How CISOs Must Evolve in Response to AI‑Driven Cyberattacks

Key Takeaways:

  • AI is actively being used in cyberattacks, with 25% of CISOs encountering AI-generated threats and 78% seeing a significant impact from AI on their security posture
  • AI reduces attack time to under an hour in some cases, pushing defenders to adopt real-time, automated detection and response
  • Talent shortages and trust in AI tools remain challenges, with only about 60% of CISOs confident in their AI-readiness
  • AI model governance, vendor scrutiny, and board-level AI risk awareness are becoming integral to CISO responsibilities
  • Future-forward security leaders are embedding AI across detection, response, education, and strategy while maintaining human oversight

As artificial intelligence shifts from emerging technology to core operational layer, cybersecurity is being tested in entirely new ways. Sophisticated threat actors—ranging from organized cybercriminals to state-sponsored attackers—are now using AI to automate attacks, evade detection, and scale their operations in ways previously impossible.

For Chief Information Security Officers (CISOs), this is both a wake-up call and a strategic inflection point.

According to Darktrace’s 2025 State of AI Cybersecurity report, 78% of CISOs globally report that AI is having a significant impact on cyber threats, up from 73% in 2024. Meanwhile, research from Team8 found that one in four CISOs experienced an AI-powered attack in the past year. These aren’t just hypothetical risks; AI is already in play.

The attacks are faster, more evasive, and increasingly cheap to launch. Palo Alto Networks has documented how generative AI enables low-skilled actors to create highly targeted phishing campaigns at scale. McKinsey research shows some AI-driven attacks achieve “breakout” within minutes, reaching sensitive systems in under an hour.

Despite this, preparation remains uneven. Darktrace found that just 60% of CISOs feel adequately prepared for the impact of AI threats. A lack of AI literacy among security teams is one reason: only 42% of employees fully understand how AI is being used in their organization’s cybersecurity stack.

The gap between attackers’ capabilities and defenders’ readiness is driving a shift in CISO strategy—from reactive to proactive, and from tool-based to intelligence-driven.

One of the biggest opportunities for defenders is also AI. CISOs are increasingly turning to AI to fight AI—using it to identify anomalies in network behavior, prioritize alerts, and even automate responses to low-level threats. Wipro reports that 31% of CISOs now use AI in detection, with 24% leveraging it for incident response. While still early, these figures represent rapid growth compared to previous years.

The key, however, is integration. For AI tools to be effective, they must be fed high-quality data and operate within a unified context. Fragmented tooling is a well-known liability in cybersecurity. CISOs are working to unify telemetry from endpoint, cloud, identity, and network sources into centralized data lakes that power intelligent decision-making. Some refer to this architecture as a “digital twin” of the enterprise—one that can simulate threats and test responses.

This is also where governance becomes critical. With AI systems making or influencing security decisions, CISOs must ensure explainability, transparency, and control. KPMG’s guidance on Trusted AI emphasizes the need to mitigate bias, audit model performance, and guard against poisoning or adversarial manipulation. These aren’t just data science concerns—they’re now central to cyber risk.

Another challenge is vendor oversight. Many third-party platforms now integrate generative AI, often without full visibility into how models were trained or what safeguards are in place. CISOs are beginning to include AI-specific questions in vendor risk assessments, especially when it comes to software-as-a-service platforms that process sensitive data.

Shadow AI is another concern. Employees across departments are increasingly using unapproved AI tools for productivity—copying and pasting sensitive material into public chatbots, for instance. This behavior introduces new attack surfaces that traditional policies don’t cover. Forward-looking CISOs are updating acceptable use policies, implementing usage monitoring, and launching education campaigns around safe AI usage.

At the same time, there’s a growing need to translate AI risk into language the board understands. Synthetic fraud, identity spoofing, and model hallucinations are now business risks, not just technical challenges. Cybersecurity teams are conducting tabletop exercises to simulate AI-enabled breaches and to educate non-technical leadership about emerging risks.

The good news is that CISOs are not alone. Spending on AI security solutions is growing, and companies like IBM, Microsoft, CrowdStrike, and SentinelOne are embedding AI into their platforms. Yet there’s also a push to balance automation with human judgment. According to a recent IBM Institute for Business Value report, 95% of cybersecurity professionals believe AI improves efficiency, but nearly all agree that human oversight remains critical.

For example, in areas like threat intelligence and phishing detection, AI can rapidly process indicators of compromise—but analysts are still needed to interpret intent, validate alerts, and adapt strategy. The most effective security teams use AI as augmentation, not replacement.

Looking ahead, the imperative is clear: CISOs must embed AI throughout their cybersecurity strategy, not as a separate toolset but as a core capability. This includes:

  • Developing AI-specific incident response plans
  • Red-teaming AI models and threat detection pipelines
  • Updating security training to include safe AI use
  • Creating centralized visibility over all AI use cases (internal and external)
  • Communicating AI risk at the board level

Generative AI is expected to quadruple fraud losses by 2027, according to Arxiv research. Automated domain generation attacks are also on the rise, with CSC reporting that 87% of CISOs see them as a current threat. Meanwhile, Fortinet has observed automated vulnerability scanning reach 36,000 scans per second.

With this scale and speed, AI changes not just how CISOs defend their organizations—but how fast they must evolve. It requires investment in talent, technology, and trust. As McKinsey puts it, the next 36 months represent a critical sprint toward AI-first security.

Learn how AI Agents can supercharge your company’s profits and productivity at TMC’s AI Agent Event, Sept 29-30, 2025 in DC.

If you liked this post, you’ll love one of the the leading global business communications and technology events since 1999, the ITEXPO #TECHSUPERSHOW, Feb 10-12, 2026 Fort Lauderdale, Florida.

Don’t forget the collocated MSP Expo – just for managed service providers!

Aside from his role as CEO of TMC and chairman of ITEXPO #TECHSUPERSHOW Feb 10-12, 2026, Rich Tehrani is CEO of RT Advisors and a Registered Representative (investment banker) with and offering securities through Four Points Capital Partners LLC (Four Points) (Member FINRA/SIPC). He handles capital/debt raises as well as M&A. RT Advisors is not owned by Four Points.

The above is not an endorsement or recommendation to buy/sell any security or sector mentioned. No companies mentioned above are current or past clients of RT Advisors.

The views and opinions expressed above are those of the participants. While believed to be reliable, the information has not been independently verified for accuracy. Any broad, general statements made herein are provided for context only and should not be construed as exhaustive or universally applicable.

Portions of this article may have been developed with the assistance of artificial intelligence, which may have contributed to ideation, content generation, factual review, or editing

Related Articles

Loader..

 

Share via
Facebook
X (Twitter)
LinkedIn
Mix
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap