Get your free personalized podcast brief
We scan new podcasts and send you the top 5 insights daily.
As AI tools for both cyber offense and defense improve, the technical advantage may go to defenders with more compute and better models. However, humans will continue to be the weakest link, vulnerable to social engineering attacks that bypass technical defenses.
Related Insights
Investor Gilly Shwed predicts an imminent, dangerous gap where AI-driven threat actors operate at a speed and sophistication that human-led security teams cannot match. This transitional phase, before defensive AI can fully take over, poses an unprecedented risk to critical infrastructure.
Despite AI supercharging offensive capabilities, the defender's ultimate advantage remains unchanged: they set the operational terrain. Basic, often-neglected measures like network air-gapping are more critical than ever, as they create structural barriers that even advanced AI struggles to overcome.
AI enables attackers to launch scalable, rapid attacks, overwhelming defenders who are left to manually monitor, validate, and patch vulnerabilities. This dramatically shifts the balance of power, creating a significant strategic disadvantage for cybersecurity teams in a way not seen before.
The cybersecurity landscape is now a direct competition between automated AI systems. Attackers use AI to scale personalized attacks, while defenders must deploy their own AI stacks that leverage internal data access to monitor, self-attack, and patch vulnerabilities in real-time.
Kevin Mandia predicts that within two years, all cyberattacks will be AI-driven. The sheer speed of these threats makes human-in-the-loop defense obsolete. The only viable response is a fully autonomous, AI-powered defensive system to counter AI-born threats.
A former OpenAI security expert argues that even if AI makes codebases more secure, hacking won't become harder. Attackers exploit the entire system—runtime behavior, configurations, authentication—not just static code. Looking only at code is like seeing a dinosaur's bones; you miss the muscles, feathers, and behavior that define the real-world attack surface.
The most immediate cybersecurity threat from advanced AI isn't a sophisticated system breach. Instead, it's the ability to use AI to massively scale "old school" fraud like impersonation and phishing attacks, tricking individual people at an unprecedented rate and volume.
The long-term trajectory for AI in cybersecurity might heavily favor defenders. If AI-powered vulnerability scanners become powerful enough to be integrated into coding environments, they could prevent insecure code from ever being deployed, creating a "defense-dominant" world.
While AI gives attackers scale, defenders possess a fundamental advantage: direct access to internal systems like AWS logs and network traffic. A defending AI stack can work with ground-truth data, whereas an attacking AI must infer a system's state from external signals, giving the defender the upper hand.
Adversaries are using AI to create an "asymptotic attack pressure" with novel exploits moving at machine speed. Traditional human-speed defense is insufficient. The solution is an autonomous defensive system that mirrors the attackers, creating a corresponding counter-pressure to analyze threats and respond in real-time.