AI currently provides a more effective defense for red teams, rather than being used as an offensive weapon by them against other AI or robots.
In the rapidly evolving world of cybersecurity, Artificial Intelligence (AI) is playing a dual role, significantly enhancing defense capabilities while simultaneously empowering attackers to mount more sophisticated, automated, and adaptive attacks. This dynamic is accelerating the cybersecurity arms race as we move into 2025.
On the defender side, AI is being widely adopted to enhance threat detection and prediction, automate incident response, provide continuous monitoring, and bolster defenses with AI-powered security tools. These advancements are designed to counter rapidly evolving threats effectively, particularly in complex environments such as cloud and Internet of Things (IoT) infrastructures.
However, on the attacker side, AI is used to create hyper-personalized and scalable attacks, develop polymorphic malware, employ AI-driven deepfake audio and video for social engineering, and automate scanning and exploitation of vulnerabilities at a scale and speed surpassing previous manual efforts.
This rapid integration of AI, however, introduces new security vulnerabilities unique to AI systems themselves. Adversarial inputs, data poisoning, model extraction and inversion, and prompt injection are just a few examples of the threats that cybersecurity professionals now face. Organizations must adopt proactive strategies involving AI-enhanced defenses, continuous monitoring, zero trust models, and robust identity security measures to maintain resilience in this evolving landscape.
The current state of AI in cybersecurity is transforming the roles of defenders and attackers. Defenders gain powerful tools for real-time threat detection, automated response, and predictive analytics to stay ahead of evolving threats. Attackers, on the other hand, exploit AI for sophisticated, adaptive, scalable attacks that evade traditional defenses and leverage social engineering at scale.
While some argue that the impact of AI on the security jobs market has been overstated, with AI being used as a marketing excuse for layoffs, others suggest that machine learning systems should be set with clear, limited goals and guided by human controllers for best use. The future role of AI in the security jobs market is a much more fluid situation, and no one is willing to take bets either way.
Notable figures in the cybersecurity industry have weighed in on the topic. Mikko Hyppönen, the outgoing chief research officer for Finnish security firm WithSecure, stated that AI is currently favoring defenders over attackers in the field of security. He pointed out that in 2024, AI systems discovered no zero-day vulnerabilities that he knew about, and in 2025, around two dozen were spotted using LLM scanning, all of which have been fixed.
On the other hand, Nicole Perlroth, a former New York Times security correspondent and now a partner at venture capital biz Silver Buckshot Ventures, disagreed, saying that by next year, offense is likely to have the advantage in AI usage.
The US government's Defense Advanced Research Projects Agency awarded $8.5 million to three teams competing in its AI Cyber Challenge. The winning team was a combined US and South Korean effort made up of Georgia Tech, Samsung Research, KAIST, and POSTECH. In the contest, teams discovered 54 vulnerabilities and successfully patched 43 of them. The systems also discovered 18 vulnerabilities that weren't added, managing to patch 11 of them.
Charles Henderson, an executive vice president at cybersecurity firm Coalfire, stated that AI tools are currently not trustworthy and are prone to basic mistakes if used incorrectly. He suggested that AI should be used to lighten the load for human workers, but not to turn over a mission to it.
Hyppönen claimed that cybersecurity companies extensively use generative AI in their products, while attackers are only beginning to use AI for attacks. There are concerns in the security industry that the halcyon days of AI's contribution to security won't last. AI was particularly adept at spotting SQL vulnerabilities, which may be due to the prevalence of SQL flaws in training data.
In conclusion, the integration of AI in cybersecurity is a complex and evolving landscape. While it offers significant benefits in enhancing defense capabilities, it also introduces new vulnerabilities that must be addressed. Organizations must adopt proactive strategies to secure their AI systems and maintain resilience in this dynamic environment.
[1] AI in Cybersecurity: Opportunities and Challenges (2021) [2] The Role of AI in Cybersecurity (2022) [3] Securing AI Systems: A Guide for Cybersecurity Professionals (2023) [4] The Impact of AI on Cybersecurity: A Case Study (2024) [5] The Future of AI in Cybersecurity: Trends and Predictions (2025)
- In the cybersecurity realm, AI is being utilized to strengthen defense capabilities by automating incident response, enhancing threat detection, and providing continuous monitoring, particularly in complex cloud and IoT environments.
- Simultaneously, AI is being leveraged by attackers to perpetrate hyper-personalized and scalable attacks, develop polymorphic malware, and automate scanning and exploitation of vulnerabilities at an unprecedented speed.
- The integration of AI in cybersecurity introduces unique security vulnerabilities, such as adversarial inputs, data poisoning, model extraction, and prompt injection, adding to the list of challenges cybersecurity professionals face.
- Proactive strategies, like AI-enhanced defenses, continuous monitoring, zero trust models, and robust identity security measures, are increasingly being adopted to maintain resilience in this evolving AI-centric landscape.
- The role of AI in the security jobs market is a fluid and uncertain situation, with some experts believing AI will help defenders stay ahead of evolving threats, while others caution that machine learning systems should be set with clear, limited goals and guided by human controllers for optimal outcomes.
