As the global cybersecurity landscape evolves at an unprecedented pace, Simon Green, president of Japan and Asia-Pacific region at global cybersecurity firm Palo Alto Networks, underscores the urgency for organizations to adapt. In a recent demonstration with Malaysian business leaders, Green showcased how artificial intelligence (AI) can facilitate a cyberattack, exfiltrate data, and exit a system within just 25 minutes. “In the span of a 30-minute conversation, an organization could be compromised based on the speed at which these attacks are occurring,” he noted, highlighting the alarming transformation in the speed of threats that once took months to develop.
This swift evolution presents a critical challenge for organizations aiming to safeguard their systems. With attackers increasingly relying on AI to streamline their operations, traditional defensive solutions built around legacy tools are struggling to keep pace. As Malaysia gears up to become an AI-driven economy by 2030 under its National AI Action Plan 2026–2030, experts like Green emphasize that cybersecurity must remain a central focus. Despite growing interest in AI, discussions surrounding AI in cybersecurity remain limited, not only in Malaysia but globally.
“Attitudes towards AI in cybersecurity vary,” Green said. “People who are tuned to the security risks of AI are already leaning in on cybersecurity and have realized the complicated challenges they face.” Although governments are working to establish policies to enhance cybersecurity compliance, the lengthy policy-making process means businesses cannot afford to wait. They must act now to secure their systems, even as they grapple with the challenges of implementing new solutions.
One of the most pressing challenges identified by Green is the issue of technical debt. Organizations have invested heavily in technology over the years, often accumulating more than 80 security tools from various vendors. A January report from the IBM Institute for Business Value revealed that many enterprise-level organizations averaged 83 security tools across 29 vendors. “This has created a barrier,” Green explained, advocating for a shift towards a unified platform approach that integrates various tools into a single architecture, thereby enhancing the efficiency of AI utilization in cybersecurity.
The transition from legacy systems to integrated platforms raises questions about the agility of companies in moving forward. “Historically, cybersecurity was seen as a competitive edge that organizations did not want to share,” Green stated. “Today, there’s a lot more collaboration happening between technology organizations to improve defenses.” This collaboration is essential as threats become more sophisticated, particularly with the emergence of rogue cybersecurity professionals. Darren Guccione, CEO of Keeper Security, highlighted the alarming trend of trusted cybersecurity experts turning to the dark side, leveraging their knowledge to aid attackers.
According to research from Gartner Inc., 25% of security leaders faced attrition risks due to the mounting pressures of rising threats. Guccione emphasized that the rapid pace of incidents is overwhelming, pushing defenders to their limits. “The same knowledge required to secure modern infrastructure is highly valuable to criminals,” he remarked. As the demand for skilled cybersecurity professionals exceeds supply, a “hack-for-hire” culture is emerging, driven by the accessibility of offensive tools and the lucrative nature of cybercrime.
To combat these evolving threats, Guccione echoed Green’s call for unified security platforms, emphasizing the importance of privileged access management (PAM). He advocated for zero-trust models, which require close monitoring and limited privileges for users accessing the system. By integrating AI into privileged access frameworks, organizations can enhance their ability to detect suspicious behaviors and mitigate security risks.
The potential of AI extends beyond facilitating attacks; it also plays a pivotal role in enhancing defenses. Dan La Russo, senior partner at Penta, discussed a recent report from the AI research firm Anthropic detailing the use of agentic AI in cyberattacks. This advanced form of AI can automate large-scale attacks independently, as evidenced by an incident involving 30 global organizations, including tech companies and government agencies. While AI has the capacity for harm, La Russo stressed its dual potential, highlighting its application in automating defensive measures and threat detection.
Organizations are now recognizing that proactive measures can mitigate reputational damage before incidents occur. Agentic AI can help identify security gaps and rehearse crisis communication strategies, allowing companies to demonstrate transparency and preparedness. La Russo pointed out, “Cybersecurity needs to be core to an organization’s communications platform, be it a hospital, coffee shop, or automaker,” reinforcing the idea that a strong cybersecurity framework should be woven into the fabric of organizational communication.
As businesses navigate this rapidly changing landscape, the integration of AI in both offensive and defensive capacities will likely intensify. Stakeholders are expected to see an increase in discussions around AI’s role in cybersecurity as organizations work to bolster their defenses against the evolving threat landscape.
See also
Ethiopia’s New AI Policies Aim to Mitigate Rising Cybersecurity Threats and Risks
Hadrian Launches AI Agents to Counter Cyber Attacks Amid Surge in UK Threats
SENTINEL Framework Achieves 89% Accuracy in Proactive Cyberattack Detection via Telegram
Infoblox CEO Scott Harrell Urges Shift to Proactive Defense Against Unique AI Cyberattacks
AI Security Firms Unveil Real-Time Threat Detection Solutions for Post-Quantum Inference
