Organizations are making a big bet on AI, but if their plans don’t include a cybersecurity strategy, then they are gambling with their future.
Over the past few years, GenAI platforms have matured from pattern-matching large language models (LLMs) to tool-calling agents. Many enterprises now report that the majority of their code is written by AI. However, threat actors have also upped the ante – agentic attacks shape offense faster than human defenses can respond.
In the last decade, the fundamental questions of cybersecurity have evolved. When CISOs asked, “What do I have?”, the industry provided context on assets. When they asked, “What is important?”, the industry provided prioritization. When they asked, “How do I fix it?”, the industry provided remediation.
Now, virtually every cybersecurity solution has implemented conversational AI that can make recommendations, but manual remediation cannot keep pace with AI-powered cyberattacks.
The agentic era is forcing manual remediation processes to evolve rapidly. CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
AI Is the New Perimeter
AI has changed the game in both the scope of the attack surface and the scale of agentic attacks. This attack surface (and the control plane) spans assets, identity, and decision context. Enterprise AI agents and AI-generated code are both sources of risk.
In February 2026, OpenClaw, an agentic assistant, became so popular that its creator was recruited to join OpenAI. Although early adopters of OpenClaw may pose a shadow AI risk in enterprise environments, they also serve as a proof of concept for the agentic enterprise.
But the agentic enterprise is a security nightmare. Connecting AI to everything creates a flat network that runs counter to the principles of network segmentation and isolation that the security industry has advocated for decades.
One risk is that AI agents have the ability to execute tasks and make decisions autonomously, but they lack the discernment to avoid harming themselves or their enterprise.
Many parents have scolded their children by asking, “If everyone jumped off a bridge, would you?” There are numerous examples of AI-induced outages and data leaks that demonstrate AI would jump off a bridge. Therefore, organizations must implement guardrails.
Another risk is that threat actors are targeting AI. Model poisoning can manipulate training data to corrupt the foundational logic of AI models. Evasion of logic attacks bypasses defensive decision-making algorithms. Autonomous systems create blind spots that humans might miss. AI-powered cyberattacks continuously learn from their failed attempts to improve future attacks.
It has been estimated that within the next few years, the ratio of humans to agents will increase to 1:100 (or more). That means the typical large enterprise with 10,000 employees will be contending with a million or more agents – the size of a major metropolitan city.
Organizations should think of managing the agentic enterprise like a major metropolitan city, implementing infrastructure, establishing proactive policies, and governing it with controls.
The Agentic Detection Gap
As bad actors reshape the threat landscape with agentic cyberattacks, the defensive paradigm has yet to adapt. In Armis’ 2026 State of Cyberwarfare Report (PDF), 43% of respondents reported that their organization still detects and responds to significant cyberattacks as they happen or after they have already occurred.
The cybersecurity industry optimizes for detection, but threat actors optimize for avoidance, which means security teams have to focus on finding threats after ingress. Alerts don’t change outcomes – knowing about a breach doesn’t prevent it.
The speed of adaptation on both offense and defense determines whether a cyberattack will succeed, but currently, the odds favor attackers. It used to take threat actors a week to create exploits when vulnerabilities were disclosed (and even then, patch management struggled to keep pace). Threat actors can now create exploits in minutes by weaponizing agentic coding platforms.
The irony is that many of the cybersecurity solutions that were developed to address the challenges of legacy technology have now become legacy cybersecurity solutions as well. Cybercriminals have outscaled static rules, periodic assessments, alert generation, and human-in-the-loop processes.
Organizations have been reluctant to adopt machine automation, but they can no longer afford to delay. At a minimum, cybersecurity requires dynamic threat hunting, continuous monitoring, and proactive exposure management. These are the table stakes today, but what about tomorrow?
The New Paradigm: From Human vs Human to AI vs. AI
It should be readily apparent that AI is driving the new paradigm of offense and defense. Speed, scale, and autonomy are redefining the competitive advantage between threat actors and defenders.
Pragmatically, cybersecurity teams must adapt to this paradigm in a few ways. First, they must move from reactive detection to preemptive protection. Organizations can stop attacks before they happen by operationalizing alert generation into prioritized exposure management.
Cybersecurity must also follow the AI paradigm shift from disconnected tools and ad hoc manual processes to unified, comprehensive platforms and autonomous action. Here are three principles that can help catalyze that shift.
- Continuous Learning: Defenders must learn from environmental changes – not just incidents – and they must learn in near real time. Organizations can close this learning-speed gap by using AI to detect drift (i.e., blind spots and gaps) before exploitation.
- Exposure & Context: Organizations must prune the low-hanging fruit that threat actors exploit in cyberattacks, including unknown and unmanaged assets and unsafe configurations. They can use AI to prioritize remediation based on impact, availability, and mission criticality.
- Continuous Threat Exposure Management: Organizations must rise to the challenge of agentic cyberattacks with autonomous identification, prioritization, and remediation. Human defenders still define intent, and AI agents execute on their behalf at machine speed.
When it comes to making big bets, they say the house always wins. Defenders actually do have an advantage over attackers: they know what matters most to their business. Agentic cyberattacks create an asymmetrical advantage in attack speed, but defenders can even the odds by adopting agentic cybersecurity.
Learn More at the AI Risk Summit | Ritz-Carlton, Half Moon Bay
