“The Artificial Adversary” – a New Operating Model for Cybercrime

The Artificial Adversary - a New Operating Model for Cybercrime

“Artificial adversaries don’t have egos, suffer burnout, or deal with corporate drama. Your defenses do.” – Andres Andreu

In the spring of 2026, a handful of engineers with little security background ran an experiment. They pointed an Artificial Intelligence (AI) model at thousands of software codebases and asked it to identify issues. Over the course of one night it did more than find decades-old flaws hiding in plain sight. It created working exploits for them. The model was Claude Mythos Preview. In fact, its creator judged it so capable at weaponizing vulnerabilities that it chose not to release the model at that time.

For most of our field’s history, the adversary was human. Clever and motivated but bounded by sleep, attention, money, and skill. Now, however, that adversary is being augmented, and sometimes replaced. The replacement does not tire or hesitate. Moreover, it ignores the operational rhythms our defenses quietly assume. I call it “The Artificial Adversary.” Essentially, it takes one of two forms:

  • A human operator empowered by an AI stack.
  • An autonomous AI system acting toward malicious ends.

At this stage these have stopped being thought experiments and are now turning up in incident reports.

An Inflection Point, Not a Trend Line

Three things are happening at once. Together, they mark an inflection point rather than an incremental shift:

  • AI has lowered the barrier for entry to sophisticated crime.
  • Synthetic media is collapsing our ability to trust digital signals. A familiar face or a known voice, after all, no longer proves what it once did.
  • The volume and speed of AI-enabled activity now outpaces the manual, static defenses built for a slower era.

The numbers are no longer speculative

SoSafe’s 2025 research found that roughly 87% of organizations worldwide faced an AI-powered cyberattack in the prior year. Direct attacks aside, model evaluations are just as concerning. For instance, the UK’s AI Security Institute (AISI) tested Claude Mythos Preview. It solved expert-level CTF challenges about 73% of the time. Notably, no model could complete those challenges at all before April 2025. Mythos went further still. In fact, it became the first model to solve the AISI’s 32-step simulated network takeover, from reconnaissance to full compromise. Anthropic’s red team reported even broader findings. Working alongside the AISI, it watched the model surface thousands of zero-day flaws. These included a dormant 27-year-old vulnerability in OpenBSD and a 16-year-old bug in FFmpeg. In Firefox alone, Mythos found 271 vulnerabilities and wrote exploits for 181 of them.

A signal, not the threat itself

Anthropic withheld Mythos from public release. Instead, it granted limited access to a small set of organizations that build and maintain critical software and infrastructure. The program is called Project Glasswing. Launch partners reportedly include Amazon Web Services, Apple, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. Officially, the intent was to give defenders a head start. Yet Mythos isn’t the only game in town. For example, things such as OpenAI’s GPT-5.4-Cyber, OWASP CVE Lite CLI, and Google’s Big Sleep already show great promise and in some cases comparable capability. When competition rises the cost of entry keeps falling. Regulators noticed quickly. Within weeks, the Bank of England intensified its AI risk testing, and German banks consulted regulators and cyber experts. The lesson, therefore, is the one Bain and others drew immediately. In short, assume your adversaries are building equivalent capabilities, nation-states, criminal enterprises, and rogue actors alike. Mythos is a signal, not the threat itself.

Defining the Artificial Adversary

It helps to name the archetype precisely, because precision changes how we defend. So picture an AI-enhanced human actor. Here, the human sets the strategic objectives. The machine, in turn, executes the great majority of the tactical workload. The consequence is direct. As a result, offensive cycles compress, and defenders can no longer assume a human-speed response on the other side of the keyboard.

Human adversaries operate within cognitive, temporal, and logistical limits. An autonomous AI-based adversary does not. Needing no sleep, it carries no emotional baggage and runs continuously across global digital environments. Moreover, it can analyze vast data stores and reason probabilistically in real time. Such a system can also coordinate through decentralized, agentic architectures that resist any single point of shutdown. Its capacity for deception, mimicry, and adaptation, therefore, creates a new category of risk. Consequently, detection, attribution, and deterrence all become far harder. The asymmetry, however, is not only technological. It is also cognitive. In the end, defenders must prepare for opponents that do not tire, hesitate, or follow any rules.

The Artificial Adversary Taxonomy

A practical taxonomy has five levels.

  • AI-assisted human operator – a human attacker uses AI for discrete tasks such as phishing, translation, research, script generation, or stolen-data summarization.
  • AI-augmented threat crew – a criminal or nation-state team embeds AI into reconnaissance, exploit research, identity profiling, malware development, infrastructure staging, data exfiltration, and victim communications.
  • AI-orchestrated campaign – agentic systems coordinate personas, assign tasks, monitor responses, tune timing, and manage parallel workflows while humans supervise outcomes.
  • Semi-autonomous adversarial agent – the system conducts meaningful parts of the intrusion chain itself, including asset discovery, service testing, response analysis, and attack path modification.
  • Autonomous malicious AI system – an AI system pursues malicious objectives with limited or delayed human direction, raising harder questions around attribution, containment, predictability, and control.

This taxonomy matters because an AI-assisted phishing actor requires different defenses than an autonomous agent probing applications, manipulating identities, and adapting to telemetry in real time.

Facilitation – Lowering the Barrier

The first way AI empowers adversaries is the least glamorous and the most pervasive. Simply put, it removes friction. For a few years now, the underground has marketed “Dark LLMs.” The roster includes WormGPT, FraudGPT, KawaiiGPT, and imitators such as MalwareGPT, SpamGPT, and Xanthorox. Each promises jailbreaks, malware help, and ready-made scam playbooks. Some are functional. Many, however, are simply scams that prey on aspiring criminals. Either way, the real significance is not any single tool. Rather, it is the normalization of the idea. A capable, on-demand junior developer is now available to anyone with a few GPUs, a wallet of API keys, and some patience.

Malware that writes itself

Proof-of-concept work made the threat concrete. Researchers, for instance, demonstrated BlackMamba, a keylogger that built its malicious code at runtime by calling a Large Language Model (LLM). That approach neatly sidesteps the static signatures defenders rely on. By late 2025, the threat had moved from the lab to the wild. Google’s threat intelligence team documented two malware families: PROMPTFLUX and PROMPTSTEAL. Both query LLMs during execution. One rewrites itself, while the other generates fresh commands mid-attack. This is “Just-In-Time” (JIT) malicious code. In other words, the software does not carry its full payload. Instead, it assembles the payload on demand, from a model that does not know it is being conscripted.

When the face on the call is fake

Facilitation also reaches the human layer through synthetic media. Convincing face and voice clones, for example, can now be mass-produced. So can cross-lingual conversion and studio-quality content. Better yet for the attacker, agent teams run these operations around the clock, iterating on failures without fatigue. As a result, the multi-party deepfake video call is no longer hypothetical. Picture a finance employee walked through an “urgent” wire transfer by a “CFO” and “general counsel” who are both synthetic. Clearly, the attack surface is no longer just endpoints and identities. It now also includes the emotional tone around those identities. And does so across collaboration tools, social media, and internal communications.

Vibe Hacking – Psychological Warfare at Machine Speed

This last point deserves its own name. After all, it is where AI-enabled social engineering becomes something new. Vibe hacking is social engineering supercharged with a full AI stack. Here, the adversary does not send a single phishing email or place one deepfake call. Instead, models shape the emotional context around a target over time. The goal, therefore, is not to trick a victim once. Rather, it is to tune the “vibe” of their human state along with their digital environment, so that risky actions feel natural, familiar, and self-initiated.

Sensing, profiling, persistence

A campaign begins with sensing and profiling. To start, adversaries point AI at everything they can scrape. These sources include OSINT, LinkedIn activity, public Slack and Discord communities, conference talks, support tickets, and marketing emails. Sentiment analysis is important here and models infer mood, personality, stress levels, decision style, and trust anchors. That attackable profile, in turn, feeds a working model of the target’s context. Things like a looming quarter, a key project, the likely sources of anxiety or excitement all become real and exploitable. Generative models subsequently produce content tuned to the target’s state. The real weaponization, however, comes from scale and persistence. One artificial adversary can run dozens of long conversations at once. Each hides behind a distinct persona, the sympathetic colleague, the urgent executive, the overworked vendor. Meanwhile, it A/B tests tone, timing, and channel to learn what lowers resistance and/or skepticism. By the time the critical ask arrives, therefore, the victim feels they are accommodating a relationship, not responding to an attack.

This is the reframing that matters:

Vibe hacking isn’t better phishing. It’s your own people, profiled and played at machine scale – we hardened the edges and left the nervous system exposed.

Andres Andreu

From theory to a real victim list

None of this is a forecast. In August 2025, in fact, Anthropic’s Threat Intelligence team disclosed a case it tracked as GTG-2002. A single actor used an agentic coding tool to run a data-extortion operation. In total, the targets numbered at least 17 organizations, spanning healthcare, emergency services, government, and religious institutions. A defense contractor was among the victims, too. Remarkably, the whole campaign ran in roughly a month. To pull it off, the attacker embedded an operational playbook in a configuration file, so the AI could make tactical decisions during live intrusions. From there, the model automated reconnaissance and credential harvesting. It even generated ransom notes tailored to each victim, with demands reported between roughly $75,000 and more than $500,000. Ultimately, one person, with an AI operator alongside, did the work of a coordinated crew.

Scale – From Assistant to Operator

Facilitation lowers the barrier to entry; scale changes the magnitude. For example, the same agentic models that help an enterprise automate work can be organized into adversarial swarms. A planner agent sets the goals. Meanwhile, sub-agents run in parallel performing actions such as OSINT scraping, phishing and deepfake generation, code generation, and dropper construction. Because they share memory and data from feedback loops, the whole system improves with each iteration.

The criminal supply chain, in turn, has matured around this model. Telegram, for instance, serves as a resilient “dark social layer”, encrypted, anti-censorship, easy to churn and burn, and slow to take down. There, automated bots stream stolen credit card data and run validation checks at a pace no human team could sustain. Increasingly, the same architecture is aimed at availability, too. Agentic orchestrators break a Layer-7 denial-of-service goal into reconnaissance, traffic generation, and adaptive evasion, while coordinated worker nodes handle individual parts of the overall campaign.

The first autonomous espionage campaign

A defining incident arrived in November 2025. Anthropic reported disrupting a campaign it attributed, with high confidence, to a Chinese state-sponsored group tracked as GTG-1002. Notably, it was the first publicly documented, largely autonomous AI-orchestrated cyber-espionage campaign. It was detected in mid-September. In all, the operation targeted roughly thirty high-value organizations across technology, finance, chemical manufacturing, and government.

To pursue their objectives, the attackers manipulated an agentic coding tool into acting as a fleet of autonomous penetration-testing orchestrators and agents. First, they jailbroke its safeguards by role-playing a defensive security firm. Then they broke malicious objectives into benign-looking subtasks. From that point, the AI handled reconnaissance, vulnerability discovery, exploitation, credential harvesting, lateral movement, and exfiltration. In total, that came to an estimated 80 to 90% of tactical operations, issued at thousands of requests per second. Human operators, by contrast, stepped in only at a few strategic chokepoints. This wasn’t as clean as a Hollywood movie scene as the model’s hallucinations sometimes invented credentials or overstated findings. Those errors were among the few things keeping the operation from full autonomy.

A Real Incident, End to End – The NPD Sextortion Wave

To see these capabilities combine into one industrialized pipeline, consider the extortion spam that followed the National Public Data (NPD) breach. The underlying breach was staggering. Systems were first compromised in December 2023. By April 2024, the data had surfaced on the dark web. The company, however, acknowledged the incident only in August 2024. All told, it affected up to 170 million people and exposed as many as three billion records. The follow-on campaign was instructive less for its novelty than for its assembly. Specifically, attackers used GPT-based code generation to operationalize the stolen data end to end. The result was personalized extortion content. Each message addressed the victim by name, referenced a real home address, and embedded street-view imagery of the respective house. Then it demanded payment in Bitcoin, usually between $1,900 and $2,000, for the sake of tranquility or peace of mind.

None of the individual techniques were sophisticated. The sophistication, instead, lay in the orchestration. Consider the parts, a breach corpus, a code-generating model, a templating layer that fused public records with mapping imagery, and a delivery pipeline. Stitched together, these produced a campaign with a scale and personalization no manual operation could match. That, in essence, is the pattern security leaders should internalize. The artificial adversary rarely wins with one brilliant exploit. Instead, it wins by removing friction from every step, and running the whole chain faster than defenders can detect and respond.

Turning the Tables – Disrupting Malicious Automation

The very properties that make AI dangerous on offense also make it invaluable on defense. Better still, they open a counter-strategy that purely human teams never had. If attackers automate, then defenders can engineer the environment to exploit that automation. In practice, deception engineering and adversarial intelligence combine well.

The single goal is to convert the attacker’s automation into your early-warning system. Synthetic credentials, decoy services, and AI-generated traffic, for instance, all look irresistible to an autonomous agent. As such, they become tripwires. Because the agent probes tirelessly and indiscriminately, it hits the decoys long before a careful human would. Consequently, it can surface a campaign while it is still in an early stage.

Red teaming with autonomous agents

AI-augmented red teaming has a strong place here. In a 2024 experiment reported by WIRED, for example, a journalist let autonomous AI agents from the startup RunSybil attack a custom web app. The agents collaborated in real time. Specifically, they used SQL injection, brute-force authentication, form-field manipulation, and path traversal. Most importantly, they iterated on their failures. Without human direction, they re-planned and adjusted strategies, surfacing logic flaws that traditional scanners had missed. The agents were not malicious; their behavior, however, was. It was adversarial, coordinated, and effective. The takeaway, then, is fairly straightforward. First, adopt autonomous red-teaming agents to pressure-test your defenses against continuous, iterative, logic-driven attacks. Then pair them with high-fidelity telemetry and behavioral anomaly detection. Together, they can flag AI-like probing even when individual requests looks benign.

Governing the Machine and the People Around It

Speed without governance introduces its own risk. As defenders deploy autonomous and semi-autonomous capabilities, they take on an obligation. Those capabilities must be fast where they must be, careful where they should be, and always controllable by competent humans. Fortunately, a workable program can borrow from frameworks now maturing across the industry. For a foundation, anchor on NIST’s AI Risk Management Framework or ISO/IEC 42001. To turn principles into adversarial test cases, layer in MITRE ATLAS and the OWASP Top 10 for LLM applications. To harden the model lifecycle, draw on ISO/IEC 23894 and Google’s Secure AI Framework. Finally, add a staged maturity model to move from reactive to adaptive.

High-impact automated actions, meanwhile, need extra care. By default, mass credential revocation, large-scale connection throttling or tarpitting, and account lockouts should sit behind human-in-the-loop gates. In addition, back them with immutable audit logs, explainability proportional to impact, and fast paths to appeal and rollback.

Two cautions

Two cautions deserve emphasis.

First, treat AI models and their supply chains as critical software assets. In practice, that means validating provenance, verifying integrity, and monitoring runtime behavior. After all, data and model poisoning are now first-class threat vectors.

Second, resist the urge to fight fire with fire across legal lines. Attacker AIs, remember, routinely route through innocent third parties. As a result, heavy-handed countermeasures invite escalation and cross-border legal exposure, among them hack-back, automated counter-intrusion, and poisoning someone else’s ecosystem. Privacy by design, data minimization, auditability, and human oversight should not be compliance theater. On the contrary, they should be focused on what keeps a fast defense lawful and trusted.

What Security Leaders Must Do Now

The artificial adversary does not need to be sentient to change the game. Instead, it only needs to make capable attackers faster, more iterative, and less dependent on rare human skill. Accordingly, defenders should architect for that reality:

  • Treat AI as both adversary and ally – regularly run hybrid threat scenarios, machine-augmented attackers against machine-augmented defenders, so that you find your blind spots first.
  • Shift from signatures to behavior – static, content-based controls cannot anticipate self-modifying code or agentic chaining. Instead, invest in behavioral analytics, high-fidelity logging, and context-aware security that reads relationships, not keywords.
  • Stand up real AI governance – name a single accountable owner and convene a cross-functional oversight board. Then keep a model and agent registry, and define rules of engagement and rollback paths before you enable automation.
  • Secure the model supply chain – audit data lineage and model integrity, and assume third-party datasets, weights, and components can be poisoned upstream.
  • Deploy deception as early warning – use AI honeypots and synthetic assets to turn the adversary’s tireless automation into your early detection advantage.
  • Compress your defensive cycle – above all, adopt AI-augmented red teaming and threat hunting so that you out-learn the adversary. Then measure what matters – detection accuracy, false-positive and false-negative rates, model drift, autonomy and override rates, and time to contain.

The Pivotal Question

The pivotal question about any adversary has changed. No longer is it simply who they are or what they want. Instead, it is “what can they assemble and operationalize with AI faster than we can detect and respond?” Once, the human attacker was the central concern. Now, by contrast, security leaders face intelligent, scalable opponents that run as close to machine speed as the hardware allows. Confronting them takes more than static controls and periodic red teaming. Rather, it takes continuous learning, dynamic simulation, and AI-augmented defense. Above all, it takes one hard admission, the next major breach may not be human at all.

Awareness is the beginning; action defines resilience. The Artificial Adversary is here. The only question is whether we will be ready when it decides to strike.

From 4X CISO to CEO: What Leadership Looks Like Now

Andres Andreu reflecting on leadership lessons from moving from CISO to CEO

For years, I led from the seat of a Chief Information Security Officer (CISO). From 4X CISO to CEO.

As a CISO I learned “healthy paranoia”. I learned to see around corners. I learned to prepare for failure without becoming ruled by it. I learned that resilience is not a slogan, trust is not soft, and pressure reveals what an organization really is.

Then I became a CEO.

The title changed, but that was not the real transition. The real transition was this: the scoreboard changed.

Success means something very different now.

As a CISO, much of the job revolves around reducing downside. You protect value. You harden systems. You reduce exposure. You prepare for impact. Success often shows up as the absence of disaster.

As a CEO, that is no where near enough.

A CEO still has to manage downside. But the real job is broader and frankly, harder. You have to create upside even the upside is not obvious. You have to allocate capital, focus people, accelerate execution, build trust, and make the company stronger under pressure. You are no longer measured only by what you prevent. You are measured by what you build, what you compound, and whether the organization can win.

That shift has changed how I think about leadership.

It has not made me less disciplined. It has made me more complete.

Here are the lessons that came into focus for me in the move from CISO to CEO.

Protecting value and creating value are not the same job

Security leaders are trained to think in terms of exposure, controls, failure paths, and resilience. That training is valuable. In fact, in a volatile world, it is a serious leadership advantage. But …

The CEO role forces a wider lens.

You cannot lead a company by focusing only on what might break. You have to decide what deserves energy, capital, and conviction. You have to place bets. You have to define where the company will lead, where it will differentiate, and where it will refuse distraction. You also have to make the hard choices between protecting something or paving a path to new revenue.

That is a major shift.

A CISO protects value.

A CEO creates, compounds, and defends value.

The distinction matters because it changes the posture of leadership. It moves you from preservation alone to purposeful construction.

Risk is only part of the story

For a long time, one of the most important questions in my world was: What could go wrong?

That question still matters. It always will.

But CEOs have to ask a broader set of questions:

What are we building?
What are we solving?
What are we choosing not to do?
Where are we underinvesting?
What will matter six quarters from now, not just six weeks from now?

This is where many leaders get trapped. They confuse awareness of risk with clarity of direction.

These are not the same.

A company can become highly fluent in threat, friction, and constraints and still fail to move. It can become excellent at discussing complexity and poor at converting that complexity into action.

The CEO’s job is not to eliminate uncertainty. The CEO’s job is to move the organization through uncertainty with judgment.

That is a different discipline.

Capital allocation spells truth

One of the clearest lessons of becoming CEO is that strategy sounds impressive in slides but reveals itself in budgets.

Capital allocation exposes the truth.

You can say innovation matters. But if you do not invest in data quality, operating discipline, and workflow redesign, then innovation does not really matter.

You can say trust matters. But if you underfund execution, transparency, and customer experience, then trust does not really matter either.

You can say growth matters. But if priorities are bloated, ownership is vague, and friction is tolerated, then growth is a cheap talking point.

This is one of the hardest truths in leadership: strategy is not what you announce. Strategy is what you consistently fund, reinforce, and protect.

The CEO sees that more directly than anyone else.

Money is not just a resource. It is a declaration of belief.

Clarity scales better than intensity

Earlier in my career, I thought strong leadership often meant pushing harder, doing more, leading in very visible form.

I no longer believe that.

Strong leadership now means clarifying faster.

Companies do not scale on intensity alone. They scale on clarity. They scale when people know what matters, who you are selling to, who owns what, how decisions get made, what good looks like, and what deserves to be ignored.

Intensity without clarity creates motion, not momentum.

This becomes even more important at the CEO level because ambiguity compounds as it moves through the organization. A vague executive statement becomes a confused team priority. A confused priority becomes wasted time. Wasted time becomes operating drag. Operating drag becomes missed expectations.

That is why clarity is not just a communication skill. It is an operating advantage.

The larger the company, the more expensive vague leadership becomes. But, it also takes longer to unearth that type of situation. In smaller companies vague leadership exposes itself way quicker as there are fewer buffers.

Trust is not soft. Trust is throughput.

Too many leaders still talk about trust as if it belongs in the category of culture alone.

It does not.

Trust affects speed. Trust affects execution. Trust affects retention. Trust affects customer confidence. Trust affects whether people escalate intelligently or defensively. Trust affects whether hard truths surface early or get buried until they become an expensive burden.

In low-trust environments, everything takes longer. People protect themselves. Decisions loop slowly. Teams revisit the same conversations. Energy leaks everywhere. Indecision reigns.

In high-trust environments, accountability gets stronger, not weaker. Standards become easier to uphold because intent is clearer and friction is lower.

This is one of the biggest mindset expansions I have had as a CEO.

Trust is not theater.

Trust is infrastructure.

And in many organizations, it is the hidden variable behind execution quality.

Resilience matters more than compliance

Compliance matters. It builds baseline discipline. It creates structure. It can improve consistency.

But compliance is not the same as resilience.

A compliant company can still be fragile.

A resilient company absorbs pressure without losing direction. It adapts when conditions change. It makes decisions based on imperfect and/or incomplete information. It keeps operating even when the environment turns hostile.

That distinction matters now more than ever.

The modern business environment does not reward organizations simply for looking prepared. It rewards organizations that can keep moving when things break.

This is where my years in security still shape me deeply. I know what fragility looks like. I know how fast confidence erodes when stress exposes weak assumptions. I know the difference between a control that looks good and a capability that holds.

As CEO, that lesson only became more important.

Build for the test, not just the audit.

The CEO’s steadiness becomes part of the operating model

This may be the most personal lesson of all.

The CEO carries more than accountability. The CEO carries signal.

The ecosystem around you (employees, the board, investors, peer CEOs, partners, customers) watch how you process. How you process pressure. How you process the sea of bad news with the sprinkle of good here and there. They watch how you handle incomplete information, mixed results, difficult tradeoffs, and external noise. They watch your tone when momentum slows. They watch your posture when the answer is not obvious.

This does not mean a CEO needs to project false certainty.

It does mean the CEO has to project steadiness.

And do so irrespective of what is at hand. That steadiness matters because organizations borrow emotional direction from leadership. When the environment is noisy and/or unsteady, the CEO helps determine whether the company becomes reactive, distracted, disciplined, or resolved.

That is not abstract leadership philosophy. It’s not a textbook principle taught in business school. That is operational reality.

Steadiness preserves focus. Focus preserves execution. Execution preserves trust.

In the end, leadership is not about being right. It is about steering the organization towards an outcome, making sure employees stay oriented while the organization works through challenges and hurdles.

Security-Centric Steadiness

Security teams alone cannot secure a company from threats. The company’s organizational culture, risk tolerance, and investments are defined collectively by leadership, in many organization this means a roll up to the CEO. It is ultimately the CEOs responsibility to:

  1. Set the tone (organizational culture): if the CEO treats security as a priority, it permeates the entire organization. If neglected, it breeds a relaxed, vulnerable afterthought culture.
  2. Define risk tolerance: the CEO must decide what level of risk is acceptable and where to invest in defense, rather than assuming the CISO can stop 100% of attacks alone. This is a challenge as a lot of CEOs, for the sake of self-preservation, shy away from explicitly taking a stance on risk. Even if a CEO isn’t signing an acceptance/rejection of risk they can define tolerance levels.
  3. Create cross functional alignment: silos break down due to force from the top, IT, Legal, HR, and Operations work together to protect the company when that is a mandate coming from the CEO.

What I carried with me from the CISO seat

I did not leave my CISO instincts behind when I became CEO.

I feel I brought the best of them with me.

I still believe in disciplined thinking.
I still believe in resilience under pressure.
I still believe in asking hard questions early.
I still believe that trust takes years to build and minutes to lose.
I still believe leaders should prepare for failure without becoming defined by fear.

But the CEO role forced me to widen the aperture.

The mission is no longer only to defend the enterprise.

The mission is to build an enterprise that can win.

That means creating trust, not just protecting it. It means creating momentum, not just preventing disruption. It means turning discipline into direction, and direction into execution.

That is the real shift.

Final thought

Going from a 4X CISO to CEO did not make me think less about security. It made me think more completely about leadership. I still believe the best leaders see the angles and see around corners. Now, I also believe they have to be able to build through those angles and corners.

Industrialized Identity – The New Factory Model for Fraud

Industrialized Identity - The New Factory Model for Fraud

Industrialized Identity – adversaries now run identity like a factory. Most organizations still talk about identity breaches like they talk about storms: unfortunate, occasional, and mostly out of their control. But attackers don’t forecast storms, they manufacture them.

The adversary does not see it that way. Instead, they treat identity as raw material. They harvest it, refine it, enrich it, and operationalize it, over and over, until they can monetize it by running fraud, impersonation, and Account Takeover (ATO) campaigns like a production line.

This dynamic doesn’t just change adversarial TTPs per say. And this cascades as it changes the adversary’s economics. It also changes defender timelines. And it changes what “good” looks like for a CISO who needs to protect revenue, customers, and business operations.

In the 2026 Identity Breach Report from Constella Intelligence we see the signal clearly – identity exposure now moves at machine speed and scale, with industrial processes behind it, not opportunistic one-offs.

Identity risk didn’t just get “worse.” It got productized.

And once it’s productized, attackers don’t need to break in to create impact. They can often log in, have data changed/reset, or impersonate. Traction becomes real when they assemble “attackable profiles”. In practice, that means they can:

  • pass help desk or account recovery checks
  • bypass “knowledge-based” verification
  • look legitimate across channels
  • scale automation without spiking obvious alarms

For these attackable profiles to become real, adversaries have built an identity supply chain:

Ingest → Clean → Correlate → Enrich → Package → Operationalize

Quarterly controls and reactive incident response will not stand up to this type of pattern. Worse off this can become industrialized at scale. Defense models need to runs at that same tempo.

The Identity Density Gap – the story behind +135% record growth vs. +11% unique identifiers

Let’s quantify the shift. Here’s a 2025 statistic that should force a mindset change: breach record volume grew by 135% while unique identifiers only grew 11%.

That says something simple and brutal: adversaries don’t need more identity data. So the problem isn’t more identities. It’s more context per identity (more data per person). This is the Identity Density Gap.

Put differently, density is leverage:

  • A thin identity (email + password) supports commodity credential stuffing.
  • A dense identity (email + phone + address + DOB + linked accounts + recovery hints + active session objects) supports high-confidence impersonation and repeatable fraud.

Density gives attackers options. Options create resilience. Resilience creates pathways that can also be leveraged at scale.

The outdated way that so many security teams pursued was to fixed authentication. Yet they constantly lost to ATO and fraud. The adversary no longer cares about the login prompt, they are seeing the surface across the entire identity lifecycle:

  • onboarding and enrollment
  • authentication
  • session handling and token reuse
  • account recovery and help desk flows
  • high-risk transactions and workflow approvals

Defending only one link in that chain is a mere inconvenience now, attackers route around fragmented strategies. And they do it fast.

Industrialized data correlation – how attackers turn billions of attributes into attackable profiles

Attackers don’t win because they possess data. Attackers win because they correlate data. When an operation runs at the scale of 400 billion+ attributes, correlation stops being a research activity and becomes a manufacturing step. Couple this with the vast amount of OSINT in existence and a picture starts to form.

Here’s how the factory works:

First – Normalization

Adversaries normalize raw material – they standardize fields, clean formatting, remove duplicates, and fix missing pieces. They don’t need perfection. They need enough consistency to automate.

Next – Linking

Data gets linked across disparate datasets – the adversary matches email addresses to phone numbers. Phone numbers to addresses. Addresses to dates of birth, and so on. One dataset fills the gaps in another.

Then – Scoring

Adversaries score attackable profiles to measure ROI. They don’t ask, “Can I compromise this account?” They ask, “Can I monetize this identity fast?”

They prioritize identities that connect to:

  • financial access
  • enterprise privileges
  • payroll and HR workflows
  • customer support recovery paths
  • vendor payment processes

Finally – Packaging

Profiles get packaged for operations. This is where identity becomes attackable. The profile supports repeatable playbooks: ATO, recovery bypass, SIM swap targeting, impersonation, and payment diversion.

That’s why identity risk now behaves like a business function for adversaries. They build a pipeline. That pipeline gets refined. Then it gets scaled.

And then exposure events feed that pipeline.

The Top Exposure Events – why mega breaches punch above their weight

When massive exposure events hit, many leaders respond with the familiar: “We’ll monitor. We’ll see if we’re affected.”

That script fails at machine speed. Large exposure events don’t just increase volume, they increase operational certainty for attackers:

  • consistent record structure
  • high overlap of data points with prior leaks
  • fast enrichment potential
  • easy automation with AI powered technologies

There are many examples of large data breaches. At this point they need to be treated as more than just headlines. Treat them as inventory injections, the raw materials needed for the modern day identity supply chain.

Once that inventory enters circulation, attackers don’t “use it once.” They:

  • monetize it
  • repackage it
  • enrich it with other datasets
  • resell it
  • and operationalize it in waves

That’s why identity exposure rarely behaves like a single incident. It behaves like a persistent condition.

And that’s why “wait for confirmed compromise” becomes the wrong approach.

Machine-speed defense – stop chasing events, interdict the pipeline

If attackers run identity like a factory, defenders must reciprocate. Defenders need to treat identity like a control plane.

This isn’t about perfect security as there is no such thing. Defenders do however need faster cycles:

  • faster detection-to-decision
  • faster decision-to-enforcement
  • tighter governance around automation
  • metrics that prove reduced operational risk

Here are some practical steps to improve an ecosystem:

Convert exposure into action

Alerts don’t help if they don’t trigger changes in systems and/or behavior. If it doesn’t change enforcement, it’s just telemetry. Build an identity exposure-to-action playbook that answers:

  • Which identities matter most? (executives, finance, privileged admins, support)
  • Which workflows create the largest blast radius? (recovery, vendor payments, payroll, customer support)
  • What control do we trigger first? (session resets, account recovery restrictions, throughput throttling)

Next, attack their economics.

Render stolen credentials less valuable

Kill the advantages that adversaries love by:

  • deploying phish-resistant MFA, especially for privileged roles
  • binding sessions to devices where possible
  • tightening token lifetimes and reuse policies

Then, close the side doors.

Harden the bypass routes

Adversaries don’t always brute force their way in. They tke less resistant paths, such as socially engineering account resets via a help desk. Treat recovery like a privileged operation by:

  • restricting recovery pathways for users, especially privileged ones
  • requiring stronger proof for recovery than just login creds
  • adding friction (synchronous checks via phone call, etc) to high-impact changes (bank info, payout routing, email changes)
  • training support teams on identity manipulation patterns and escalation guardrails

Finally, scale your response.

Automate enforcement

Automation wins at machine speed when done right, but beware as it can also break business operations. Start slow with low-risk actions and require human approval for high-impact actions (account lockouts, financial workflow freezes, privileged access resets).

And if you want to win long-term, measure what matters.

Measure the right outcomes

Generally speaking, if something gets measured, it can be improved. Consider the following so as to improve a security posture:

  • time-to-detect exposure (requires analysis to unearth original exposure)
  • time-to-enforce controls
  • % of privileged users on phish-resistant MFA
  • reduction in successful recovery abuse
  • reduction in ATO attempts that reach “valid session” state

Some of these metrics are not trivial and require analysis. But they translate cleanly to business outcomes: less fraud, fewer outages, fewer customer escalations.

The bottom line

Identity risk didn’t just automagically grow. It got industrialized.

Interestingly, attackers now build identity products. They run correlation pipelines. They operationalize exposure at machine speed. And they scale fraud the way mature businesses scale customer acquisition: with automation, testing, and iteration.

Here’s the modern posture. Instead of relying on outdated perimeter strategies, consider:

  • treating exposure as a leading indicator
  • hardening the identity lifecycle, not just the login
  • interdicting the pipeline wherever possible

Defending identity in the industrial era requires a new mindset.

AI Powered Cybercrime – How AI Supercharged a Sextortion Wave

AI Powered Cybercrime - How AI Supercharged a Sextortion Wave

Part 3 of AI Powered Cybercrime

Sextortion isn’t new. Velocity has increased, personalization has sharpened, and attackers can now run campaigns at industrial scale. This wave is a collision event between the first two posts in this series: facilitation (credible intimidation) and scale (high-volume delivery). AI Powered Cybercrime – How AI Supercharged a Sextortion Wave.

Many security programs have an important blind spot: they treat coercion as a personal problem. In reality, coercion quickly becomes an enterprise problem when it pressures employees into silence, errors, or unsafe, unethical, illegal behavior.

What happened (high level)

Following the large-scale exposure of personal data from a data broker, threat actors began sending extortion emails that included real names, real email addresses, and real home addresses. The goal was not technical proof; it was psychological terrorism. When a recipient of these types of emails and/or files sees real personal details, the scam feels “more real,” even if the core claim is false.

Some variants escalated intimidation by including a photo of the victim’s home sourced from publicly available mapping imagery. That addition is a masterclass in facilitation: it takes something the attacker can generate cheaply and turns it into a credibility anchor that increases stress and compresses decision time.

Why it works: plausibility beats truth under pressure

Most victims don’t evaluate these messages like analysts. They evaluate them like humans under threat, with emotion. The campaign design is built around that reality: shock, shame, urgency, and a narrow window to “fix” the situation. The scam doesn’t need to be technically accurate to be operationally effective; it only needs to feel plausible long enough to trigger payment.

This is the same vibe hacking dynamic we see in enterprise fraud: urgency is used as a control bypass. When the attacker can manufacture plausibility quickly, policy and verification become the only reliable defenses.

Where AI fits (without fluff)

AI does not need to run the entire scheme to increase harm. It only needs to improve the leverage points. First, it enables endless text variation while maintaining a consistent tone and similar messaging. Second, it makes personalization easy by merging templates with leaked data and also seamlessly integrating with Open Source Intelligence (OSINT) sources. Third, it reduces the human effort required to run a campaign, which increases throughput.

The result isn’t “smarter extortion.” It’s cheaper extortion at higher volume paired with sharper intimidation artifacts. That combination is what makes waves like this so disruptive.

Why CISOs should care: coercion becomes a business threat

Even when a victim is targeted “personally,” the downstream effects can land inside a CISOs organization. An employee under threat may avoid reporting, reuse credentials poorly, or comply with nefarious demands. Panic and stress can lead to unsafe behaviors, and this noise can weave its way into an organization distracting security teams from secondary attacks that aim to exploit some of that chaos.

If a resilience program covers ransomware but not coercion-driven fraud and extortion, there could be an operational gap. Sextortion waves are a reminder that the adversary’s true target is often decision-making under pressure.

What organizations should do during a wave

The objective in a wave is speed, clarity, and support. Issue a same-day bulletin that states what is happening, what employees should do, and how to report. Keep it stigma-free. The most important message is this: employees can report safely, and they won’t get in trouble.

Next, harden the identity bridge. Ensure MFA is enforced for email and sensitive applications, watch for anomalous sign-ins, and monitor for new device enrollments. Then improve detection quality by treating this as a campaign: pattern match across inboxes and route messaging to a single owner to reduce confusion and duplicate work.

The resilience lesson

Waves like this are not just security events; they’re leadership events. The organizations that respond well reduce harm by moving fast, communicating clearly, and providing support. They also learn: which workflows were stress-tested, where employees hesitated, and what verification gates were missing.

If you treat coercion as out-of-scope, you will eventually treat it as an incident, under pressure. Build the playbook now.

Key takeaways

  • Normalize coercion reporting; activate employee assistance programs immediately to protect people and organizational reputation.
  • Instrument wave messaging detection to tune signals and reduce both data fatigue and operational distraction.
  • Harden identity ecosystems fast; enforce MFA immediately to prevent panic-driven account takeover actions.
  • Operationalize extortion playbooks and drill them regularly to reduce chaos and decision latency.

AI Powered Cybercrime – Scale: From One-off attacks to broad campaigns

AI Powered Cybercrime - Scale: From One-off attacks to broad campaigns

Part 2 of AI Powered Cybercrime

Once AI facilitates and reduces the skill barrier, the next step is predictable: industrialization. Scale is not simply “more X.” It’s more volume, experiments, parallel campaigns, faster iteration, and lower cost per attempt. Attackers can tolerate failure because machines keeps trying, and keeps learning. AI Powered Cybercrime – Scale.

In practice, scale changes how you risk is experienced. The question stops being “can this attack be blocked?” and becomes “can we withstand continuous throughput without fatigue, mistakes, or control bypass?” If the attacker runs campaigns like a high-volume system, defenders must design controls that behave like high-volume systems too.

Scale is attack throughput based on more attempts, more variation, and faster learning loops than human teams can match.

How scale happens

Cybercrime at scale is a stack: commodity infrastructure to deliver, automation to orchestrate, and AI to generate convincing content and decision support. That stack allows adversaries to operate like entire sophisticated teams, testing, measuring response rates, iterating on what works, and abandoning what doesn’t.

This matters because “good enough” at massive volume beats “excellent” at low volume. Even if your controls catch 99.9% of attempts, at enough throughput the remaining 0.1% becomes a real business problem.

Agentic workflows: campaigns become orchestrated systems

The most important mental model for scale is orchestration. Instead of one attacker manually working a process, you face workflows that plan tasks, execute in parallel, and adapt based on outcomes. Target research, lure writing, follow-ups, and handoffs can be partially automated, even when a human remains in the loop for high-value steps.

For defenders, this means control gaps are discovered faster, exploited more accurately, and reused more reliably. If your organization has exception-heavy processes (e.g., ad hoc approvals, inconsistent vendor change procedures, unclear escalation paths) those become discoverable cracks that an attacker’s system can exploit repeatedly.

Dark social distribution: coordination at platform speed

Distribution and coordination channels accelerate scale by enabling rapid churn: new templates, new lists, new scripts, and fast feedback loops from peers. The operational consequence is that takedowns and blocks often trail behind the adaptation cycle. If you rely solely on external enforcement or on the hope that a campaign will “fade out,” you will lose the timing battle.

This is why brand and executive impersonation monitoring matters. When attackers can quickly align a pretext with what’s visible about your leadership, partners, or vendors, they can now manufacture credibility in hours.

DDoS and distraction: availability pressure as a cover layer

At scale, disruption is often a tactic, not an outcome. Availability pressure can consume attention, create noise, and induce rushed decisions that enable secondary goals (e.g., fraud, credential abuse, or data theft). The attacker doesn’t need to “win” the DDoS battle; they need to win the operational tempo battle.

The resilience countermeasure is degraded-mode planning. If you pre-stage how the business continues when systems are strained (e.g., what gets paused, what gets routed differently, who approves exceptions) you reduce the attacker’s ability to force mistakes through urgency.

A/B testing on humans: volume plus variation

A subtle but powerful aspect of scale is experimentation. Attackers don’t need a perfect lure. They need a pipeline that generates variants, tests them across segments, measures responses, and doubles down on what works. AI makes this cheap: the cost of a new variant approaches zero.

This turns awareness training into an operational control problem. You’re no longer defending against one “phishing style.” You’re defending against a continuously mutating persuasion engine. The stable defense is workflow integrity, consistent rules for high-risk actions, enforced regardless of how convincing the request appears.

What to do: control throughput with identity and workflow gates

To survive scale, design defenses like you’re protecting a high-traffic API. The objective is not perfect prevention; it’s making irreversible actions rare, gated, and verifiable. Start with the workflows that move money, grant access, or export sensitive data.

Phishing-resistant MFA and risk-based session controls reduce account takeover success. Dual control and out-of-band verification reduce fraud success. Campaign-level detection reduces fatigue by catching patterns across many inboxes or users rather than treating each event as a one-off.

Board-level framing

Scale bends the loss curve upward even if individual success rates decline. Boards should ask a small set of questions that map directly to business continuity: Which workflows are irreversible? Which are gated? How fast can we verify? How quickly can we contain identity-driven compromise?

If you can answer those questions with metrics (e.g., time-to-verify, exception rates, time-to-contain) you can translate a complex threat into operational readiness and financial risk reduction.

Key takeaways

  • Assume nonstop attack throughput to model monthly, reduce fraud and downtime exposure.
  • Harden approval workflows; the goal is to enforce dual control always while preventing irreversible payment loss.
  • Automate identity containment by tuning regularly to cut attacker dwell time and blast radius.
  • Instrument dark social risk; that goal is to monitor weekly to reduce brand-driven compromise and extortion.
  • Govern exceptions tightly by reviewing regularly to prevent blind-spot failures and audit fallout.

Part 3 of AI Powered Cybercrime

AI Powered Cybercrime – Facilitation: How AI lowers the skill barrier for attackers

AI Powered Cybercrime - Facilitation: How AI lowers the skill barrier for attackers

Part 1 of AI Powered Cybercrime

Cybercrime has historically had a skills bottleneck. Someone had to do the research, craft a believable story, write the lure, build the tooling, and then keep the victim engaged long enough for an outcome. Even for seasoned operators, that work takes time, and time is money. AI Powered Cybercrime – Facilitation.

Generative AI has changed the economics of that effort. It acts like a quality assistant that can draft, rephrase, personalize, and refine at machine speed. The net effect is not simply “smarter attackers.” It’s more adversaries that historically could not operate in this space. It is also a set of adversaries that can now perform at a higher baseline, scale larger, with fewer mistakes and more believable artifacts.

In this series, I use “facilitation” to describe the first-order impact of AI on cybercrime: removing friction across the attack lifecycle so that an individual attack becomes easier to execute, easier to adapt, and more likely to succeed.

Facilitation is where AI makes individual attacks better by lowering the skill barrier and improving content and/or persuasion quality.

The Facilitation Lens

A useful way to think about AI-enabled crime is as a pipeline. Attackers rarely win because they have one magic tool; they win because they can move smoothly from one stage to the next, recon, pretext, access, execution, and monetization. AI can assist at every stage, and it doesn’t need to be perfect. It only needs to be good enough to keep the process flowing through its journey.

For defenders, this creates a trap: many programs still focus on blocking discrete artifacts (one phishing email, one payload hash, one suspicious domain). Facilitation shifts advantage to the attacker because artifacts can be generated rapidly and with great volume; but the human processes and identity controls on the defensive side often remain static.

AI-powered malware: from coding to assembling outcomes

“AI malware” may inspire unrealistic notions of a fully autonomous super-virus. The more realistic, and more dangerous, reality is simpler: AI compresses development and iteration cycles. Instead of writing everything from scratch, adversaries can draft components, refactor quickly, generate variants, and troubleshoot faster. That matters because it reduces the time between idea and execution. It also empowers people that would not be operating in cybercrime without AI capabilities.

For defenders, the implication is that static signatures and one-off IOCs degrade faster. The same intent can show up as many slightly different implementations, and the “shape” of attacks changes just enough to evade brittle detection logic.

What can be done about this? Shift emphasis toward behavior and context. Instead of some static defense model we need to become more adaptable. If some payload dynamically changes, attackers will likely still need access to credentials, session tokens, the creation of persistence, or the exfiltration of data. Those are the slivers of opportunity where defenders have a chance of stable detection and containment. Given todays dynamic, the best place to shrink an attacker’s options is identity: the stronger and more tightly governed the identity boundary, the fewer places malicious tooling can successfully land.

Deepfakes: visual presence is no longer identity

Deepfakes move social engineering from “message deception” to “presence deception.” It’s one thing to spoof a sender name; it’s another to appear on a call as someone your team recognizes. That’s why deepfake-enabled fraud is so consequential: it attacks the human verification shortcuts we’ve relied on for decades, voice, face, and confidence.

The operational lesson is straightforward: “I saw them on video” is no longer a control. Nor is it a point of trust. A convincing presence can be manufactured, and group dynamics can be exploited to create social proof. The only reliable protection is to place high-risk actions behind verification steps that synthetic media cannot satisfy, out-of-band callbacks to known numbers, dual control for sensitive payments, and defined escalation rituals when urgency appears.

Social engineering: AI adds memory, consistency, and coordination

The biggest upgrade AI brings to social engineering is not grammar, it’s continuity. AI can maintain context over time, keep a persona consistent across messages and disparate systems, and pivot smoothly when a target makes adjustments. That capability turns many “one-and-done” lures into persistent conversations that wear down defenses.

This is why awareness training that focuses on typos and awkward phrasing is losing relevance. The tell is increasingly a process violation: a new payment path, a new channel, a sudden bypass of normal approvals, or an exception request that tries to compress decision time. If your employees know how to spot workflow bypass, they can defeat even polished, highly personalized lures.

Vibe hacking: weaponizing emotion to bypass analysis

Vibe hacking is the weaponization of emotion as a control bypass. Attackers don’t need you to believe every detail; they need you to act before you verify. Shame, urgency, fear, status, and belonging are some of the levers that move decisions faster than policy comes into play.

The countermeasure is not “tell people to be calm.” The countermeasure is building organizational escape hatches: clear permission to slow down, explicit escalation paths, and operational friction for irreversible actions. If urgency is treated as a trigger for verification, not a reason to move faster, we can turn the attacker’s primary advantage into a liability.

Short term reset

If you want one practical takeaway from facilitation, it’s this: identity and workflow integrity are choke points. AI can generate unlimited persuasion and/or manipulation artifacts, but we have to force it to cross an authorization boundary somewhere.

Start by identifying the three most irreversible workflows in your organization, for example pick from a pool like this one: payments, vendor banking changes, payroll updates, privileged access grants, or large data exports. Then ensure those workflows have step-up verification that cannot be satisfied by sense of urgency, polished messaging, or synthetic media. Finally, run a short blind red-team exercise on a deepfake or coercion scenario and measure how long it takes the organization to verify and contain. Blind = this must mimic reality.

Key takeaways

  • Assume high-quality lures and retrain owners monthly to reduce fraud loss and downtime.
  • Gate privileged actions and enforce out-of-band checks always; the goal is to prevent unauthorized transactions.
  • Detect behavior shifts and tune telemetry regularly to cut dwell time and response costs.
  • Standardize escalation and drill managers quarterly; the goal is to reduce coercion-driven errors.
  • Institutionalize dissent and review exceptions monthly to avoid governance blind spots and audit fallout.

Part 2 of AI Powered Cybercrime

Cyber Effects in Irregular Warfare: Lessons from Caracas

In early January 2026, there was news describing a U.S. operation (dubbed “Operation Absolute Resolve”) in Caracas that captured Nicolás Maduro. Reuters reported a power outage in parts of Caracas during the operation (https://www.reuters.com/world/americas/loud-noises-heard-venezuela-capital-southern-area-without-electricity-2026-01-03/). This could be an example of cyber effects in Irregular Warfare (IW), or at least it has relevant lessons for the cyber space.

Early coverage and commentary hinted at cyber involvement, but subsequent reporting and reconstructions increasingly emphasize suppression of air defenses through conventional strike and Electronic Warfare (EW), with cyber details remaining unconfirmed in public.

Personally, my family risked everything to escape the oppression of a communist regime, so the operational headlines matter to me. Professionally, the lesson for CISOs is bigger than attribution: modern crises blend kinetic, EW, information operations, and digital disruption to compress decision time and degrade trust.

What reporting supports (and what it does not)

Verified reporting supports the following points:

Bottom Line

Public reporting supports that U.S. leaders referenced “effects” and participation by Cyber Command, but public evidence does not confirm a discrete, cyber-caused blackout. In fact, available reporting increasingly points to a blended Suppression of Enemy Air Defenses (SEAD)/EW plus kinetic picture, with cyber remaining unspecified.

IW or just conventional strikes

The Department of Defense (DoD) defines IW as campaigns that use indirect, non-attributable, or asymmetric activities. Sometimes these are standalone and sometimes alongside conventional combat forces. The Congressional Research Service echoes the same concept and stresses that IW spans domains and the information environment (https://www.congress.gov/crs-product/IF12565).

The Caracas operation looked conventional on the surface. However, the disclosed non-kinetic effects framing points to something else: a gray-zone playbook that prioritizes advantage through ambiguity.

IW often aims to:

  • Create dilemmas
  • Create uncertainty
  • Compress response time
  • Degrade legitimacy and confidence

Cyber does those things extremely well. Whether the lights went out because of cyber, EW, physical sabotage, or kinetic strikes, the IW lesson is the same: operators win by creating short windows where defenders see less, trust less, and coordinate worse.

This is why “effects-first” thinking matters. If your team argues about whether an outage is cyber or physical while your business stalls, the adversary already achieved the goal: decision delay.

“Suppression of defenses” – a cyber context

People hear “suppression” and picture a citywide blackout.

Modern suppression usually looks smaller, sharper, and more temporary. It focuses on windows: short time slots where defenders see less, trust less, and coordinate worse.

When leaders describe “non-kinetic effects,” the cyber contribution often targets outcomes like these:

  • Reduce sensor confidence – attackers only need to inject doubt into enough sensors that commanders hesitate. Not every radar needs to be tampered with.
  • Slow decision loops – the window to act matters if a decision loop takes too much time.
  • Break coordination between sensors and weapons – integrated air defense relies on connectivity, signals, and timing. A fractured or flooded network can function, but it becomes ineffective and stops working as a system.
  • Degrade communications at the worst moment – a short disruption in command communications can matter more than a long outage at some other stage in a campaign.

This is why cyber plays so well within the IW realm. Cyber creates these outcomes without turning a whole country off.

Noteworthy IW patterns

Long cycle preparing, short execution

Modern IW is often months of planning and coordination (shaping) for minutes of decisive action. Cyber shaping often includes reconnaissance, analysis, sometimes custom development, and long-lived pre-positioning that looks like quiet intrusion (attacker deliberately keeps their activity low-noise and low-impact so defenders don’t notice them) until activation.

Weaponized ambiguity

In reading through eyewitness accounts there were reported outages and loud blasts during this campaign; public commentary debated causes. When multiple domains (e.g., kinetic, electronic, cyber, space) collide, defenders often struggle to identify the failure mode (what component failed, how it failed, etc). That uncertainty delays response.

The narrative battlefield moves at machine speed

Information operations begin immediately after high-visibility events. Analysts and security reporters quickly framed the Caracas blackout question as an open cyber possibility. In IW, perception controls the political and public temperature.

Infrastructure dependence creates coercion

BankInfoSecurity highlighted a claimed cyber incident affecting Venezuela’s oil and gas ecosystem (Petróleos de Venezuela’s own statement characterized it as a cyberattack) (https://www.bankinfosecurity.com/us-action-in-venezuela-provokes-cyberattack-speculation-a-30439). Even without definitive attribution, the lesson stands: critical infrastructure fragility turns into strategic leverage.

Why CISOs should care

Resilience beats attribution. Most CISOs don’t run an air defense network. Nor are they nation-state targets. But, they don’t need to run a nation-state air defense network to learn from this. CISOs should treat this as a case study in resilience under ambiguity. The question you need to answer is not “was it cyber?”, consider these:

  • Degraded-mode continuity – can you run operations safely when core systems are unstable and/or unreliable?
  • Decision advantage – can you separate signal from noise when dashboards lie and rumors spread fast?
  • Time-to-control – how quickly can you re-establish trusted communications, trusted identity, and trusted telemetry?

Degraded-mode operations (not just incident response)

Write, and rehearse, how the business runs when you lose one or more of the following: cloud control plane access, identity provider availability, network visibility, corporate communications, or power at a critical location. The key is to rehearse under chaos conditions to closely simulate reality. Incident Response (IR) focuses on finding, containing, eradicating, and recovering from an adversary; degraded-mode operations focus on continuing the business safely when critical systems are untrusted or unavailable, even while IR is still running.

  • Document manual fallbacks for critical workflows (financial transactions, customer support, OT safety, payroll).
  • Pre-authorize “safe shutdown” criteria for OT/ICS and safety-critical operations.
  • Keep offline copies of runbooks, contact trees, and key network diagrams. These need to be available in the face of communication failures.

Treat identity as a first-strike dependency

  • Protect privileged access paths (e.g., PAM, break-glass accounts, administrative tokens, API keys).
  • Hunt for quiet intrusion signals in identity telemetry (e.g., leaked session objects, new OAuth app consents, unusual token grants, anomalous administrative role assignments).
  • Design for IdP failure (e.g., local admin recovery, limited-function authentication, and documented manual approvals).

Validate telemetry integrity, not just intrusion

In blended operations, you can lose trust in dashboards before you lose systems. Disinformation is a very real issue and its impacts can be traced way back in time. Add controls and drills that detect seemingly “false normal.”

  • Cross-check critical sensors (EDR vs. network telemetry vs. cloud logs) and alert on anomalies intelligently. This assumes solid baselines and visibility where it matters.
  • Protect logging pipelines and time synchronization, treat them as Tier-0 or critical infrastructure.
  • Practice operating with partial visibility, chaos, and pre-defined decision thresholds.

Prepare for communication disruption and narrative pressure

  • Stand up out-of-band comms (phone directories, secure messaging, satellite options for critical leaders).
  • Pre-stage “first 30/60 minutes” messaging for employees, customers, and regulators.
  • Run communications war-games that include synthetic content, deepfake audio/video, and forged internal memos.

The transferable IW lesson is: in a modern crisis, cyber won’t arrive as a separate incident, it will arrive as one layer in a blended campaign. Attackers will not separate cyber incidents from business disruption.

Key executive takeaways

  • Treat disruption as “effects” – rehearse crisis leadership decisions regularly, to include business decisions in order to reduce downtime exposure.
  • Build degraded-mode operations – drill quarterly with operational leaders in order to protect revenue continuity.
  • Harden identity pathways – review privileges monthly so as to cut breach-driven operational disruption.
  • Validate telemetry integrity – test sensors regularly to prevent false-normal blind spots.
  • Govern narrative risk – run communications war-games at regular intervals so as to limit reputational and market fallout.

Adversarial Intelligence: How AI Powers the Next Wave of Cybercrime

Adversarial Intelligence: How AI Powers the Next Wave of Cybercrime

AI Summit New York City – December 11, 2025

On December 11, 2025, I spoke at the AI Summit in New York City on a topic that is becoming unavoidable for every security leader: AI is not just improving cyber attacks, it is transforming cybercrime into an intelligence discipline. Adversarial Intelligence: How AI Powers the Next Wave of Cybercrime.

The premise of the talk was simple: adversaries are no longer running isolated campaigns with a clear beginning and end. They are building living, learning models of target organizations (e.g., your people, workflows, identity fabric, operational rhythms) and then using generative-class models and autonomous agents to probe, personalize, adapt, and persist.

The core shift: AI gives attackers decision advantage

In an AI-accelerated threat environment, the attacker’s edge often comes down to decision advantage. They see you earlier, target you more precisely, and adapt in real time when controls block them. In a pre-AI world, that level of precision required time and rare talent. Now it is becoming repeatable, automated, scalable, and accessible to people with no real skill.

Where AI shows up in the modern attack lifecycle

When people think about “AI in cybercrime”, they often jump straight to malware generation. That is not wrong, but it is incomplete. In practice, AI technologies are being applied across the attack lifecycle.

Reconnaissance becomes continuous

Autonomous agents can enumerate exposed assets, map third-party relationships, and monitor public signals that reveal how teams operate. Recon becomes less like a phase and more like a background process, always learning and always refreshing the target model.

Social engineering becomes high-context

Generative models do not just write better phishing emails. They enable sentiment analysis, tone and context matching, multi-step pretexting, and persuasion that mirrors internal language and business cadence. The outcome is fewer “obvious” lures and more synthetic conversations that simply feel real.

Identity attacks scale faster than traditional controls

Identity is the front door to modern enterprises (e.g., SaaS, SSO, MFA workflows, help desk interactions, API keys). AI-powered adversaries can probe identity systems at scale, adapt-ably test variants, and blend into normal traffic patterns, especially when enforcement is inconsistent.

“Proof” gets cheaper: impersonation goes operational

Deepfakes and impersonation have moved from novelty to operational enablement. They can be used for vibe hacking (e.g., pressure targets, accelerate trust, push high-risk decisions), especially in finance, vendor-payment, and administrative workflows.

The defensive answer is not “more AI“. It is better strategy.

A common trap is thinking, “attackers are using AI, so we need AI too”. Yes some AI is necessary, but alone it is not enough. Winning here requires adversary-informed security: security designed to shape attacker behavior, increase attacker cost, and force outcomes.

Three tactics that disrupt malicious automation

Deception Engineering: make the attacker waste time … on purpose

Deception is no longer just honeypots and honeytokens. Done well, it is environment design: believable paths that look like privilege or data access, instrumented to capture telemetry and shaped to slow, misdirect, and segment adversary activity. The goal is not only detection. It is decision disruption, raising uncertainty and forcing changes within the adversary’s ecosystem.

Adversarial Counterintelligence: treat your enterprise as contested information space

Assume adversaries are collecting, correlating, and modeling your ecosystem, then design against that reality. Practical counterintelligence includes reducing open-source signal leakage, hardening executive and finance workflows against impersonation, and introducing verification into high-risk decisions without paralyzing the business.

AI honeypots and canary systems: fight automation with instrumented ambiguity

AI-enabled adversaries love clean feedback loops. So do not give them any. Modern deception systems can present plausible but fake assets (APIs, credentials, source code repositories, data stores), generate dynamic content, and create unique fingerprints per interaction so automation becomes a liability.

What this means for CISOs: measure money, not security activity

If you are briefing a board, do not frame this as anything like “AI is scary”. Frame it as: AI changes loss-event frequency, loss magnitude, and time-to-detection/time-to-containment. These can directly impact revenue, downtime, regulatory exposure, and brand trust. If attackers can industrialize reconnaissance and/or persuasion, then defenders must industrialize identity visibility, verification controls, detection-to-decision workflows, and deception at scale.

Key takeaways

  • Assume continuous and automated recon.
  • Harden verification workflows against synthetic content; train executive and administrative teams regularly.
  • Deploy deception at scale; raise attacker cost to reduce downtime.
  • Operationalize counterintelligence; aim to avoid blind spots to reduce exposure.
  • Quantify decision advantage to accelerate funding decisions and defend revenue/margins.

Closing thought

AI is accelerating the adversary, no question. It has also lowered the entry barrier to cybercrime. But it is also giving defenders a chance to re-architect advantage: to move from passive defense to active disruption, from generic controls to adversary-shaped environments, and from security activity to measurable business outcomes.

The real message behind adversarial intelligence is this: the winners will not be the organizations that merely “adopt AI”. They will be the organizations that use it to deny attackers decision advantage, and can in turn prove it with metrics the business understands and values.

Cybersecurity Predictions for 2026: Trends to Prepare for Now

Cybersecurity Predictions for 2026: Trends to Prepare for Now

2026 is going to be a strange year in cybersecurity. Not only will it be more of the same, but bigger and louder. It stands to bring about a structural shift in who is attacking us, what we are defending, exactly where we are defending, and hopefully, who will be held accountable when things go wrong. Cybersecurity predictions for 2026: Trends to Prepare for Now.

For context, I am framing these predictions based on the way I run security and the way I find it effective to talk to board members. This is through the lens of business impact, informed by things like the adversarial mindset, identity risk, and threat intelligence.

Artificial adversaries move from Proof-of-Concept (PoC) to daily reality

In 2026, most mature organizations will start treating artificial adversaries as a normal part of their threat model. I use artificial adversaries to mean two things: 

  • Artificial Intelligence (AI) enhanced human actors using agents, LLMs, world models, and spatial intelligence to scale their campaigns while making them far more strategic and surgically precise.
  • Autonomous nefarious AI that can discover, plan, and execute parts of the intrusion loop with minimal human steering. This is true end-to-end operationalized AI.

AI use will move beyond drafting convincing phishing emails to running entire playbooks end to end. These playbooks will include reconnaissance, targeting, initial access, lateral movement, exfiltration, and extortion. Campaigns will use sentiment analysis to adjust tactics and lures in real time. They will dynamically scale infrastructure and tune timing based on live target feedback, not human shift schedules.

The practical reality for defenders is simple – assume continuous, machine‑speed contact with the adversary. Design controls, monitoring, and incident response for a world where attackers never sleep. Assume they constantly learn and adapt, grow smarter as attacks progress, and never get bored. When attackers move at machine speed, identity becomes the most efficient blast radius to exploit.

Identity becomes the primary blast radius – and ITDR grows up

We have said for years that identity is the new perimeter. In 2026, identity becomes the primary blast radius. Many compromises will still start with leaked/stolen credentials, session replays, or abuse of machine and/or service identities.

Identity Threat Detection and Response (ITDR) will mature from a niche add‑on into a core capability. Identity risk intelligence will fuse signals from breach data, infostealer logs, and dark-web data into a continuous identity risk score for every user, device, service account, and, more and more, every AI agent. Enterprises will also fuse corporate identities with personal identities so the intelligence reflects a holistic risk posture.

The key question will shift from “Who are you?” to “How dangerous are you to my organization right now?” Organizations will evaluate every login and API call against current exposure, behavior, and privilege. Leaders that cannot quantify identity risk will struggle to justify their budgets because they will not be able to fight on the right battlefields.

CTEM finally becomes a decision engine, not a useless framework

Continuous Threat Exposure Management (CTEM) has been marketed heavily. In 2026 we will separate PowerPoint and analyst hype CTEM from operational CTEM. At its core, CTEM is exposure accounting, or a continuous view of what can actually hurt the business and how badly

Effective security programs will treat CTEM as continuous exposure accounting tied to revenue and regulatory risk. They will not treat CTEM as a glorified vulnerability list that never gets addressed. Exposure views will integrate identity risk, SaaS sprawl, AI agent behavior, and data ingress and egress flows.
They will also include third-party dependencies in a single, adversary-aware picture.

CTEM will feed capital allocation, board reporting, and roadmap planning. If your CTEM implementation doesn’t guide where the next protective dollar goes, it isn’t CTEM. It’s just another dashboard full of metrics that a business audience can’t use. Regulators won’t care about your dashboards; they’ll care whether your CTEM program measurably reduces real-world exposure.

Regulation makes secure‑by‑design non‑negotiable (especially in the European Union (EU))

2026 is the year some regulators stop talking and start enforcing. The EU Cyber Resilience Act (CRA) moves from theory to operational reality, forcing manufacturers and software vendors targeting the EU to maintain Software Bill of Materials (SBOMs), run continuous vulnerability management, and report exploitable flaws within tight timelines. One key point here is that this is EU wide, not sector centric or targeting only publicly traded companies.

While the EU pushes toward horizontal, cross-sector obligations, the United States (U.S.) will continue to operate under a patchwork of sectoral rules and disclosure-focused expectations. SEC cyber-disclosure rules and state-level privacy laws will create pressure, but not the same unified secure-by-design mandate that CRA represents. The U.K., Singapore, Australia, and other regions will keep blending operational resilience expectations with emerging cyber and AI guidance. Global firms will then carry those standards across borders, effectively exporting them worldwide.

The EU AI Act will add another layer of pressure, particularly for vendors building or deploying high-risk AI systems. Risk management, data governance, transparency, and human oversight requirements will collide with the push to ship AI-enabled products fast. For security leaders, this means treating AI governance as part of product security, not just an ethics or compliance checkbox. You will need evidence that AI-driven features do not create unbounded security and privacy risk. Moreover, you will need to be able to explain and defend those systems to regulators.

NIS2 will also bite in practice as the first real audits and enforcement actions materialize. At the same time, capital‑markets regulators such as the SEC in the U.S. will continue to scrutinize cyber disclosures and talk about board‑level oversight of cybersecurity risk.

There is a net effect here – cybersecurity becomes a product-safety and market-access problem. If your product cannot stand up to CRA-grade expectations, AI-governance scrutiny, and capital-markets disclosure rules, you will lose market share or access. Some executives will discover that cyber failures now have grand, and potentially personal, consequences.

Disinformation, deepfakes, and synthetic extortion professionalize and achieve scale

We are already seeing AI‑generated extortion and executive impersonations. In 2026, these will become industrialized. Adversaries will mass‑produce tailored deepfake incidents against executives, employees, and customers. Fake scandal footage and spoofed “CEO-in-crisis” voice calls ordering urgent payments will hit at scale. The surge will mirror how the NPD sextortion wave spread in 2024.

Digital trust has eroded to a disturbing point. Brand and executive reputation will be treated as high‑value assets in this new threat landscape. Attackers will try to weaponize misinformation not only to manipulate politics and financial markets, but also to further break trust in areas such as incident‑response communications and official statements.

This is where vibe hacking becomes mainstream as the next generation of social engineering. Campaigns will focus less on factual deception and more on psychological, emotional, and social manipulation. They will create exploitable chaos across individuals’ lives and inside organizations and societies.

The software supply chain gets regulated, measured, and attacked at the same time

In 2026, the software supply‑chain story gets more complex, not less. Regulatory SBOM requirements are ramping up at the same time that organizations add more SaaS, more APIs, more AI tooling, and more automation platforms.

Adversaries will continue to target upstream build systems, AI models, plugins, and shared components because compromising one dependency scales beautifully across many downstream organizations.

Educated boards will shift from asking, “Do we have an SBOM?” to asking sharper questions. They will ask, “How fast can we detect a poisoned component and isolate the blast radius?” They will also ask how we can prove containment to regulators and customers. Continuous, adversary-aware supply-chain monitoring will replace static, point-in-time attestations.

Deception engineering and security chaos engineering become standard practice

Static and traditional defenses are proving to age badly against autonomous and AI‑enhanced adversaries. In 2026 we will see sophisticated programs move toward deception engineering at scale (e.g., documents with canary tokens, deceptive credentials, honeypot workloads, decoy SaaS instances, and fake data pipelines) instrumented to deceive attackers and capture their behavior. Deception engineering techniques will become powerful tools to force AI‑powered attackers to burn resources.

Sophisticated programs will also start to leverage Security Chaos Engineering (SCE) as part of their standard practices. They will expand SCE exercises from infrastructure into identity and data paths. Teams will deliberately inject failures and simulated attacks into IAM, SSO, PAM, and data flows to measure real‑world resilience rather than relying on configuration checklists and Table Top Exercises (TTX).

AI browsers and memory‑rich clients become a new battleground

AI‑augmented browsers and workspaces are getting pushed on to users fast. They promise enormous productivity boosts by providing long‑term memory, cross‑tab reasoning, and deep integration into enterprise data. They also represent a new, high-value target for attackers. Today, most of these tools are immature, but like many end-user products we may or may not need, they will still find their way into homes and enterprises.

A browser or client that remembers everything a user has read, typed, or uploaded over months is effectively a curated data‑exfiltration cache if compromised. Most organizations will adopt these tools faster than they update Data Loss Prevention (DLP) stacks, privacy policies, or access controls.

We will also see agent‑to‑agent risk. The proliferation of decentralized agentic ecosystems will see to this. Inter-agent communication is both a feature of adaptability and a new element in attack surfaces. Authentication, authorization, and auditing of these machine‑to‑machine conversations will lag behind adoption unless CISOs force the issue and tech teams play some serious catch up.

Cyber-physical incidents force boards to treat Operational Technology (OT) risk as P&L risk

In 2026, leaders will stop treating cyber-physical incidents as IT edge cases and discuss them in P&L reviews. Human and artificial adversaries will learn OT protocols and process flows, not just IT systems. They will increasingly target manufacturing lines, logistics hubs, energy assets, and healthcare infrastructure. AI-enhanced reconnaissance and simulation will let attackers model physical impact before they strike. They will design campaigns that maximize downtime, safety risk, and disruption with minimal effort. This shift will move board discussions beyond breaches and ransomware to operational outages and safety-adjacent events. Boards will no longer dismiss these incidents as purely IT problems.

This dynamic will push organizations to bring OT and ICS security into mainstream risk management. Teams will quantify OT exposure using the same terms as other strategic risks. They will measure impact on revenue continuity, contractual SLAs, supply-chain reliability, and regulatory exposure. CTEM programs that only cover web apps, APIs, and cloud assets will look dangerously incomplete. A single compromised PLC or building management system can halt production or shut down an entire facility. Boards will expect cyber-physical scenarios to show up in resilience testing, TTXs, and stress tests.

The organizations that are mature and handle this well will build joint playbooks between security, operations, and finance. They will treat OT risk as part of protected ARR, and fund segmented architectures, OT-aware monitoring, and incident drills before something breaks. Those that treat OT as “someone else’s problem” will discover in the worst possible way that cyber-physical events don’t just hit uptime metrics, they threaten revenue and safety in ways that no insurance or PR campaign can fully repair.

Boards will demand money metrics, not motion metrics

Economic pressure and regulatory exposure will push educated board members away from vanity metrics like counts of alerts, vulnerabilities, or training completions. Instead, they will demand money metrics, such as – “how much ARR is truly protected”, “how much is revenue is exposed to specific failures”, and what it costs to defend an event or buy down a risk.

As AI drives both attack and defense costs, boards will expect clear security ROI curves. It will need to clear where additional investment materially reduces expected loss and where it simply feeds some useless dashboard.

CISOs who cannot fluently connect technical initiatives to capital allocation, risk buy‑down, and protected revenue will be sidelined in favor of leaders who can.

Talent, operating models, and playbooks reorganize around AI

Tier‑1 analyst work will be heavily automated by 2026. AI copilots and agents will handle first‑line triage, basic investigations, and routine containment for common issues. Human talent will move up‑stack toward adversary and threat modeling, complex investigations, and business alignment.

The more forward thinking CISOs will push for new roles such as:

  • Adversarial‑AI engineers focused on testing, hardening, and red‑teaming AI systems
  • Identity‑risk engineers owning the integration of identity risk intelligence, ITDR, and IAM
  • Deception and chaos engineers responsible for orchestrating real resilience tests and deceptive environments

Incident Response (IR) playbooks will evolve from static, linear documents into adaptable orchestrations of defensive and likely distributed agents. The CISO’s job will start to shift towards designing and governing a cyber‑socio‑technical system where humans and machines defend together. This will require true vision, innovation, and a different mindset than what has brought our industry to current state.

Cyber insurance markets raise the bar and price in AI-driven risk

In 2026, cyber insurance will no longer be treated as a cheap safety net that magically transfers away existential risk. As AI-empowered adversaries drive both the scale and correlation of loss events, carriers will respond the only way they can – by tightening terms, raising premiums, and narrowing what is actually covered. We will see more exclusions for “systemic” or “catastrophic” scenarios and sharper scrutiny on whether a given loss is truly insurable versus a failure of basic governance and control.

Underwriting will also likely mature from checkbox questionnaires to evidence-based expectations. Insurers will increasingly demand proof of things like a functioning CTEM program, identity-centric access controls, robust backup and recovery, and operational incident readiness before offering meaningful coverage at acceptable pricing. In other words, the quality of your exposure accounting and control posture will directly affect not only whether you can get coverage, but at what price and with what limits and deductibles. CISOs who can show how investments in CTEM, identity, and resilience reduce expected loss will earn real influence over the risk-transfer conversation.

Boards will in turn be forced to rethink cyber insurance as one lever in a broader risk-financing strategy, not a substitute for security. The organizations that win here will be those that treat insurance as a complement to disciplined exposure reduction. Everyone else will discover that in an era of artificial adversaries and correlated failures, you cannot simply insure your way out of structural cyber risk.

Cybersecurity product landscape – frameworks vs point solutions

The product side of cybersecurity will go through a similar consolidation and bifurcation. The old debate of platform versus best‑of‑breed is evolving into a more nuanced reality, one based on a small number of control‑plane frameworks surrounded by a sharp ecosystem of highly specialized point solutions.

Frameworks will naturally attract most of a CISOs budget. Buyers, boards, and CFOs are tired of stitching together dozens of tools that each solve a sliver of a much larger set of problems. They want a coherent architecture with fewer strategic vendors that can provide unified accountability, prove coverage, reduce operational load, and expose clean APIs for integration with those highly specialized point solutions.

However, this does not mean the death of point solutions. It means the death of shallow, undifferentiated point products. The point solutions that survive will share three traits:

  • They own or generate unique signal or data
  • They solve a unique, hard, well‑bounded problem extremely well
  • They integrate cleanly into the dominant frameworks instead of trying to replace them

Concrete examples of specialization include effective detection of synthetic identities, high‑fidelity identity risk intelligence powered by large data lakes, deep SaaS and API discovery engines, vertical‑specific OT/ICS protections, and specialized AI‑security controls for model governance, prompt abuse, and training‑data risk. These tools win when they become the intelligence feed or precision instrument that makes a framework materially smarter.

For buyers, there is a clear pattern – design your mesh architecture around a spine of three to five control planes (e.g., identity, data, cloud, endpoint, and detection/response) and treat everything else as interchangeable modules. For vendors, the message is equally clear – be the mesh/framework, be the spine, or be the sharp edge. The mushy middle will not survive 2026.

Executive key takeaways

  • Treat AI‑powered adversaries as the default case, not an edge case.
  • Fund CTEM as an operational component.
  • Fund deception, chaos engineering, and adaptable IR to minimize dwell time and downtime.
  • Focus on protecting revenue and being able to prove it.
  • Put identity at the center of both your cyber mesh and balance sheet.
  • Align early with CRA, NIS2, and/or AI governance. Trust attestations and external proof of maturity carry business weight. Treat SBOMs, exposure reporting, and secure‑by‑design as product‑safety controls, not IT projects.
  • Invest in truth, provenance, and reputation defenses. Prepare for deepfake‑driven extortion en-masse and disinformation that can shift markets in short periods of time.
  • Rebuild metrics, products, and talent around business impact. Choose frameworks both subjectively and strategically, and then plug in sharp point solutions where they really have a positive impact on risk.

Profit Signals, Not Security Static

CISOs - Profit Signals, Not Security Static.

Organizational leaders must manage risk and have to factor in various areas of risk. Cybersecurity risk has risen to a ranking worthy of the attention of business leaders, generally speaking the C-Suite and members of the Board of Directors (BoD). Chief Information Security Officers (CISOs) and their teams are responsible for informing said business leadership about cybersecurity risk to the organization at hand. All of that is basic knowledge at this stage. CISOs need to focus on profit signals, not security static.

This seems like a relatively simple relationship with two sides to it. One one side there are those business leaders. On the other are cybersecurity leaders. Both sides are concerned with risk. But both sides don’t focus on, and interpret, risk the same way. This is where the situation is no longer basic. 

The Situation

For a given area of risk, CISOs often analyze the type and try to figure out ways to manage that area of risk. The type and severity matter and they build platforms and risk registers to perform functions such as organizing the relevant data and exercising prioritization on that data. The focus however is generally on the risk itself, in the abstract.

Most business leaders don’t care about risk in the abstract. They care about the financial impact if some risk gets actualized (if it actually happens). Their concern is impact by way of these types of questions:

  • How much Annual Recurring Revenue (ARR) is at stake?
  • How will a severe event impact the company’s cash?
  • What does this risk mean for Earnings Before Interest, Taxes, Depreciation, and Amortization (EBITDA)?

Traditional cybersecurity metrics like vulnerability management statistics, Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) describe activity, not business outcomes. CISOs must shift the conversation to be recognized as business leaders. For example, quantify how security protects revenue continuity. Show how security accelerates growth, preserves liquidity, and improves margins.

There are no formulas in terms of what metrics will resonate with a particular business leader, or group of leaders. Ultimately, the best metrics are those which make sense, and add value, to a specific audience. Given that, the following example metrics are provided in good faith and intended to inspire thought in this arena. They are designed for revenue-centric cybersecurity leaders in order to generate interest with business leaders. Each example comes with a clear definition, sections like ‘why it matters’ and ‘how to compute’, and practical examples.

Metrics Examples

These examples are grouped by business outcomes:

  • Revenue Continuity
  • Cash and Liquidity
  • Growth Velocity
  • Margin

Percentiles primer:

  • p50 is the median of the actual loss distribution. This means there is a 50% probability that the actual loss will be greater than the p50 value and a 50% probability that it will be lower.
  • p95, or the 95th percentile, is a statistical measure indicating that 95% of a set of values are less than or equal to that specific value. The remaining 5% will be higher.

Revenue Continuity

This area focuses on keeping booked revenue deliverable and renewable despite security friction. Emphasize leading indicators such as the reliability of verified recovery processes. Trend typical performance and worst-case exposure so directors see both the steady state and the possibilities if things turn negative. Define thresholds that trigger remediation or some other activity to manage risk, and make business continuity a shared objective between the CISO and Revenue/Sales Operations. For example, security teams can show what percentage of ARR their controls protect.

Protected ARR

  • How it is represented – percentage.
  • Why it matters – shows how much revenue is insulated from outages/breaches.
  • How to compute – (ARR delivered by systems operated within an ecosystem of strong resilience ÷ total ARR) × 100.
    • Strong resilience can include:
      • Tested Disaster Recovery (DR) to Recovery Time Objective (RTO)/Recovery Point Objective (RPO)
      • Strong authentication and/or Multi-Factor Authentication (MFA) on customer facing and/or revenue-centric flows
      • Vendor assurances
      • Distributed Denial of Service (DDoS) protection
  • Example:
    • Total ARR – $200M.
    • Subscriptions ($120M) + MFA based Platform ($40M) – pass.
    • Legacy app ($40M) that cannot support MFA – fails.
    • Protected ARR = 80% or (160/200) X 100.
  • In plain English – this percentage represents the share of annual recurring revenue that’s safely insulated from outages or breaches because it runs on resilient, well-governed systems.

Cash and Liquidity

This section demonstrates the organization’s ability to withstand a severe disruption without jeopardizing cash. Quantify peak cash needs under stress by modeling downtime, restoration, legal/forensic work, business interruption, and insurance deductibles/exclusions. Show both expected impact and a tail event (a low-probability, high-impact loss scenario that lives in the extreme “tail” of your risk distribution) so that leadership and/or the board understands ceilings. Pair this with quarterly tabletops and pre-approved financing levers (credit facilities, insurance endorsements, indemnities) co-owned by the CISO and CFO to avoid emergency dilution and keep liquidity intact.

Ransomware Liquidity Impact

  • How it is represented – dollar amount with relevant impact time frame.
  • Why it matters – quantifies cash impact so that cash reserves are factored into plans.
  • How to compute:
    • (ransom cost + downtime cost + recovery cost + legal/forensics costs) – realistic insurance recovery amount at p95
    • Link dollar amount to estimated impacted “days of operating expense”
  • Example: $13M ≈ 12 days of operating expenses.
    • Ransom cost – $20M.
    • Downtime cost – $5M.
    • Recovery cost – $3M.
    • Insurance recovery ~$15M.
    • Estimated net cash hit – $13M or (20 + 5 + 3) – 15.
    • Estimation of 12 days of operating expenses (subjective to the organization).
  • In plain English – this metric represents the cash you would need on hand for a severe ransomware event, expressed as a dollar amount and translated into “days of operating expense” (how many days of normal operating spend that amount equals) so you can tell if reserves are adequate.

Growth Velocity

This section revolves around trust signals and how they facilitate enterprise sales. Explain how being “procurement-ready” up front (e.g., proofs, attestations, control evidence) removes friction from security reviews, shortens sales cycles, and improves conversion. Tie readiness to deal-desk gates (no deal without required proofs), add advance alerts for expiring artifacts, and segment by region or vertical to target subjective bottlenecks. A possible addition is to report changes in deal win rates and days-to-close alongside readiness so security’s growth impact is unmistakable.

Trust Attestation Coverage

  • How it is represented – percentage and dollar amount tied to upcoming expirations (time bound).
  • Why it matters – establishes range of coverage and can unlock insights into renewals that have attached requirements. This can also identify areas where requirements are not being met.
  • How to compute:
    • (ARR requiring attestations with current reports ÷ ARR requiring attestations) × 100;
    • Flag expiring attestations and ARR at risk in some time bound period.
  • Example: 80% currently covered; $15M ARR tied to attestations expiring within 90 days.
    • ARR requiring attestations – $200M.
    • ARR covered by current attestations – $160M.
    • 80% = (160/200) X 100.
    • Of the remaining $40M, $15M is tied to attestations/reports that expire within the next 90 days.
  • In plain English – this metric represents the share of revenue that already has the required security/compliance proofs (e.g., SOC 2, ISO 27001) in place, plus a look-ahead of dollars at risk from proofs expiring soon.

Margin

This section intends to connect strong data governance to healthier unit economics. Show coverage of sensitive records under enforceable controls and quantify residual exposure where coverage is missing. As governance coverage improves, incidents shrink, reviews streamline, and support and compliance costs fall, leading to lifts in gross margins.

Customer Data Coverage

  • How it is represented – percentage and dollar amount of exposure.
  • Why it matters – reduces breach cost (fines, legal, response) and can protect renewals, which can in turn improve EBITDA. This can also directly improve customer confidence.
  • How to compute:
    • From Data Security Posture Management (DSPM) inventory – percentage of sensitive data (e.g., Personally Identifiable Information (PII), etc) stored with native encryption in place.
      • Native encryption means record or column level encryption, not at a volume or disk storage level.
    • Uncovered records × assumed $/record for exposure modeling.
  • Example: 85% coverage, $37.5M exposure.
    • DSPM inventory (total number of records discovered) – 1,666,666.
      • Shows that 85% of records are covered by native encryption.
    • 15% uncovered = ~250,000 records.
      • At $150.00/record (150 × 250,000)  = ~$37.5M exposure.
  • In plain English – this metric represents the percent of sensitive records protected by native, record/column-level encryption, reported alongside a dollar estimate of what’s not protected. Higher coverage lowers breach costs, protects renewals, and boosts customer confidence.

Recommendations

  • Start with baselines for the current state.
    • Compute metrics such as Protected ARR, Ransomware Liquidity Impact, Trust Attestation Coverage, and Customer Data Coverage.
    • Using those baselines, set 12‑month targets.
  • Assign executive owners per metric with reviews at a regular cadence.
    • Example: CISO/Chief Finance Officer (CFO) co‑ownership for liquidity.
  • Integrate metrics into gates.
    • Block product/software launches lacking required control tests and/or attestations.
  • Tie Attestation Coverage to enterprise pipeline forecasting.
    • Flag expirations 90 days ahead with ARR at risk.
  • Use DSPM to uncover areas that can be addressed to create a raise in Customer Data Coverage.
    • Track uncovered records × $/record to quantify exposure.
  • Make finance your data partner.
    • Reconcile assumptions (credit issuance rates, loss per record, downtime cost) at regular intervals.
  • Incentivize security driven financial outcomes.
    • Push for leadership bonuses to be linked to movement in Protected ARR, reduced cash‑at‑risk, and revenue protection.

Conclusion

Cybersecurity only earns durable credibility with board members when it speaks the language of money. Shift the center of gravity from activity counts to financial outcomes. Treat things like “Protected ARR”, “Ransomware Liquidity Impact”, “Trust Attestation Coverage”, and the “Customer Data Coverage” as headline metrics. Show trends so leaders can reason about typical loss and tail risk. The result becomes a shared decision frame with your C-Level peers and/or board directors. This equates to less debate over technical minutiae, more alignment on where to invest, what to defer, and what risk to carry.

Execution is where credibility compounds for cybersecurity leadership. Assign metric owners, set board-visible thresholds, and wire these measures into operating rhythms:

  • Quarterly planning
  • Deal-desk approvals
  • Release gates
  • Disaster Recovery exercises
  • Renewal risk reviews.

Close every discussion with a clear “security metric leads to money” translation, for example:

  • Protected ARR leads to fewer credits/lost transactions.
  • Trust Attestation Coverage leads to faster enterprise sales or new opportunities in a pipeline.

When security is measured in dollars protected, cash preserved, and/or margin improved, it stops being a cost center and becomes an instrument of business growth. Focusing on profit signals, not security static positions a CISO to be perceived as a partner by business leaders.