The AI advantage dilemma: Security risks and opportunities that lie ahead

What’s old is new again

Most of the practices needed to secure AI deployments aren’t new; they’re just being updated to address AI risks. Rich Baich, senior vice president and chief information security officer at AT&T, says his approach to mitigating AI risks leans heavily on existing cybersecurity leading practices. In particular, he focuses on enforcing strong software development life cycle approaches. Regardless of whether a tool is homegrown or vendor-supported, each should be tested, red-teamed (see the section “Advanced AI-native defense strategies”), meet architectural requirements, and have access controls in place. Baich says this approach allows his team to bring in the AI tools they need to innovate and push operations forward while ensuring they aren’t creating new problems.

“What we’re experiencing today is not much different than what we’ve experienced in the past,” Baich says. “The only difference with AI is speed and impact.”⁵

Accelerated attack timelines, shadow AI, and the complexity of managing autonomous agents mean that basic security table stakes—from data cataloging to agent monitoring—have become urgent requirements. But as we’ll demonstrate in the following section, AI is also playing a bigger role within cyber, risk, and compliance teams, helping them tackle some of these emerging challenges.

Escalating the AI arms race

AI introduces new vulnerabilities, but it also provides powerful defensive capabilities. Leading organizations are exploring how AI can help them operate at machine speed and adapt to evolving threats in real time. AI-powered cybersecurity solutions help identify patterns humans miss, monitor the entire landscape, speed up threat response, anticipate attacker moves, and automate repetitive tasks. These capabilities are changing how organizations approach cyber risk management.

Advanced AI-native defense strategies

One area where cyber teams are taking advantage of AI is red teaming. This involves rigorous stress testing and challenging of AI systems by simulating adversarial attacks to identify vulnerabilities and weaknesses before adversaries can exploit them. This proactive approach helps organizations understand their AI systems’ failure modes and security boundaries.

Brazilian financial services firm Itau Unibanco has recruited agents for its red-teaming exercises. It employs a sophisticated approach in which human experts and AI test agents are deployed across the company. These “red agents” use an iterative process to identify and mitigate risks such as ethics, bias, and inappropriate content.

“Being a regulated industry, trust is our No. 1 concern,” says Roberto Frossard, head of emerging technologies at Itau Unibanco. “So that’s one of the things we spent a lot of time on—testing, retesting, and trying to simulate different ways to break the models.”⁶

AI is also playing a role in adversarial training. This machine learning technique trains models on adversarial examples—inputs designed to fool or attack the model—helping them recognize and resist manipulation attempts and making the systems more robust against attacks.

Governance, risk, and compliance evolution

Enterprises using AI face new compliance requirements, particularly in health care and financial services, where they often need to explain the decision-making process.⁷ While this process is typically difficult to decipher, certain strategies can help ensure that AI deployments are compliant.

Some organizations are reassessing who oversees AI deployment. While boards of directors traditionally manage this area, there’s a growing trend to assign responsibility to the audit committee, which is well-positioned to continually review and assess AI-related activities.⁸

Governing cross-border AI implementations will remain important. The situation may call for data sovereignty efforts to ensure that data is handled locally in accordance with appropriate rules, as discussed in “The AI infrastructure reckoning.”

Advanced agent governance

Agents operate with a high degree of autonomy by design. With agents proliferating across the organization, businesses will need sophisticated agent monitoring to analyze, in real time, agents’ decision-making patterns and communication between agents, and to automatically detect unusual agent behavior beyond basic activity logging. This monitoring enables security teams to identify compromised or misbehaving agents before they cause significant damage.

Dynamic privilege management is one aspect of agent governance. This approach allows teams to manage hundreds or even thousands of agents per user while maintaining security boundaries. Privilege management policies should balance agent autonomy with security requirements, adjusting privileges based on context and behavior.

Governance policies should incorporate life cycle management that controls agent creation, modification, deactivation, and succession planning—analogous to HR management for human employees but adapted for digital workers, as covered in “The agentic reality check.” This can help limit the problem of orphaned agents, bots that retain access to key systems even after they’ve been offboarded.

As AI agents become empowered to spin up their own agents, governance will grow more pressing for enterprises. This capability raises significant questions about managing privacy and security, as agents could become major targets for attackers, particularly if enterprises lack visibility into what these agents are doing and which systems they can access.

The force multiplier effect

Many cyber organizations are using AI as a force multiplier to overcome complex threats. AI models can be layered on top of current security efforts as enhanced defense mechanisms.

AI can assist with risk scoring and prioritization, third-party risk management, automated policy review and orchestration, cybersecurity maturity assessments, and regulatory compliance support. When deployed in these areas, AI capabilities enable security teams to make faster, more informed decisions about resource allocation.

AI is also playing a role in controls testing and automation, secure code generation, vulnerability scanning capabilities, systems design optimization, and model code review processes. This accelerates the identification and remediation of security weaknesses.

The need for AI blueprints

Cybersecurity team operations weren’t designed for AI, but business efforts to implement AI throughout the organization create an opportunity to rethink current cyber practices. As businesses roll out AI (and agents in particular) across their operations, many are choosing to completely reshape the workforce, operating model, governance model, and technology architecture. While rearchitecting operations to take advantage of AI agents, organizations should build security considerations into foundational design rather than treating them as an afterthought. This proactive approach to heading off emerging cyber risks can prepare enterprises for today’s threats and position them well against dangers that are likely to hit two to five years down the road, which is the subject of the following section.

AI cyber risks will progress, but so will solutions

As we look ahead, emerging trends may challenge fundamental assumptions about cybersecurity, physical security, and even geopolitical stability. While some scenarios remain speculative, understanding potential futures enables organizations to prepare architectures and governance frameworks that can adapt as threats evolve.

When everything is a weapon: AI–physical reality convergence

As AI proliferates across every physical system—power grids, water treatment facilities, transportation networks, supply chains, health care delivery systems—and as AI capabilities improve, physical risks increase exponentially. The convergence of AI and physical infrastructure creates attack surfaces that could lead to unprecedented disruption.

Future threats may involve single attacks corrupting AI systems simultaneously across multiple sectors, including transportation, health care, and utilities. An adversary gaining access to interconnected AI systems could orchestrate cascading failures that compound across critical infrastructure sectors.

Sophisticated attacks could employ “boiling frog” tactics, where AI systems subtly degrade system performance over months, making detection difficult until significant damage has accumulated.

Organizations can prepare for AI–physical convergence risks through several approaches.

• Automated supply chain vulnerability detection: Organizations should deploy monitoring tools that constantly check supply chain risks, implementing early warning systems for compromise indicators.
• Physical system resilience: Organizations should build backup manual controls for critical physical systems, ensuring that human operators can override automated decisions when necessary.
• Cascade prevention architecture: Organizations should create barriers that stop problems from spreading across connected systems, implementing isolation boundaries that contain failures.

Autonomous cyber warfare

The evolution toward autonomous cyber warfare—AI-versus-AI combat with fully automated attack and defense systems operating at machine speed without human intervention—represents a paradigm shift in cybersecurity.

Future attack capabilities may include:

• Swarm attack coordination: AI systems could overwhelm defensive systems through coordinated actions that adapt in real time to defensive responses.
• Adaptive persistent threats: Attacks could evolve based on defensive measures, learning from each defensive action to identify weaknesses and continuously adjust tactics.
• Geopolitical dimensions: The weaponization of AI for cyber warfare creates new geopolitical risks, including the manipulation of public opinion through altered or outright fabricated media, as described in Tech Trends 2024.
• Economic warfare risks: Stock markets increasingly rely on AI for trading, risk assessment, and market analysis. Some experts suggest the next financial crisis could be driven by AI rather than by traditional economic factors.⁹

Emerging frontiers: Space and quantum security

As AI security evolves, two emerging frontiers warrant urgent attention despite their nascent development: space-based infrastructure and quantum computing.

Space infrastructure vulnerability: The commercial space industry has opened new attack surfaces; every satellite is essentially a computer vulnerable to exploitation. As adversaries develop capabilities to infiltrate satellites, the potential for disruption extends to GPS, communications, weather monitoring, and a nation’s security systems.

Quantum communication channels: Quantum communication promises theoretically unbreakable encryption but also threatens to render current encryption methods obsolete. As discussed in Tech Trends 2025, organizations should prepare for this transition while securing quantum communication infrastructure against adversaries seeking to compromise or control these capabilities.

The imperative for balanced innovation

Organizations should simultaneously pursue both innovation and security through strategic frameworks that embed security into AI initiatives from inception.

Businesses can start by implementing fundamental security controls: data security, access management, model protection, and infrastructure hardening. Skipping these fundamentals in pursuit of rapid AI deployment can create vulnerabilities that may eventually compromise their competitive position.

From there, enterprises may consider investing in advanced AI-powered defense capabilities. Fighting AI threats requires AI-powered security systems that can operate at machine speed, identify subtle attack patterns, and adapt to evolving adversary tactics. The organizations that treat AI security as a force multiplier rather than a cost center are likely to build lasting defensive advantages.

Finally, preparing architectures and governance frameworks for emerging threats will become more important beyond the next few years. While autonomous cyber warfare and AI-physical convergence may seem distant, building adaptable security architectures today helps build organizational resilience tomorrow as the threat landscape evolves.

The AI dilemma is ultimately not a dilemma at all; it’s a call to action. Organizations that approach AI security strategically, implementing multiple defense layers while innovating rapidly, can better protect their assets and may be able to establish competitive differentiation through leading risk management capabilities. The future belongs to enterprises that master this balance, treating security as an enabler of AI adoption, not a constraint.