‘You have to fight AI with AI,’ say cybersecurity experts

As AI transforms every facet of modern life, cybersecurity leaders warn that governments must move just as fast — and make security the foundation of public policy, not an afterthought. AI is both a powerful threat and a critical defence tool, forcing a shift toward policies and systems that can operate — and defend — at machine speed, they say.

As artificial intelligence reshapes every aspect of modern life, cybersecurity leaders are warning that governments must move just as fast — and that security must be the foundation of public policy, not an afterthought.

AI is not just a challenge — it’s a transformative tool that must be harnessed to defend against itself, says Heather Black, head of public sector for Palo Alto Networks in Canada.

“You have to fight fire with fire,” she told Means & Ways ahead of Palo Alto’s AI-Enabled Cybersecurity Summit which focused on the “the transformative potential of AI-driven security solutions.”

She said organizations and governments need “to leverage AI to fight AI” and that “an AI-driven security operation is the future.”

“There’s no other way that organizations defend themselves effectively,” she said.

Unfettered access

Black said the scale and speed of change created by AI have been “truly transformative,” forcing both industry and government to rethink how they approach security. Integrated, coordinated systems are now essential to stay ahead of threats that evolve in real time, she said.

Daniel Roy, country manager for Palo Alto Networks Canada, said the introduction of AI into the security landscape has fundamentally altered the balance between protection and exposure. “For AI to be proficient at what it does, it needs unfettered access to data,” he explained. “Our job is to defend access to data, which AI disrupts at scale.”

Roy called the result a new world that’s highly dynamic, one that demands more “contextualized access so that AI can work as designed but for the bad actors not to have access to all that data.”

That shift — where attackers and defenders alike now wield AI — has made cybersecurity not just a technical concern, but a transformative policy issue.

Sam Kaplan, assistant general counsel for global policy, said security must be built into AI policy from the start. “The security of those AI systems and the AI ecosystem needs to be treated as a foundational layer that enhances trust, reliability and the safety of those systems,” he said. “It can’t be something that you build in at the back end to a security framework… security needs to be the foundation.”

Kaplan warned that adversaries are already using AI to industrialize cybercrime. “Adversaries are obviously using these tools and capabilities to stage and scope and scale more sophisticated phishing and ransomware attacks,” he said, including “leveraging voice generation, video generation tools and capabilities to subvert those defences and create more realistic spear phishing campaigns.”

Agentic AI emerging

He also pointed to the emergence of agentic AI — autonomous systems capable of carrying out instructions across networks without human input. “It’s the action arm of the artificial intelligence,” Kaplan explained. “These tools have the ability to scope and scale attacks to rapidly give adversarial actors the ability to move laterally across systems in a quicker and more efficient manner.”

Dan Kroese, vice president of government affairs for Palo Alto Networks and a former senior official at the U.S. Cybersecurity and Infrastructure Security Agency (CISA), said this shift in speed is transforming the very nature of defence. “We’re seeing attackers get in and out of systems in hours now across the global ecosystem,” he said. “The average enterprise takes five and a half to six days to resolve a potential cyber incident. So [there is a] wild misbalance in the status quo of attacker speed versus defender capability.”

According to Kroese, the arrival of AI-powered defence platforms is changing that equation dramatically. That’s why Palo Alto invested in an AI-powered security operations centre. “Before this AI-powered security operations centre, our average customer had a two to three day mean time to resolve a cyber incident,” he said. “Afterwards, that range went from 14 minutes to two hours, with 60% of customers under 10 minutes. Those are real numbers.”

He called those results “truly transformative,” adding that “the stakes are high because of the adversarial speed and the legacy misalignment with the defender speed.”

Kaplan said governments must move quickly to match that pace. “Time is of the essence,” he said. “These tools and capabilities are getting more powerful, cheaper to operate and easier to use for adversaries, and that is rapidly changing the threat landscape.”

Black noted that while governments are eager to deploy AI, many traditional procurement processes can’t keep up with its transformative speed. “Guardrails were taking too long and were taking away the agility and benefit of deploying AI,” she said. “Cyber’s in a different category… the pace of change [means] you can’t start a broad procurement process today and expect to contract in 36 months. The problem’s very different in six months, let alone 36.”

The AI transformation underway requires collaboration across the public and private sectors, Black said. “We often say in cyber it takes a village. We share data with our competitors because it helps — high tide rises all the boats,” she said. “It truly is a collaboration.”

As Kroese summed it up: “You’re not just selling widgets. You’re selling a national security partnership — and the stakes are really, really high right now.”

You might also like