AI is quickly disrupting cybersecurity programs and operating models.
Key takeaways
Attackers now have access to advanced capabilities to find and exploit weaknesses.
Companies must close gaps between current security programs and what AI-enabled attackers can do.
Artificial intelligence is disrupting how most cybersecurity operating models and programs are built. What Anthropic has put on display with Mythos, their AI frontier model, is likely the tip of the iceberg, with many other parts of cybersecurity strategy set to be challenged in the months ahead. In this environment, the speed of change itself is the hardest problem to solve when creating and implementing a strategy. CEOs, chief information officers, chief information security officers and company boards need to be aware of what is shifting, engaged in the decisions that follow and ready to provide the agility, direction and support their organizations will need to keep pace.
Anthropic’s Mythos presumably demonstrated what a single frontier model can do when pointed at vulnerability research: find new weaknesses in code and write working exploits. That said, there is no evidence that it was able to chain vulnerabilities into automated attacks that can compromise networks or infrastructures at a pace no human can match (maybe that is the next phase). However, in a subtle way, this is a brand-new class of capability for the regular attacker. Nation-state groups and advanced threat actors have held zero-days, custom advanced tooling and autonomous tradecraft for years. What Mythos and the Project Glasswing security initiative signal is that similar arsenals could become available to attackers who previously lacked the skill, team or budget to wield them, and the population of organizations that must defend like they are a high-value target is about to increase sharply.
Expansion of these capabilities is the real paradigm shift. Companies in industries long targeted by advanced actors, including defense, finance, critical infrastructure and health care, have already been operating with the programs this environment demands, and are better positioned to absorb the next wave. However, most other organizations have built programs calibrated to a lower threat tier because their operational, compliance and financial risk profile allowed it. If technology is critical to your business, that calibration will not hold in the long term, and closing the gap between your current posture and what AI-enabled attackers can now do is the work ahead.
The good news? AI is useful to defenders as well. If Mythos or similar frontier models are used by software development companies, vulnerability identification and patch cycles shorten, code quality improves, and triage, detection and response are refined—but the benefits are not equal on both sides. Attackers do not have to worry about change-control windows, regression risk, downtime limits or the physics of patching at scale. Your security team has to deal with all of them. Expect patches, exploits and automated attack attempts to arrive together rather than in sequence, and pre-AI operating assumptions to be stretched and then break.
Recent data already reflects the shift.
Mean time-to-exploit has fallen from 2.3 years in 2018 to roughly 56 days in 2024 and is expected to drop below 24 hours by 2028.
Mythos has shown success rates near 72% against major operating systems and browsers, and open-source projects are absorbing a roughly 500% surge in AI-generated vulnerability reports. Principles, policies and tool inventories still matter. What decides the outcome is whether identity, privileged access, response processes and the attack paths AI has made easier are governed at the attacker’s pace, and whether management can prove it.
Key shifts affecting the future of cybersecurity
Time-to-exploit has collapsed from years to hours.
What was a multiyear window in 2018 is already measured in days and is expected to sit below 24 hours by 2028. Patch cycles, triage workflows and escalation paths built for the old pace will be disrupted in the next 24 months.
AI has shifted the balance toward the regular attacker.
Ordinary attackers now may have capabilities that used to be reserved for state-sponsored groups. One-shot exploit generation and high-volume AI-driven discovery are live today, not topics in a research paper.
Readiness is proven, not claimed.
An AI-ready operating model uses AI against AI, hardens the basics at scale, treats time-to-detect and time-to-contain as top-priority metrics, applies the “least privilege” principle across the organization and has a continuous vulnerability operations function that runs at the attacker’s pace.
The new pace of attack and its impact on security operations
Mature programs have always assumed fast, capable adversaries. What may change now is the size of the population operating at that level. AI may let attackers without advanced skills identify complex vulnerabilities and transform them into working exploits on their own, and a step-change in frontier models has presumably made one-shot exploit generation reliable and repeatable. Incidents may no longer come in discrete waves; they may come continuously. Triage that used to run at human speed now has to run at machine speed, and pre-AI metrics quietly make your program look more ready than it is.
An honest diagnosis
Four hard realities sit behind most conversations:
First, if a critical vulnerability is disclosed this afternoon, most organizations cannot honestly say they would contain it before it reached their crown jewels. Patching, detection tuning and incident response were built for a longer fuse. The issue is not whether the right tools are deployed; it is whether your program can spot, triage and contain an exploitation attempt within a same-day window, over and over, against scenarios that reflect how an AI-assisted attacker actually behaves. Until that is tested rather than assumed, readiness is a story, not a fact.
Second, the signal-to-noise ratio in frontier-AI coverage is poor. Time spent debating what a particular model can do in a lab is time not spent checking what your environment can withstand. The class of capability these tools represent, such as fast automated discovery, one-shot exploit generation and steady high-volume probing, is what you need to defend against. Measure readiness against that capability, not the brand, and require evidence the board can review.
Third, real risk reduction follows a clear sequence. Start with AI-enabled offensive testing that exposes the blind spots unique to your environment. Pair it with AI-enabled defense that shortens detection and containment. Use what you find to drive continuous vulnerability operations and steady hardening of the basics. Broad tool purchases not tied to tested gaps produce slower risk reduction than their price tag suggests.
Finally, consider your defense diversity, using diverse technologies, architectures, vendors and control implementations so a single exploit, technique or AI generated attack chain cannot scale across the environment.
Where current cybersecurity programs fall short
Most programs have not yet adjusted to what changed once time-to-exploit moved inside a business day. Failures fall into five familiar patterns.
The patch-clock trap
Vulnerability programs tuned to 30-, 60- or 90-day service level agreements (SLAs) run on a clock the attacker no longer respects. Without continuous vulnerability operations, critical windows stay open long enough to be used against you. Threat modeling should be incorporated into vulnerability management (if it isn't already), with a focus on reducing time-to-patch for internet-exposed systems and services.
Tool inventory mistaken for capability
Deploying a new EDR, SIEM or attack-surface management product does not constitute defense. Controls should only be considered capabilities once they have been validated against AI-accelerated scenarios, including assume-compromise exercises. Your organization should continuously test your controls and technology using AI-enabled offensive security methods, including red teaming, purple teaming and scenario-based testing, with exercises specifically designed to challenge defenses under assumed compromise of employees, vendors, executives or IT personnel.
Basics starved for attention
Egress filtering, deep segmentation, asset management, phishing-resistant multifactor authentication (MFA) and AI-enabled identity and privileged access management raise an attacker’s cost the most. Programs that under-invest here are not saved by the next AI defense product. Any AI-enabled offensive tool needs to communicate with its underlying model to make decisions. This means that cutting internet connectivity (or even DMZ access) from your most sensitive systems and networks can significantly improve your chances of protecting them.
Human-paced triage in a machine-speed world
Triage workflows, on-call rotations and escalation thresholds built for occasional incidents break down under constant high-volume load. In today's threat landscape, cybersecurity defense must rely heavily on AI for threat identification, incident containment and decision support. Without it, organizations cannot adequately defend against the evolving nature of modern cybersecurity attacks enabled by AI.
Headlines used as strategy
Reacting to each frontier-model release produces tactical spending without lasting gain. The stronger response is an operating model that absorbs new offensive capabilities without requiring a strategy rewrite. Step back and assess how your program is designed to defend against advanced threat actors, then identify what needs to be adjusted, without overhauling processes in ways that could disrupt the business, such as patching critical systems without proper testing or within unrealistic timelines.
Where current cybersecurity programs fall short
Most programs have not yet adjusted to what changed once time-to-exploit moved inside a business day. Failures fall into five familiar patterns.
Vulnerability programs tuned to 30-, 60- or 90-day service level agreements (SLAs) run on a clock the attacker no longer respects. Without continuous vulnerability operations, critical windows stay open long enough to be used against you. Threat modeling should be incorporated into vulnerability management (if it isn't already), with a focus on reducing time-to-patch for internet-exposed systems and services.
Deploying a new EDR, SIEM or attack-surface management product does not constitute defense. Controls should only be considered capabilities once they have been validated against AI-accelerated scenarios, including assume-compromise exercises. Your organization should continuously test your controls and technology using AI-enabled offensive security methods, including red teaming, purple teaming and scenario-based testing, with exercises specifically designed to challenge defenses under assumed compromise of employees, vendors, executives or IT personnel.
Egress filtering, deep segmentation, asset management, phishing-resistant multifactor authentication (MFA) and AI-enabled identity and privileged access management raise an attacker’s cost the most. Programs that under-invest here are not saved by the next AI defense product. Any AI-enabled offensive tool needs to communicate with its underlying model to make decisions. This means that cutting internet connectivity (or even DMZ access) from your most sensitive systems and networks can significantly improve your chances of protecting them.
Triage workflows, on-call rotations and escalation thresholds built for occasional incidents break down under constant high-volume load. In today's threat landscape, cybersecurity defense must rely heavily on AI for threat identification, incident containment and decision support. Without it, organizations cannot adequately defend against the evolving nature of modern cybersecurity attacks enabled by AI.
Reacting to each frontier-model release produces tactical spending without lasting gain. The stronger response is an operating model that absorbs new offensive capabilities without requiring a strategy rewrite. Step back and assess how your program is designed to defend against advanced threat actors, then identify what needs to be adjusted, without overhauling processes in ways that could disrupt the business, such as patching critical systems without proper testing or within unrealistic timelines.
The same root cause sits underneath all five patterns: security operations that work as an activity rather than as an operating discipline. Controls that are not tested, measured and fixed continuously at the attacker’s pace are not defenses. They are security theater.
Where cyber risk is most concentrated today
AI does not add to the list of attack surfaces. Internet-facing services, identity systems and privileged access paths are the surfaces where a single weakness can turn into a same-day incident. They deserve stricter controls, better architecture, AI-enabled detection/containment and more frequent testing than your past cadence suggests, because failures there—spread quickly—are hard to reverse. Governing these surfaces against a defined capability standard, rather than a specific tool or threat actor, lets your program avoid the reactive cycle of chasing each new model release.
Metrics that reflect modern cyber risk
Pre-AI SLAs were set for occasional incidents and slower attacker methods, and efficiency pressure has let those metrics stay green on the dashboard even as real risk has grown. An AI-ready program makes time-to-detect, time-to-contain and triage throughput top-priority metrics, and replaces thresholds built for the old pace with ones that assume constant, high-volume incidents and potential same-day exploitation for exposed systems. Boards and C-level executives should ask for trend lines, not snapshots.
A practical starting point is a baseline AI readiness commitment: a tested same-day containment scenario for each crown-jewel asset, a named executive owner for continuous vulnerability operations, and a validated baseline for time-to-detect and time-to-contain. These three commitments set accountability without waiting for a full program rebuild.
An AI-ready operating model: Five motions
The AI-ready technical security program rests on five connected motions. Each produces evidence. Each sharpens the next.
Fight AI with AI. Use LLM-powered discovery against your own code, pipelines and infrastructure to surface issues in your code before attackers do, and pair that with AI-enabled defense that detects and contains at machine speed. Stress the program with AI-enabled adversarial simulation, red teaming and assume-compromise exercises that reflect how a modern attacker works.
Harden the basics at scale and test them with AI. Execute consistently on egress filtering, deep segmentation, asset management and phishing-resistant MFA, and validate the hardening with AI-enabled adversarial simulation so every decision is tied to a tested outcome rather than a control catalog.
Recalibrate defense technology, risks and triage metrics. Replace pre-AI assumptions with measurements built for machine-speed exploitation and simultaneous incidents. Time-to-detect and time-to-contain should be measured against AI-speed scenarios, triage throughput becomes a primary metric, and risk scoring and patch SLAs may need to be reassessed so that detection coverage and response capacity match the new reality.
Stand up vulnerability operations (VulnOps). VulnOps owns identification, prioritization and remediation as a continuous running process rather than a quarterly project. It is the organizational answer to a threat environment in which exploit windows close in hours rather than months.
For middle market organizations, the operating model is delivered in a focused form: steady hardening, a right-sized VulnOps function and targeted AI-enabled testing against the highest-value assets. For enterprises, the same motions scale across business units, regions and trust boundaries, with combined metrics that defend investment at the board level with evidence rather than narrative.
Rewire secure software development. Technical debt is now an attack surface. Embed AI-assisted threat modeling and code review into the SDLC, govern AI-generated code with provenance and test gates, and enforce zero trust segmentation to contain the blast radius.
What the AI era requires from modern cybersecurity programs
AI-accelerated attacks require a fundamental shift in the security operating model for many organizations, not incremental additions to existing programs. Handled effectively, this shift sharpens detection, tightens response and raises the cost of attack, which should be the objective. Left unaddressed, AI proliferation will gradually undermine every assumption on which previous models were built. Organizations unable to raise attacker cost by removing outbound connectivity and closing viable attack paths before they result in severe impact will face significant challenges to their security posture in the AI era. True resilience comes from disciplined hardening, strong network and identity segmentation, and the selective application of AI where it materially improves speed and decision making, not from indiscriminate automation.
For most organizations, the challenge is not understanding the Mythos step change. It is turning that understanding into an operating model that holds up when time-to-exploit falls below 24 hours.
RSM helps organizations identify where AI‑accelerated attack paths already exist; realistically assess whether detection, response, identity and vulnerability operations can function at modern attacker speeds; and design the operating motions needed to close the gap.
In addition, RSM Defense managed security solutions complement this approach by using AI‑enabled capabilities to support end‑to‑end event resolution, including alert correlation, enrichment, prioritization, investigation support and governed automated response workflows. AI and automation accelerate analysis and drive consistency, while analyst oversight remains integral, with outcomes such as incident conclusions, escalation decisions, identity actions and response steps reviewed and validated before execution or client communication.
Finally, RSM’s AI‑enabled identity and access management and privileged access management services help to reduce the most exploited attack surface by governing identities, privileges and access at scale, applying automation and analytics to prevent identity‑based compromise before it becomes a breach.
RSM contributors
-
David LlorensPrincipal -
John HuyettePrincipal
Additional resources
