- | 9:00 am
Cybersecurity has never been more advanced. So why are cyberattacks still succeeding?
AI is making cyber defenses stronger, but it may also be making it easier for criminals to launch attacks.
Many thought artificial intelligence (AI) would give organizations a big edge against cybercrime. Security teams now use AI to quickly analyze data, spot unusual activity, automate responses, and detect threats that used to slip by. Yet, attackers are using AI to make more sophisticated phishing campaigns, automate research, generate malicious content, and scale operations with unprecedented speed.
This creates a cybersecurity paradox. The same tools designed to make organizations safer are also bringing new risks that businesses are still figuring out how to manage.
“AI has changed the cybersecurity landscape. For defenders, it’s a powerful tool that helps teams detect threats faster, cut through alert noise, and remediate sooner. But AI has also become part of the attack surface itself,” says Salah Suleiman, Managing Director, South Gulf at TrendAI.
THE RISE OF AI-POWERED CYBERCRIME
For decades, sophisticated cyberattacks required significant technical expertise, resources, and time. AI is changing that equation.
Cybercriminals now use AI tools to find weaknesses and create convincing scams. This has led to cybercrime becoming more organized, with attackers using specialized services, partnerships, and underground markets.
“AI has democratized cybercrime. What previously took hackers five years to learn, a child in their bedroom can achieve today,” says Dr. Martin Kraemer, CISO Advisor at KnowBe4Kraemer. “This is reflected in AI tools available on the black market, pricing of as-a-service offerings, and the industrialization of cybercrime with groups specializing and forming joint ventures or partnerships.”
Suleiman adds that Generative AI has “industrialized techniques that attackers were already using.”
He adds, “Phishing and social engineering have become far more convincing and can be produced at scale. Deepfakes are enabling impersonation and fraud, and reconnaissance and malware development that once demanded real expertise can now be automated.”
The problem is getting harder as deepfake audio, video, and text make it tough for people and organizations to tell what’s real and what’s fake.
“The core challenge lies in high-quality synthetic media being leveraged across channels that are traditionally less monitored and for which people have been less sensitized about security issues,” says Kraemer.
THE EXPANDING ATTACK SURFACE OF AI
AI helps organizations defend against threats, but it also creates new risks that need protection.
A new challenge is what Suleiman calls “Shadow AI,” which is like the old Shadow IT problem.
“Many organizations don’t have full visibility into which AI tools and agents are operating inside their environment, what data they touch, or who is accountable for their actions,” he adds.
This challenge is particularly significant in regions experiencing rapid digital transformation. In the UAE, organizations are navigating an environment in which AI adoption is accelerating across industries, while cybersecurity requirements continue to expand.
Suleiman notes that the country is defending approximately 800,000 cyberattacks every day, while MENA information security spending is expected to reach $4 billion in 2026.
“When adoption moves at national scale, security and governance have to move at the same pace,” he says.
The problem is not only the number of tools being introduced, but the complexity they create. Every new application, AI model, and autonomous agent becomes another potential point of vulnerability.
“The attack surface continues to expand,” says Suleiman. “Every new model, application, and autonomous agent an organisation deploys introduces another asset that must be secured, and governance is unable to keep pace with the speed of adoption.”
This creates a difficult balancing act for businesses.
WHEN AI AGENTS BECOME PART OF THE WORKFORCE
The next big cybersecurity challenge isn’t just protecting AI-generated content. It’s also about keeping AI systems that act on their own secure.
While these capabilities could transform business operations, they also introduce new questions around accountability, permissions, and control.
“We are seeing the early shape of attacks in which different agents handle different stages of the chain, from reconnaissance to coordination, operating faster than human teams can respond,” says Suleiman. “The risk shifts from prompt-based misuse to action-based risk: an agent capable of accessing systems, moving across an environment, and triggering workflows.”
The concern is that, if compromised, AI agents with access to sensitive systems or data could create significant damage without traditional indicators of human involvement.
This risk is one of the most important developments organizations need to prepare for, says Kraemer. “Deepfake calls are the visible threat, but the structural one is the AI agent itself as a target.”
“EchoLeak showed a single crafted email could make a Copilot exfiltrate data without any user interaction. A digital workforce of people and agents must be governed as one,” he adds.
As businesses integrate AI agents into daily operations, governance will become as important as detection. Organizations will need clear ownership models, identity controls, monitoring capabilities, and safeguards to ensure agents operate within their intended boundaries.
“There’s also a quieter, structural risk,” says Suleiman. “Agents connect to tools and data through standards like MCP, and those connectors can introduce injection risk by design. As agents also communicate with one another, one that is manipulated or drifts beyond its intended scope can become a new weak link within the enterprise.”
SPEED REMAINS A CHALLENGE
Despite the growing sophistication of attacks, AI is also giving security teams new capabilities.
According to IBM’s 2025 Cost of a Data Breach Report, organizations that extensively use AI in security saw an average reduction of $1.9 million in breach costs. The report also found that global data breach costs declined for the first time in five years, highlighting the potential impact of strategic technology use in strengthening cyber resilience.
For Kraemer, this demonstrates that the advantage is not automatically shifting toward attackers.
“Defenders are keeping up,” he says.
For many organizations, the real challenge isn’t just finding threats—it’s reacting to them fast enough.
“We have become highly effective at identifying vulnerabilities but resolving them remains the harder challenge,” says Suleiman. “With organizations still taking around 96 days on average to patch, and no capacity to address everything at once, the priority must be to remediate the vulnerabilities that expose the most critical assets first.”
This represents a broader shift in cybersecurity strategy. Instead of attempting to eliminate every possible vulnerability, organizations are increasingly focused on understanding which risks could cause the greatest business impact and addressing those first.
“The goal is not to eliminate every threat, but to reduce the window of exposure where it matters most,” says Suleiman.
WHERE DOES THE ONUS LIE?
The growing influence of AI means cybersecurity decisions can no longer be made solely within IT departments. Boards and business leaders will increasingly need to understand how AI is deployed, who is responsible for its actions, and what risks it introduces.
“Our own global research found that 67% of organizations feel pressured to approve AI deployment despite security concerns, which tells you these decisions are already being made at leadership level,” says Suleiman. “Boards should be clear on who owns AI risk, who is accountable when an agent acts, and how that maps to existing governance.”
“The most useful question for a board isn’t how many vulnerabilities exist, but which ones threaten the assets and operations that matter most,” says Suleiman.
This means translating cybersecurity risks into business terms, linking technical problems to money, operations, and reputation.
Organizations also need to make sure they use AI safely. Knowing which AI tools are in use, having rules for access, and keeping human oversight will help businesses get the benefits of AI without taking on too much risk.
“The goal isn’t to slow AI adoption but to make it safe by design,” says Suleiman. “In AI, speed matters, but control matters just as much.”
The future of cybersecurity won’t depend on who has better technology—both attackers and defenders already have strong tools. The real advantage will go to organizations that mix AI with good rules, well-trained people, and the ability to adapt quickly.






















