors and isolated security incidents. Instead, it's about managing an infrastructure footprint that is growing rapidly and, often, invisibly.”
“From unmonitored agentic activity to escalating scraping costs, the risks are real, operationally and commercially. As a result, Web Application and API Protection (WAAP) tools are becoming business-critical solutions because they provide essential visibility and control organizations need to secure innovation at the edge,” noted Erwin.
Organizations are responding by prioritizing security tools suited to the AI era. Top investment areas include agentic discoverability, API security, and web application firewalls. However, concerns remain high: 75% worry about DDoS attacks targeting AI agents, and 53% report a greater need for AI-specific security expertise.
The report, based on a survey of 2,000 IT decision-makers influential in cybersecurity across large organizations in multiple regions and industries (conducted by Sapio Research in Q4 2025), emphasizes the need for security modernization to match AI velocity. Fastly recommends downloading the full report for actionable steps to enhance resilience and reduce recovery times.
This research underscores the critical balance between accelerating AI innovation and fortifying defenses to avoid disproportionate costs and risks in an increasingly AI-dependent digital landscape.
About Fastly, Inc.
Fastly’s powerful and programmable edge cloud platform helps the world’s top brands deliver online experiences that are fast, safe, and engaging through edge compute, delivery, security, and observability offerings that improve site performance, enhance security, and empower innovation at global scale. Compared to other providers, Fastly’s powerful, high-performance, and modern platform architecture empowers developers to deliver secure websites and apps with rapid time-to-market and demonstrated, industry-leading cost savings. Organizations around the world trust Fastly to help them upgrade the internet experience, including Reddit, Universal Music Group, and SeatGeek.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.