For years, legacy cybersecurity incumbents have leveraged vast proprietary datasets into unassailable competitive positions and significant market capitalizations. Conventional wisdom held that the more comprehensive a firm’s real-world incident and telemetry data, the greater its advantage. 

That moat, as well as legacy cybersecurity companies’ continued dominance, is now in jeopardy. 

Recent research from Gartner suggests that the future of cybersecurity will not be legacy companies relying on large, proprietary datasets, but more agile companies that can generate and simulate realistic cyber environments, model increasingly sophisticated adversary behavior, and stress-test emergent attack scenarios in ways real-world data simply cannot. 

What is Hyper-Synthetic Data (HSD)? 

HSD is data generated purely by LLMs and other machine-learning models to exacting specifications for highly specific applications, including the simulation of cyberattack intrusions on enterprise-level systems.  

As its name implies, HSD is entirely synthetic; it is not user-generated or reliant on any proprietary data a business may have at its disposal, and can be created to virtually any specification, business use-case, or industry vertical. 

One of the key advantages offered by HSD is significant cost savings. Businesses seeking to evaluate their resilience from cyberattack no longer need to spend millions of dollars on costly, real-world proprietary datasets. HSD offers completely customizable datasets for virtually any simulation purpose, at a fraction of the cost, with none of the limitations of relying upon real-world incident data.  

Proactive to Preemptive: How Is the Cybersecurity Industry Changing? 

The speed with which AI technologies are advancing means threat actors are becoming more sophisticated than ever before, at a pace that may have once seemed impossible. Most importantly, the attack surface as a whole is also changing rapidly; many of the most urgent cybersecurity threats organizations will face in the future will never have been seen before. 

This requires a complete shift in how organizations prepare for and respond to cyberattacks and information security incidents. Just as the industry shifted from reactive to proactive, cybersecurity leaders must now be preemptive by realistically simulating every conceivable threat scenario. 

In 2025, HSD was used in just 15% of AI training data in the defense, manufacturing, and transportation sectors. Gartner predicts that figure will grow to 80% by 2030, representing a profound strategic shift in how organizations in a range of vital economic sectors and the national security community approach cybersecurity readiness. 

What’s Driving This Shift in Cybersecurity? 

Growing adoption of autonomous agentic workflows is changing how cybersecurity organizations approach threat detection and response like no other technology ever has. Testing unproven agentic workflows in live production environments is simply too great a risk for many organizations, especially in national security and businesses in highly regulated industries. 

Another factor that is fundamentally changing cybersecurity as we understand it is the emergent nature of the threats made possible by large-scale AI automation. Never before has the risk of novel threats been so high, and many organizations simply aren’t prepared for the scale or ingenuity of potential threats to their attack surfaces. Adversaries are adopting new ways to probe and undermine institutional weaknesses, such as token exhaustion attacks, in which AI agents are used to burn through an organization’s token allowance in a given period before launching the real attack. This strategy, which bears a striking resemblance to the DDoS attacks of previous years, is just one new tactic cybersecurity professionals are being forced to adapt to in near-real time. 

Perhaps the single most important shift in cybersecurity today is the urgent need to develop institutional cultures of preemptive defense and mitigation. It is simply no longer sufficient for organizations to identify and respond to cyber threats, no matter how rapid those responses may be, and doing so is a losing battle that risks untold financial and reputational damage. Combating emergent threats, however, demands datasets that often do not yet exist, particularly in sectors such as national security, healthcare, and finance in which data is either tightly regulated or simply unavailable. This is where HSD shines, and why specialists who can create and tailor HSD to these threats are uniquely positioned to disrupt the dominance of incumbent legacy cybersecurity firms. 

The Need for AI Proving Grounds 

To safely deploy effective AI agents to production systems, organizations require testing environments in which agents can be trained safely and agentic behavior validated, where agents can be tested against demanding adversarial behaviors and their effectiveness accurately benchmarked. These environments provide a space in which agentic workflows can be continuously optimized against novel and emergent threats, and prove their readiness and reliability before being deployed to production. 

Demand for such environments is driving the need for custom “cyber ranges” and synthetic network infrastructure that can realistically simulate the threats facing an organization’s technological topology without exposing sensitive or proprietary data to untested agentic workflows.  

New Threats Demand New Approaches 

As Gartner’s research notes, disruptors and legacy incumbents alike are already incorporating HSD into their workflows and product offerings. What sets the two apart is their approach. 

While legacy vendors may be experimenting with HSD, many lack the realistic infrastructure modeling necessary to properly simulate the emergent risks threatening today’s IT environments. They lack advanced adversary emulation, offering training against threat actors that are orders of magnitude greater in their sophistication. They cannot offer the continuous validation workflows that identify logic weaknesses and potential points of failure in decision-making.  

HSD itself may be synthetic, but realism and fidelity are what today’s cybersecurity operators need to successfully defend against and mitigate novel threats. Only time will tell who is ready and who is vulnerable.