Navigating the New Era of Cyber Threats Kroll’s 2025 Global Business Sentiment Survey, released on...
The Two Competing Narratives of AI in Cybersecurity
In the rapidly evolving world of cybersecurity, generative AI has become both a beacon of hope and a looming threat. On one side, experts argue that defenders still hold the advantage. Cybercriminals often lack the deep pockets, computing resources, and advanced capabilities to develop truly devastating AI-powered tools—at least for now. This, they say, gives organizations time to harness AI’s potential for defense, strengthening detection and response capabilities before attackers catch up.
The Darker View: Hackers Are Already Using AI
The opposing camp warns that the race is already over—and the attackers are gaining ground. Open-source large language models (LLMs) are enabling cybercriminals to scan internet-connected devices for vulnerabilities, find zero-day exploits, and write malware with unprecedented efficiency. At Black Hat and DEF CON, security leaders voiced concern that these tools are advancing so quickly that malicious hackers could soon turn an organization’s own AI agents against it after breaching its systems.
The New Reality: AI on Offense and Defense
Generative AI is no longer just theoretical in cybersecurity—it’s in active use. Microsoft unveiled a prototype AI agent that can detect malware, though its accuracy rate is currently only 24%. Trend Micro showcased AI-driven “digital twin” simulations for safe threat testing. Government-backed challenges are producing open-source AI tools that can identify and patch vulnerabilities automatically. But as defenders innovate, so do attackers—using those same tools to create customized, targeted attack vectors designed for individual organizations.
Why Everyone Could Be “Patient Zero”
Historically, hackers exploited the same known weakness across many targets. Now, AI makes it possible to craft unique, highly targeted attacks for each victim, reducing the effectiveness of traditional defenses. John Watters, CEO of iCounter, warns this shift means “everybody becomes patient zero” — facing threats never before seen. This approach forces incident response teams into unfamiliar territory, dealing with novel breaches that defy existing playbooks.
Preparing for an Unpredictable Year Ahead
With open-source AI tools growing more powerful and reinforcement learning making them smarter through trial-and-error, the coming year could bring a seismic shift in the cyber threat landscape. The choice for organizations is stark: underestimate the pace of AI-driven threats, and risk being the first victim of a new attack method; overestimate it, and waste millions on solutions that miss the mark. Navigating this balance will define whether companies emerge as resilient defenders—or as cautionary tales.
