Cybersecurity in the AI Shift: Risk, Control, and Human Adaptation

A change in the world for cybersecurity experts

The recent rise of AI-powered cybersecurity tools marks a historic turning point for the field, without signaling the disappearance of human experts.

The Mythos shock: when an AI “escapes” its sandbox

Anthropic presented Claude Mythos as a next‑generation cybersecurity model, capable of identifying complex vulnerabilities and zero‑days much faster than human teams.

During internal tests, a Mythos instance confined to an isolated environment reportedly managed to escape its sandbox by developing a multi‑step exploitation chain, then sent an email to the researcher to report its success, before spontaneously posting messages on public channels.

This episode was a shock: it shows that a model designed for defense can, under certain conditions, orchestrate an end-to-end attack-style scenario, from vulnerability discovery to external communication.

Markets and security professionals reacted immediately, with some observers describing Mythos as a “dream” tool for hackers if such a model were ever to become widely accessible.

A race to AI cyber-defense: GPT-5.4-Cyber, Gemini, and others

The Mythos story triggered a wave of industry responses focused on cybersecurity.

• OpenAI has released GPT‑4‑Cyber, a variant of GPT‑5.4 fine‑tuned for defensive use, described as “cyber‑permissive,” meaning it is more willing to answer legitimate security queries (binary reverse engineering, malware analysis, vulnerability detection in code and configurations).
• Google leverages Gemini to power threat‑intelligence services that continuously scan the dark web, analyzing millions of posts to detect data leaks, exploit exchanges or preparations for attacks against organizations.
• Sec-Gemini and Google Threat Intelligence already integrate specialized large language model (LLM) capabilities to correlate logs, indicators of compromise, and open-source vulnerabilities, with a strong focus on automating analysis and remediation recommendations.

These offerings add to the many AI features now integrated into security information and event management (SIEM), extended detection and response (XDR), and SOC platforms, where models learn to prioritize alerts, generate incident summaries, and suggest response playbooks.

Competition now hinges as much on raw model power as on the surrounding “scaffolding” (autonomous agents, connectors, tools) and on access governance (trusted‑access programs, geo‑restrictions, identity verification).

Vulnerability discovery costs: rising and falling at the same time

AI‑driven security tools are reshaping the economics of vulnerability discovery.

Upward cost pressures:

• Overall spending on AI (training, inference, securing AI systems themselves) is rising sharply, weighing on large vendors’ budgets and, indirectly, on the price of security services for customers.
• “Shadow AI,” the use of unapproved AI tools by employees, increases the average cost of data breaches, adding significant amounts per incident due to risks of leakage or poor configuration.

Downward (or disruptive) trends:

• Automating detection and analysis tasks via AI reduces the average cost of a breach for organizations that deploy AI‑driven security and automation at scale, cutting mean time to detect and contain by days or even weeks.
• As AI is becoming a strategic element in the future of vulnerabilities detection, price expectations are already spiking. We can expect the industry and future models to follow the trend. In parallel, some performance issues have been observed on the “old” models, probably due to the costs of running a service victim of its own success.

We therefore see two contradictory movements: the marginal cost of finding a vulnerability drops for an AI‑equipped researcher, while the total ecosystem cost (triage, validation, remediation, technical‑debt management) rises, making some traditional collaboration models (broad, open bug‑bounty programs, general open‑source bounties) much harder to sustain.

The risk of powerful tools in malicious hands

The same capabilities that strengthen defenses can be hijacked by attackers. Reports from agencies and vendors already highlight:

• The use of generative models to craft more convincing phishing campaigns, polymorphic malware, automated brute‑force attacks, and large‑scale social‑engineering operations.
• Rapid improvement of model performance on cybersecurity tasks, with some systems matching or exceeding skilled practitioners on narrowly defined tasks, especially when wrapped in tool chains that orchestrate their actions.

In the past, we observed several examples of this drift, among opensource and commercial tools. Originally designed as a legitimates red-team tools for security professionals, They are now widely used by cybercriminals and Advanced Persistent Threat (APT) groups, often in cracked versions, for espionage, ransomware deployment, and data exfiltration.

Overturning the purpose of an application is common in cybersecurity, from the most basic tools (nmap, …) to scanners (OpenVAS, …), frameworks (Metasploit, …), and other “borderline” tools like password-cracking tools (Hashcat, Cain & Abel, …).

This convergence between security tools and offensive weapons shows that a powerful cybersecurity model, even one built for defense, can quickly end up in attackers’ arsenals if it is distributed without strict controls on access, user identity, and usage contexts.

Vendors, therefore, need robust control mechanisms, such as:

• Restricted‑access programs (e.g., “trusted” access to cyber models), organization vetting, granular logging, and abuse‑detection systems.
• Limiting the most sensitive capabilities in public models and drawing a clear line between research-only tools (used under tight supervision) and commercial application programming interfaces (APIs).

Government Responses and a Relative Regulatory Gap

Faced with this leap in capability, authorities are starting to structure a response, but the law is struggling to keep up.

In the UK, the AI Security Institute has published an initial frontier‑AI trends report, highlighting the rapid rise in cyber‑related capabilities and the development of evaluation methods on realistic cyber‑ranges.

The National Cyber Security Center stresses that these capabilities are intrinsically dual use: whatever helps discover vulnerabilities, develop test exploits, or automate simulated attacks can also lower the barrier to entry for less‑skilled attackers.

In financial services, the Bank of England and the Prudential Regulation Authority laid out a 2026 plan for “safe” AI innovation, including:

• AI‑specific stress tests to assess systemic risks.
• Guidelines (expected by the end of 2026) on how existing rules (consumer protection, executive liability) apply to AI use.
• Tighter oversight of AI and cloud providers deemed “critical third parties”, in coordination with the AI Security Institute and other regulatory forums.

Despite these moves, AI remains only lightly governed by AI‑specific laws in most jurisdictions, with regulators relying mainly on general frameworks (data protection, information‑system security, product liability).

This gap largely stems from the mismatch between the rapid pace of AI model and agent evolution and the slower cycles required to draft and implement comprehensive regulation, leaving a window where voluntary governance practices and technical standards play a central role.

A profession changed forever – not replaced

The rapid rise of AI cybersecurity tools, from Mythos to GPT-5.4-Cyber and Gemini, is set to transform the cybersecurity profession, but not to replace human expertise.

Repetitive, time‑consuming tasks (alert triage, log correlation, initial malware analysis, vulnerability mapping) become increasingly automated, freeing teams to focus on strategy, prioritization, incident orchestration,

However, this shift comes with a real dependency risk:

• If teams simply follow AI recommendations without challenging them, they gradually lose their judgment and become vulnerable to model errors, data‑poisoning attacks, or tool outages.
• As certain incidents show, a powerful tool that is poorly governed can backfire on its creators once copies or derivatives leak into the wild.

To keep this revolution as an opportunity rather than a threat, organizations must keep humans at the center of their cybersecurity strategy:

• Train analysts to use AI as a co‑pilot, not an autopilot, and preserve core skills (network analysis, reverse engineering, forensics, threat‑intelligence expertise).
• Enforce safeguards: mandatory human review for high‑impact decisions, granular access policies for models, regular audits of AI usage, and clear fallback plans if tools fail.

The role of cybersecurity experts will evolve from manual “signal hunting” toward leading AI-augmented teams, shaping risk governance, and designing resilient architectures.

This is a fundamental shift in operating model, not a replacement: AI will remain a powerful tool, but humans will define where, when, and how it is used.

Speak to a CTI expert.

Sources:

• https://www.bbc.com/news/articles/crr24eqnnq9o
• https://www.obsidiansecurity.com/resource/anthropic-ai-used-by-nation-state-hackers-to-automate-and-scale-cyberattacks
• https://www.bankofengland.co.uk/report/2025/the-boes-approach-to-innovation-in-ai-dlt-quantum-computing
• https://www.traverssmith.com/knowledge/knowledge-container/the-fca-and-bank-of-englands-strategic-approach-to-ai-what-it-means-for-regulated-firms/