Security leaders and professionals alike have often debated the power of AI to transform cyber security — for both good and evil. On the defenders’ side, AI has the potential to augment security teams by identifying anomalous behavior in an expanding universe of digital noise, summarize and translate incident information into business impact, and recommend or automatically execute remediation playbooks. But if it falls into the wrong hands, AI can create sophisticated malware, convincing deepfakes, prolific phishing, and social engineering attacks that fly under the radar.
So the question remains, who will AI benefit more, cyber defenders or adversaries?
We asked this when surveying respondents for our latest CISO Report: The path to digital resilience starts with your board and found that 53% of CISOs surveyed felt that AI would favor cyber adversaries. However, that number has noticeably shrunk since 2023, when 70% of CISOs feared AI would give cyber attackers the upper hand. While security professionals still have strong concerns about AI as a potential weapon, data shows they also feel more confident about its ability as a tool for their security teams.
We posed the same question to other security leaders in person, and similarly, the answer was “It’s complicated.” Consistent with our CISO Report findings, we found that security professionals have complex and nuanced views on AI, both its potential and peril.
Using AI to boost cyber defense
Increasingly, many security leaders are starting to embrace AI’s capabilities in security tools and are looking to the future with cautious optimism — a perspective that represents a significant shift from a year ago.
Dan Syring, Digital Security Supervisor at Devon Energy, stated that Devon teams are actively working to expand various security use cases for AI, such as detecting security incidents and defending against AI-built attacks. In the near term, Syring said they’re excited about its potential to help summarize incidents and relevant information and are looking to leverage the AI assistant feature to provide training to analysts.
Chris Silveira, Director of Cybersecurity at GE Vernova, mentioned that one of AI’s biggest advantages is that it can make security detections more reliable and accurate while also managing and automating laborious tasks that can free up analysts for more critical investigations. Silveira stated, “We will be able to potentially see how AI can contribute to an investigative process, and being able to help you make a determination, whether a true positive or false positive, within the investigation process that can help guide the triage.”
But even with the growing excitement around AI’s potential to build cyber defenses, security teams have approached it cautiously. AI poses a unique conundrum for security teams at major defense contractors, such as Lockheed Martin, tasked with protecting classified government data, highly sensitive plans, and intellectual property. “The benefits of AI are massive, and we want to embrace it,” said Roger Triantafilo, Insider Threat Lead at Lockheed Martin. “It's going to be built into everything. But we also understand that the data we're working with needs to be isolated and protected.”
To tackle this very issue, Devon Energy has already established a zero-trust model, AI guidance, working groups, and steering committees to govern and help shepherd the implementation of internally developed language models.
“What I've seen is that in some cases is that people are doing the right thing and building an AI MLcommittee to look at these things. But if anything has a whiff of AI in it, it can actually stop other projects,” said Mark Canter, CISO of Government Accountability Office. “So getting a really clear process for review and approval, and then a frank discussion to keep the process moving is imperative before bringing in different models just to make sure that everyone's on board and you have agreement across stakeholders.”
How AI aids cyber adversaries
Security professionals understand that what can be used for good can also be used maliciously. While the security community is now exploring and building out an extensive library of AI use cases, they also say that cybercriminals might also have a bit of an edge.
According to Splunk’s 2025 CISO Report, some of the most significant potential threats include more realistic phishing emails (58%), new evasive malware strains (44%), adaptive social engineering tactics (40%), and exploitation of AI solutions (40%.)
In light of a greatly expanded attack surface, AI will give cybercriminals an abundance of new opportunities to gain entry into an organization and access classified or highly sensitive information that might not be adequately protected. “I think AI is going to create new targets for attackers,” said David Rutstein, Principal Security Analyst at GE Digital.
One of the biggest concerns for many security professionals is AI’s ability to distort reality via deepfakes, leading to increasingly sophisticated, authentic-looking attacks that can potentially sway public perceptions. Attackers can potentially capitalize on that confusion. “Once you start pulling AI into the picture, you can lose your sense of reality for what’s true and what’s not,” said GE’s Silveira. “One of the biggest risks of AI is that it makes it very difficult to tell what’s real. That could lead to some very unique and hard-to-detect attacks.”
Zack Schwartz, CIO and CTO at EventsDC, said that some of the biggest concerns regarding AI will be user privacy as organizations rush to adopt the technology before implementing proper privacy and ethics controls to protect users’ information and prevent potentially sensitive data leakage. According to the 2024 Splunk State of Security report, while security teams rarely turn down a chance to write a policy, 34% of organizations do not have a generative AI policy in place, despite its high adoption rate. The resulting gaps could open up the door for external attackers and malicious insiders looking to walk off with an organization’s information. “Right now there are huge gaps in protocol, so you can't implement them company-wide. You can't train employees on a policy that doesn't exist,” he said.
AI benefits both sides – differently
While there are clear arguments for both sides, many security experts agree that both defenders and adversaries have much to learn and gain from AI. Some say much of the fear around AI, as well as its potential, is overhyped. Meanwhile, some compare it to the cloud and other disruptive technologies that have opened new doors for both cyber defenders and attackers.
Looking ahead, there is no doubt a growing desire to bettter secure AI systems and ensure privacy guardrails are in place with strong and sustainable policies. Like other emerging technologies, time will tell who ultimately will benefit the most — and how. “I don’t see it as different from any other technology,” said GE Digital’s Rutstein. “It’s an arms race. In that sense, AI is not that much different from any other tool.”
Download The CISO Report to learn more about how security leaders and threat actors will use AI in 2025.
