The evolution of agentic AI is significantly changing the way hackers attack enterprises and is pushing CISOs to rethink the ways they protect their organizations. The use of AI to identify and exploit attack vectors means organizations targeted by those attacks will need to deploy AI tools to defend themselves. But as with any new critical capability, these deployments should be done in a thoughtful and cautious manner.  

There can be no denying that AI has created a world in which humans, on their own, will no longer be able to adequately defend their organizations against the potential speed and scale of AI-driven cyberattacks. Defensive AI tools will be needed to detect and respond to these new types of attacks and to counter the shift from identity compromise to zero-day exploitation as a primary attack vector. 

Developments such as the limited release of Mythos have fueled a global recognition of the existential danger of AI-powered cyber threats and the fact that traditional cyber tools cannot address the severity of these threats. This is forcing enterprises to use AI-powered safeguards as countermeasures to protect their organizations. 

Of course, enterprises should not rush blindly into deploying AI tools in their environments to protect themselves. Using AI for automated actions such as privilege escalation and lateral movement will require more careful applications in the enterprise environment, as opposed to less sensitive user protection, for example.  

This is especially true for organizations that operate or manage critical infrastructure and sensitive systems, or work in areas such as healthcare and the manufacturing of essential products. Due to the critical – and sometimes life-or-death – nature of their work, these organizations should take an even more cautious approach to deployment.  

Patching alone isn’t enough because AI can quickly discover novel zero-day vulnerabilities at scale. Enterprises need AI tools that can quickly detect and respond with limited human intervention. While these capabilities are already implemented in most EDR products, complete coverage remains a challenge. and is super important. A strong defense requires quick triage and customized training – all geared to the specific environments, threats and requirements of the organization. There should also be thorough and explicit response playbooks for AI to follow to prevent undesired actions. 

A Three-Step Approach

In such cases, they should adopt a three-step approach to deploying AI to counter attacks:  

Step 1: Analyze the environment to determine which assets are most critical and require more rigorous protection. Before deployment, enterprises must have full awareness of the devices and data within their operations and rank each of them on their criticality and the extent to which they must be protected.  

For less critical assets such as end users’ workstations and desktop devices – things that are easy to roll back on a snapshot- enterprises should have a senior developer review and make sure they can be adequately protected by AI-based solutions. Just as responsible leaders would validate the code created by a junior developer before unleashing them to start coding for more mission-critical areas, they should do the same for the AI in terms of withholding the implementation before the appropriate level of review. 

More critical assets should be subjected to simulation or prior visibility into how AI will be applied for protection, with troubleshooting preparations. 

Step 2: In many cases, running simulations will be essential. When making a configuration change to Active Directory, for example, we might check to see if there are any logs that would indicate that something that we’re about to turn off is being used. If it’s being used, we would try to figure out why and to determine the impact of making the configuration change. 

Using AI to do something similar would be extremely impactful. A simulation could determine whether an AI-based command to shut down a specific asset perceived to be vulnerable would be impactful to users who may need access to that asset, and do so before the configuration change. 

The challenge here is that organizations need actual infrastructure to perform these simulations or use a SaaS tool. Also, most environments are complex, and getting all the relevant parameters into a simulation that AI can run is challenging. Again, organizations should start by focusing on less critical assets first. 

Step 3: Run frequent backups or snapshots early in the process of deploying AI tools. As AI gets deployed and begins making changes to the environment, the organization will need a baseline snapshot of the environment to revert to, if necessary. Consequently, frequent backups should be scheduled early on and regularly. 

This is especially important for crown jewel critical infrastructure within the environment – servers, code and the enterprise production environment –  to ensure that AI is making changes that it has been authorized to make. Again, this might not be as essential when it comes to less critical assets like workstations and devices usually backed up anyway. 

The evolution of AI dictates that CISOs need to apply the power of these tools to protect their enterprise environments. But this requires technical guardrails such as tightly scoped permission sets and strong identity security, as opposed to just telling AI, “Please don’t do this.” It may not listen. 

Enterprises need to be secure in the basics. If done correctly, these tools can be implemented safely, even in more sensitive environments.