Rupert Marais has spent a significant portion of his career at the coalface of endpoint security and network management, positioning him perfectly to witness the radical transformation of the digital threat landscape. As our lead Security specialist, he has navigated the complexities of fragmented infrastructure and the slow evolution of traditional cyber defense, but he now warns that the era of human-speed security is coming to a close. With the rise of frontier AI models, the industry is bracing for a fundamental shift where autonomous systems can reason through vulnerabilities and execute attacks with a level of coordination that was previously impossible. Rupert joins us to discuss why the current gap between organizational assumptions and the reality of machine-speed threats is widening and what it takes to build a defense that can actually keep pace.
The following discussion explores the structural changes initiated by advanced AI models like Mythos, which are enabling offensive operations to scale beyond human capacity. We delve into the concept of agentic AI and how it transforms vulnerability exploitation into a continuous, real-time process that eliminates the traditional window for manual patching. Rupert also addresses the critical failures of fragmented security stacks and explains why the future of enterprise defense lies in unified platforms that integrate data, policy, and enforcement into a single, responsive architecture.
Frontier AI models like Anthropic’s Mythos and GPT-5.5-cyber are signaling a massive shift in the cybersecurity industry. How are these specific advancements in reasoning and automation changing the way cyber-attacks are structured and scaled?
The emergence of models like Mythos and GPT-5.5-cyber represents a fundamental structural change because it moves cyber-attacks away from static, human-coded scripts toward dynamic, reasoning-based systems. These frontier models allow both the discovery of vulnerabilities and the execution of attacks to operate with significantly less human intervention, creating a pace of activity that defenders simply cannot match. Enterprises are currently deploying AI tools into their workflows so rapidly that many security teams are struggling to keep up with the new attack surfaces being created. When these models are integrated across core systems and sensitive data, they expand what is possible in terms of task execution, making it easier for an adversary to identify a weakness and exploit it before a human defender even realizes the door has been opened. The combination of these factors means that the operational burden of responding to threats is becoming a weight that traditional, human-dependent systems can no longer support.
You’ve highlighted that cyber-attacks are becoming “agentic” in nature. Could you describe the operational reality of facing an adversary that functions like a coordinated, machine-speed team?
Facing an agentic threat is a jarring experience for most security teams because the attack behaves like a living, breathing entity that constantly identifies weaknesses and refines its techniques in real time. These systems turn what used to be a staged process of discovery and exploitation into a continuous loop that runs at machine speed, never constrained by the need for rest or specific human skills. This allows a single threat actor to operate like an entire coordinated team, running multi-stage attacks in parallel across distributed environments and adapting to defensive measures as they are implemented. It is essentially the zero-knowledge threat actor on steroids, where the software itself possesses the reasoning capability to find a path through a network and pivot when it hits a roadblock. This alters the baseline for what we consider a standard cyber defense, as the adversary is no longer limited by the time or resources of a human operator.
We are seeing the time between a vulnerability disclosure and active exploitation shrink from months to mere hours. What does this mean for organizations that still rely on manual investigation and staged patching cycles?
For organizations still tethered to manual investigation and staged patching, the shrinking window between disclosure and exploitation is a recipe for disaster. We have seen recent cases where working exploits appeared within hours of a vulnerability becoming public, followed almost instantly by automated scanning and targeting across the internet. In this environment, the first indication of a weakness for many companies is not a security advisory, but an active intrusion attempt that is already well underway. Security architectures built around prioritization and human review are simply not designed for this pace of activity, and the pressure on these systems is causing them to break. It creates a situation where the defender is always several steps behind, trying to fix a hole that the attacker has already moved through to reach deeper, more sensitive parts of the infrastructure.
Fragmentation seems to be a recurring theme in security failures, with cloud, SaaS, and on-premises systems all generating different data streams. Why is this fragmented approach becoming a fatal weakness in the era of AI-driven threats?
Fragmentation is the silent killer of modern security because an attacker moving through a fragmented environment leaves behind footprints that appear routine when viewed in isolation. Security teams are currently being squeezed by three parallel pressures: the need to secure their own AI use, the threat of faster and cheaper AI-enabled attacks, and the noise generated by a market flooded with new AI defensive tools. When your security data is siloed across cloud platforms, SaaS applications, and legacy on-premises hardware, you lose the ability to see the connections that define a modern attack. The network is the vital intersection where users, applications, and infrastructure meet, and it is the only place where activity can be observed and controlled in real time across the full environment. Without this visibility, disconnected controls struggle to keep pace, adding more volume to the data stream without actually improving the team’s understanding of the threat landscape.
You advocate for a unified platform built as a single architecture. How does this model change the power dynamic between defenders and automated attackers?
A unified platform changes the dynamic by allowing data, policy, and enforcement to operate together within the same operational loop, matching the timeline of the attacker. When these elements are integrated, the system can identify patterns as they unfold and generate protections immediately, which is essential when attackers are operating on timelines measured in minutes. Some of the most effective early developments in this space involve AI-driven systems that analyze newly disclosed vulnerabilities and apply controls before an attack can even fully develop. This approach moves the focus away from reacting to fragments of data and toward identifying early indicators of unknown threats across the entire infrastructure. By reducing the delays introduced by manual investigation and limited visibility, defenders can finally begin to close the gap that has allowed attackers to exploit the same weaknesses repeatedly.
What is your forecast for the future of enterprise security as we move toward a world where both sides of the conflict are increasingly automated?
My forecast is that we will see a total shift where the execution layer of cybersecurity becomes a contest between competing automated systems, leaving humans to focus exclusively on high-level strategy and intent. We are moving toward a reality where security is no longer a set of tools you run, but a real-time, integrated system that must observe, understand, and act within seconds to remain relevant. Human expertise will remain critical in shaping the overarching strategy and understanding the motives of an adversary, but the day-to-day battle of detection and response will be handled by systems that operate continuously and at scale. Organisations will either embrace this move toward unified, machine-speed defense, or they will find that their assumption of being “secure” is a dangerous illusion in an environment that has simply moved too fast for them to keep up. Success in the wider AI economy will ultimately depend on this trust, as no organization can scale its digital ambitions without a security posture that is as fast and adaptable as the threats it faces.
