Balancing Act: Cybersecurity Industry Moves Quickly to Adopt AI for Defense While Speed of Attacks Escalates
The cybersecurity community is walking a tightrope with artificial intelligence, balancing a desire to embrace AI as a useful tool for strengthening protection against attacks and taking action to mitigate an emerging new category of risk that widespread adoption of AI will bring. This clash of competing interests is playing out as security professionals must move quickly to make the right calls for how AI can best be used in preventing attacks while responding to new threats and vulnerabilities brought on by adoption of the same tools by hostile nation-states and malicious actors.
"AI is the hardest challenge that this industry has seen," said Jeetu Patel, executive vice president and chief product officer at Cisco Systems Inc., during his keynote address at RSAC 2025 Conference in San Francisco this week. "The AI architecture is going to be completely different. We've inserted the model layer. It's nondeterministic, it's unpredictable. This opens up a whole new class of risks that we haven't seen before."
The scope of risks associated with AI adoption is still being determined, but research has shown that AI is being adopted by threat actors and they're moving fast. According to Rob Lee, chief of research and head of faculty at the SANS Institute, adversarial agent systems are executing attack sequences 47 times faster than human attackers.
"With generative AI, it's critical that security becomes front and center for every aspect of the business," said Menny Barzilay, co-founder and CEO of Milestone Inc. "We have to build autonomous security systems. I don’t think we have any other alternatives."
The stage is set for a new level of robotic attacks, and the cybersecurity world is embracing AI to meet the challenge. A flurry of activity in recent weeks underscores the realization among security professionals that robust AI tools will be needed to counteract what's coming from threat actors.
"We're going to have autonomous hacking systems roaming on the Internet," said Marcelo Oliveria, the new security product leader for GitHub Inc. "We have to build autonomous security systems. I don’t think we have any other alternatives."
The cybersecurity industry is also focused on providing tools for developers to reduce security debt, the accumulation of large amounts of vulnerabilities and weaknesses in systems or software.
"What the developer is getting is a fix," said Marcelo Oliveria. "We have an opportunity to help people get clean and stay clean. We believe this is a differentiator in why we are going to win this battle."
The development of AI-native workflows across the security lifecycle, such as Foundation-sec-8b, designed to build and deploy AI-native workflows across the security lifecycle, is also underway.
The stage is set for a new level of robotic attacks, and the cybersecurity world is embracing AI to meet the challenge. As one industry expert noted, "We're going to have autonomous hacking systems roaming on the Internet, and we need to build autonomous security systems to keep up."