Every business is a snowflake

Each business has its unique challenges, but one commonality today is that AI is poised to disrupt almost every business everywhere. Organizations aren’t the only ones rapidly shifting to adopt AI—attackers are too, and they’re doing it faster. The implications of this AI arms race are alarming for legitimate businesses around the world.

Security teams must rapidly evolve their cyber strategy to meet these new threats, moving away from a reactive posture that detects and then responds after an incident happens. To outpace attackers, organizations will need to be preemptive instead—deterring, neutralizing, and preventing threats before they happen. 

HOW AI IS CHANGING THE GAME  

Anthropic recently revealed that a threat actor group was able to use AI (Claude) to perform 80-90% of an espionage campaign, with only sporadic human intervention, to attack 30 enterprises around the globe. The AI made thousands of requests per second, something even a team of highly skilled human attackers couldn’t do. Anthropic concluded that “less experienced and resourced groups can now potentially perform large-scale attacks of this nature with the help of AI.”  

That means the barrier to entry for cybercrime has dropped dramatically. Individuals who previously lacked the technical skills to code can now leverage AI tools to create and execute complex attacks. This will inevitability lead to a surge in the number of sophisticated attacks unleashed on business and governments worldwide. 

Most enterprises and cybersecurity vendors are responding to this change by taking legacy, reactive security approaches and trying to add AI on top of them. The idea is that you should fight AI-powered attackers with AI-powered defenses. However, this is akin to taking a tank and adding AI to it to battle a fleet of drones. Yes, the AI-enabled tank will get better, but it is fundamentally too slow and too expensive to meet the new threat and win.   

As AI makes large-scale attacks accessible to anyone, it’s not just the volume of threats that will explode, it’s their uniqueness. Attackers are no longer limited to reusing the same malware, they can now target specific infrastructure vulnerabilities with single-use attacks.

MASS PERSONALIZATION: A NEW FRONTIER FOR ATTACKERS  

Before AI, attackers built and then reused malicious software (i.e. malware) to attack as many enterprises as possible, but AI changes that entirely. It enables “mass personalization”: the ability to generate custom, one-off attacks for each target, at scale.

As more and more attackers use these types of specialized, single-use malware to target their victims, businesses relying on legacy approaches will experience an exponential increase in breaches. They will face a never-ending battle to contain breaches before they can cause millions or even billions of dollars in damage.  

The traditional security model, and thus your business, relies on identifying “patient zero”—spotting the first instance of a new threat, then blocking it everywhere else. However, when every attack is unique, there is no patient zero. In a world where even unskilled attackers can use AI to perform thousands of tasks a second, novel threats can be created and evolve faster than legacy, reactive security systems’ ability to observe and respond.  

This is not a future problem; this is a problem today. Last year, Infoblox classified over 25 million new domains as malicious. Ninety-five percent of them, or about 24 million, were unique to one enterprise, meaning the domains were made to specifically attack a singular organization. Last year, attackers personalized 24 million attacks for enterprises all over the world, each able to initially evade most legacy, reactive security tools.  If your executive team and boardroom are not already discussing this, they need to start now. 

THE FUTURE OF YOUR CYBERSECURITY IS PREEMPTIVE  

AI has changed the nature of attacks, so now, it must change the nature of our defenses. To combat these threats, it’s no longer enough to be reactive. Instead, the cybersecurity industry and enterprises must urgently undergo huge changes to become more preemptive in their approaches to security.  

Gartner analysts are saying the same, predicting that preemptive cybersecurity will make up 50% of IT security spending by 2030, up from almost 5% in 2024. The firm specifically cites AI-enabled attacks as the force behind this change.  

It’s time for a mindset shift. Leaders must see the security fight with a higher-level view. Instead of just focusing on using AI to speed up how fast they can detect and respond to individual fires, they must focus more of their energy and investment on using new approaches to stop the fires from ever starting. By developing strategies to preempt threats, teams can beat attackers to the punch, stopping threats before they can wreak havoc on their businesses.  

Scott Harrell is CEO of Infoblox.      

View the full article