Prepare for the AI-Enhanced Attacker: A CISO’s Playbook for the New Cyber Threat Era

Prepare for the AI-Enhanced Attacker: A CISO’s Playbook for the New Cyber Threat Era

My career in computer security began at the Pentagon in 1993, long before the field had a polished name or an industry behind it. By 1995, I was responding to my first security breaches attributed to both the Russian and Chinese governments – an early and sobering education in the reality of nation-state cyber operations. Over the next thirty years, I led teams first as an Air Force officer and then at Mandiant, where we likely responded to more impactful intrusions than any other company on the planet. During these 3 decades, we lived through many technical shift changes that rapidly changed the threat landscape, and we managed our way through all of them. We helped customers discover new and novel attacks, understand what they meant, and determine what to do about them. Along the way, we wrote more remediation plans than any other organization in the industry. Now we find ourselves in the midst of the largest technical shift in human history – the creation of AGI, and we must prepare for how that changes the threat landscape we must safeguard against. In this essay, I wanted to share what I would do if I were a CISO (or CEO) at this moment in time to address the changes AI brings to cyber threats.  

The Threat Is No Longer Theoretical

Please make no mistake – AI will overtake humans at performing offensive operations in the cyber domain across espionage, crime, cyber terrorism, and vandalism.  In some attack phases AI superiority has already arrived.

We have entered a “transition phase” between emerging AI threats and an effective autonomous defense – where we leverage AI on offense to auto-tune our defense against every emerging threat AI discovers. Today, I am unaware of any system that can fully automate compensating controls for the new and novel attacks that AI finds. That day will come. But until it does, here is my “gut it out” and “do my best” game plan:

Five Things Every Large Organization Should Do Now

1. Start Now.‍

There is no time to wait. AI has already evolved to be the ultimate attacker in certain phases of cyber operations, and it will only get better, faster, stronger, cheaper, and ultimately more effective at targeting your organization. The race is on – so get in the race.

Organizations should immediately stand up an AI readiness initiative within their security organization – with CEO awareness and endorsement. This means designating executive ownership, allocating budget, and establishing a cross-functional team spanning security operations, IT infrastructure, application development, and identity management. The organizations that mobilize first will build institutional muscle memory that compounds over time. 

2. Launch an AI Wave of Attacks on Your Entire External Presence

Immediately conduct a comprehensive AI-driven assessment of every externally facing asset – hunting for CVEs, KEVs, bespoke vulnerabilities in custom applications, and leaked credentials circulating on the dark web. I would have an AI-native company like Armadin execute an all-paths-in, all-the-time assessment of my entire internet presence. This is a no-holds-barred unleashing of multiple AI models, governed with humans in the loop, to explore, hunt, and tirelessly attack every part of your infrastructure connected to the broader internet.

This means reviewing all public-facing applications and systems through the lens of powerful AI models and experienced operators. And not just with Mythos – you need the ability to assess with any leading frontier model. These models will leapfrog each other, and some will prove superior at specific phases of an attack. Your offensive testing platform should be model-agnostic, so you are always leveraging the sharpest tool available.

Organizations should also use this initial wave to establish a baseline understanding of their true external attack surface. Most organizations dramatically underestimate the number of exposed assets, forgotten staging environments, orphaned cloud instances, and third-party integrations with implicit trust. AI-driven reconnaissance will surface what traditional asset inventories miss – and what adversaries will find first.

3. Aggressively Operationalize the “Find and Fix” Feedback Loop

“Find” means using your external assessors or red team to carry out the all-out AI wave attack against your entire internet presence. “Aggressively” means war-rooming the first several weeks to operationalize the feedback loop between the AI attackers and the team assembled to remediate what they find.

This is critical: simply cramming hundreds of findings into ServiceNow or Jira tickets will not fix anything. It will irritate your teams and fail to convey the exigent circumstances behind each fix. Instead, organizations need a dedicated remediation war room where offensive findings are triaged in real time, prioritized by exploitability and business impact, and assigned to owners with clear SLAs and escalation paths.

Large organizations should also rethink how they measure remediation success. Traditional metrics like “number of tickets closed” or “mean time to patch” are insufficient when AI-discovered vulnerabilities may chain together in ways no human analyst anticipated. The right metric is reduction in exploitable attack paths – validated by re-testing, not by ticket status. Use a platform designed to close this loop: find, prove, fix, verify.

Additionally, organizations should invest in standing up a permanent exposure operations function – not a quarterly pen-test cycle, but a continuous offensive assessment capability that feeds directly into defensive tuning. The organizations that treat this as a one-time project will fall behind. The ones that build it into their operating rhythm will stay ahead.

4. Expand AI Assessments Inward Across Four Critical Domains

Once the external “Find and Fix” effort is underway, turn the AI offensive lens inward across four critical domains:

A. Critical Applications. Assess the applications that run your business – your ERP systems, customer-facing platforms, proprietary tools, and anything that processes sensitive data. AI models can probe application logic, authentication flows, and API surfaces with a thoroughness and creativity that manual testers cannot match at scale.

B. Assumed-Breach Internal Assessments. Operate under the assumption that an attacker is already inside your network. Deploy AI-driven assessments that simulate post-compromise scenarios – mapping what an adversary can reach, what data they can exfiltrate, what operations they can disrupt, and how far they can move before detection. This is not a theoretical exercise. It is the reality of modern intrusions, and your defenses should be tested against it continuously.

C. Identity Security Assessments. Evaluate your identity architecture, lateral movement paths, and privilege escalation risks. Identity has become the primary attack surface in most enterprise environments, and AI will ruthlessly exploit misconfigurations in Active Directory, cloud IAM, federation trusts, and service account sprawl that human testers overlook or deprioritize.

D. Shift-Right Testing and Hardening for Software Vendors. If you are a software vendor, continue executing all the shift-left security steps to ensure secure code and timely patching. But also consider “shift-right” testing and hardening – platforms like Armadin that let you see your application through the attacker's vantage point in production-like conditions. The vulnerabilities that survive your SAST, DAST, and code review pipelines are exactly the ones adversaries will find. Shift-right testing catches what shift-left misses.

These efforts may take months depending on the speed at which you remediate. But along the way, you can and should create compensating controls – prevention policies, detection rules, and automated response playbooks – to address the emerging threats AI agents discover, even before permanent fixes are in place.

5. Build Toward Autonomous Defense – But Brave the Gap

In time, our cybersecurity programs will have reliable systems that can think and learn, maintain total recall, and take action autonomously to defend us from any bespoke exploitable risk that offensive platforms find. That is the future we are building toward.

But we are not there yet. Until those autonomous defensive systems are mature and trusted, we face an “all hands on deck” reality. We must mobilize defenders to fix exploitable risk with humans in the loop while we continue to build and train defensive solutions tailored to our own organization's platforms, technologies, and risk profiles.

Large organizations should begin investing now in the infrastructure that autonomous defense will require: rich telemetry pipelines, normalized and accessible security data lakes, automated playbook frameworks, and machine-speed decision engines. The defensive AI systems of the future will only be as good as the data and infrastructure they are built on. Every investment you make today in telemetry, automation, and integration shortens the timeline to autonomous defense tomorrow.

We must also brave the near-term gap by acknowledging a hard truth: offense will leverage AI faster than defense. Attackers have fewer constraints, smaller blast radii for failure, and no change-management boards. Defenders must organize and execute across this asymmetry in the near term, knowing that the work we do now – the findings, the remediations, the hard-won institutional knowledge – becomes the training data for the autonomous defense systems that will eventually protect us at scale.

Why Armadin Exists

At Armadin, we are building The Ultimate Attacker. But finding exploitable risks is only the beginning. We do it because we recognize that the future of cybersecurity is not just finding problems. It is proving what is exploitable, prioritizing it, and continuously closing the gap before adversaries can abuse it.

‍