AI reshaping cybersecurity - on defence and attack

Criminals are embracing artificial intelligence at a pace that cybersecurity experts have never seen before, creating new challenges for governments and organisations already struggling to keep up with a rapidly evolving threat landscape.

Bad actors are now adopting AI far more quickly than previous technologies because it enables them to scale attacks, automate tasks and improve the effectiveness of their operations.

This has led to governments and businesses worldwide racing  to deploy AI technologies, while simultaneously trying to secure increasingly complex digital environments.

Historically, criminal syndicates have been relatively slow to adopt emerging technologies. AI is proving to be a different beast, because it provides immediate benefits that directly improve the efficiency and reach of cyber attacks.

One of the most significant changes is the ability for attackers to overcome language barriers.

Non-native English speakers often created unconvincing phishing emails, fraudulent websites and social engineering campaigns that were easy for native or even proficient English speakers to recognise as scam material.

But in 2026, AI tools can now generate convincing content in any language, allowing threat actors to target a broader range of victims with greater accuracy, according to VP of Threat Intelligence at TrendAI, Jon Clay.

"It was difficult for them to craft English-based threats easily because they just weren't native speakers and they didn't know how to write properly," Clay said. 

"AI allows bad actors to craft a flawlessly looking English-based email message, text message, web page or website."

The reverse is also true, enabling English-speaking attackers to create convincing content in foreign languages without specialist knowledge.

Beyond content generation, the emergence of agentic AI is expected to further transform cybercrime operations. Unlike traditional AI systems that assist users with specific tasks, agentic AI can autonomously perform complex workflows and make decisions based on predefined objectives.

Criminals are likely to embrace these systems enthusiastically because they can automate many aspects of attack execution.

"The adversaries really want AI to take their jobs because the reason they're criminals is they don't want to work (a normal job)," Clay said.

Agentic systems also allow attackers to become more resilient. Failed attacks can be automatically adjusted and retried using alternative techniques, reducing the effort required to compromise targets and increasing overall attack persistence.

Meanwhile, advances in AI-driven vulnerability discovery are expected to increase the number of software flaws available to attackers.

Researchers have already demonstrated that advanced AI models can identify previously unknown vulnerabilities in software code. 

These flaws, commonly known as zero-day vulnerabilities, are particularly dangerous because software vendors have not yet developed patches to address them.

Clay predicts the number of weaponised zero-days is likely to rise, as AI-assisted vulnerability discovery becomes more widespread.

"We're probably going to see that number increase quite extensively," he said.

The growing volume of vulnerabilities is already creating pressure for defenders. Microsoft, for example, recently disclosed and patched around 200 vulnerabilities in a recent release, double the usual number.

For security teams already struggling with patch management and resource constraints, the increasing number of vulnerabilities presents a significant operational challenge.

But despite these concerns, there's reason to be optimistic that AI will ultimately benefit defenders more than attackers.

"I think that AI is fundamentally changing the way that we can produce and build cybersecurity defences for our customers," Clay said.

Modern AI-powered security platforms are increasingly capable of analysing vast quantities of data, identifying high-risk assets and prioritising threats without requiring human analysts to manually review thousands of alerts.

This shift could prove particularly valuable for government agencies and enterprises facing budget pressures and persistent cybersecurity skills shortages.

Currently, many organisations continue to operate under a 'whack-a-mole' approach to security, responding to incidents after breaches occur, instead of proactively identifying and mitigating risks.

While investments in cybersecurity continue to grow, organisations often fail to invest in the most effective capabilities.

Many organisations currently operate dozens of separate cybersecurity tools, creating complexity, management overhead and additional costs. AI-driven platforms can help consolidate those environments while improving visibility and operational efficiency.

More importantly, AI is enabling a transition from reactive security to risk-based cybersecurity strategies.

Organisations can use AI to continuously analyse their attack surface, assign risk scores to assets and identify weaknesses before they are exploited.

The technology can also predict potential attack paths, helping security teams understand how an attacker might move through a network, and where defences should be strengthened.

As governments and enterprises accelerate AI adoption, the biggest challenge may not be the technology itself, but the speed at which organisations embrace change.

"If history repeats itself, it's probably going to be quite slow, unfortunately," Clay explained.

However, slower adoption may no longer be an option. As threat actors increasingly leverage AI to scale attacks and automate operations, organisations will need to adopt AI-powered defensive capabilities more quickly than previous generations of cybersecurity technology.

The rapid deployment of AI systems also introduces new security considerations 

It is becoming vital that organisations incorporate security into AI projects from the outset, rather than attempting to address risks after implementation.

With governments worldwide encouraging AI adoption to improve productivity and competitiveness, securing those deployments will become an increasingly critical priority.

As both attackers and defenders embrace AI, the technology is reshaping cybersecurity faster than any previous innovation.