In a recent Cyber Technology Intelligence podcast, Noma Security’s CISO highlights the growing shift toward proactive, intelligence-led defense strategies. She’s right to frame it that way. What we’re seeing in this field suggests attackers have already moved on from linear playbooks.

The “AI” label gets overused. Not every script is a transformer. However, the pattern is clear. Decision-making is being offloaded. That’s the tipping point.

How AI Attacks Have Evolved

In early 2023, the environment was marked by the use of fairly primitive tools such as WormGPT. 

Those tools lacked guardrails, were able to produce harmful content, yet still required operator guidance for their deployment. The execution process was controlled manually.

The attack surface continues to grow at an even faster pace than most security measures can adapt to. 

About 87% of firms have rolled out AI assistants past their experimental phase, while 94% find themselves battling with multifunctional tools since risks exist across email, cloud, collaboration, and AI technology.

By 2025-2026, various threat intelligence sources have confirmed trends related to the shrinking time span and semi-autonomy of attacks:

Observed Evolution Path

Phase	Then (Pre-2024)	Now (2026)
Recon	Manual OSINT	AI-driven profiling pipelines
Initial Access	Static phishing kits	Adaptive, personalized campaigns
Execution	Predefined scripts	Dynamic payload mutation
Persistence	Known techniques	Context-aware persistence selection
Lateral Movement	Human-directed	Semi-autonomous pathfinding

Defenders are still thinking in terms of “tools”, whereas attackers are thinking in terms of “systems”.

AI-Driven Cybercrime Demands AI-Driven Security

Companies are becoming more resistant to ransom attacks with the refusal rate reaching 63% (up from 59%). However, on average, such an attack costs about $5.08 million.

The healthcare industry is the costliest one with an average breach cost of $7.42 million, and it takes more time to contain it than other industries at an average of 279 days.

Post-breach investments have decreased, with just 49% of firms considering new investments in cybersecurity (from 63%), while under 50% invest in AI security solutions.

Impersonation goes beyond voice cloning. It captures decision-making tone, urgency patterns, and even how executives phrase approvals.

Attackers are feeding models with:

• Earnings call transcripts
• Internal email leaks
• Social media behavior

So when the call comes in, it’s not just a familiar voice. It’s a familiar conversation style.

What’s Changing?

• Signature-based email gateways
• Static behavioral rules
• Traditional user awareness training

Users aren’t the weakest link anymore. Detection logic is.

Malware That’s Learning Faster Than Us

The average cost of a data breach worldwide according to IBM is $4.44 million, representing the first decrease over five years while the average cost in the US hit its peak at $10.22 million.

The total lifetime of a data breach declined to 241 days across the world, which is 17 days less than the previous year. The detection of data breaches within the company saved on an average $900,000.

Mapping this to MITRE ATT&CK chains, we’re seeing tighter loops:

• Initial Access (T1566.002)
• Credential Access (T1003)
• Discovery (T1087, T1018)
• Adaptive Execution
• Exfiltration (T1041)
• Impact (T1486)

What’s different is the feedback loop between stages. Decisions are being made mid-chain.

According to Intent Market Research (IMR), the healthcare cybersecurity market is projected to reach USD 41.6 billion by 2030, reflecting a steady shift toward defensive modernization across providers and payers. 

Request Download– IMR Healthcare Cybersecurity Market Report 

Supply Chain Poisons via AI Models

SolarWinds supply chain attack is a textbook example of a build-level attack where attackers planted backdoors into software updates that were part of Orion’s platform and distributed to many customers. 

The software updates were then passed on downstream to other clients, which ultimately led to making one vulnerable platform the entry point for attacks.

Harder to detect. Harder to attribute.

Compliance and Costs in the US

CISA’s latest directives are pushing for stricter reporting timelines and resilience standards. Necessary, but operationally heavy.

According to CrowdStrike, median breakout times dropped below 79 minutes, while elite-level adversaries perform lateral movement in less than 30 minutes.

Mandiant M-Trends statistics demonstrate that the median dwell time shrank to 10 days worldwide from 16 days or more only two years ago.

Palo Alto Networks Unit 42 reports single-digit dwell times for targeted intrusions, especially associated with ransomware attacks.

Meanwhile, organizations are juggling:

• AI governance requirements
• Legacy infrastructure
• Increasing attack surface

In financial services, compliance overlap is becoming a real issue. SEC, FINRA, and state-level regulations. Add AI oversight on top.

CISOs know reactiveness isn’t enough. However, shifting left requires investment and justification. Many teams are stuck in pilot mode. Testing AI defenses without scaling them.

Battle-Tested Counters: What Actually Works

No silver bullets. However, some approaches are holding up better than others.

Practical Defenses from the Field

Control Area	What Works	What Doesn’t
Identity	Phishing-resistant MFA (FIDO2)	SMS-based MFA
Detection	Behavior-based EDR/XDR	Signature-only AV
Email Security	AI-assisted anomaly detection	Static rule filters
Training	Scenario-based simulations	Annual compliance modules
Architecture	Zero-trust segmentation	Flat networks

Zero-trust isn’t new. However, the implementation matters.

Early Signals Shaping 2027 

A few things to keep an eye on in the coming year. 

1. Encrypted Information in Quantum’s Backyard

Not there, but we’re getting there.

NIST has already released its first post-quantum cryptographic standards; migration timelines for federal use are already underway

Industry predictions put around 20-30% of enterprise encryption infrastructure as not ready for the quantum era, especially legacy infrastructure.

The “collect now, decrypt later” strategy has been actively talked about within the intelligence community. Data collected today will be decrypted later.

2. Regulatory Enforcement is Shifting from Advisory to Penalties

It’s a matter of structure, less advisory and more enforcement. CISA mandates are shortening incident reporting deadlines down to 72 hours for critical infrastructure.

SEC guidelines mandate public company material incident reporting deadlines of 4 business days.

Governance models are surfacing for AI regulation, with more organizations adopting the NIST AI RMF framework.

3. Attack Speed Overtakes Response Models

Autonomy remains contested. Speed doesn’t. Breakout times for attackers are under 60 minutes, having been seen in several instances.

IBM has reported that breach lifecycles remain above 250 days on average, and the discrepancy only gets bigger. Human-in-the-loop response models are no longer quick enough for initial containment.

4. AI Supply Chain Risk Is Going Up Stealthily

It is being undermonitored despite its importance. The NIST guidelines on AI risk management point out that data poisoning and model manipulation are critical concerns.

There are shared models and AI API services, which have expanded the scope for attacks tremendously. Preliminary evidence shows that model validation is not a priority after deployment.

76% of companies that have banned AI code writing tools still acknowledge their use within the organization.

Companies keep tabs on their software dependencies. However, model dependencies and training datasets go untracked.

Checklist for CISOs

• Inventory AI usage across the organization 
• Validate third-party model dependencies
• Implement phishing-resistant authentication
• Expand detection beyond signatures
• Invest in adversarial testing

For a grounded perspective on these shifts, the AI Security and the Modern CISO Podcast featuring Diana Kelley is worth your time.

It frames many of these challenges in practical terms.

FAQs

1. Are cyber attacks based on AI technology a true step change, or a marketing gimmick on top of traditional attack methods?

AI attacks represent a true step change in cybersecurity. It’s not a question of better tools; it’s about speed and flexibility. The attacker does not need to test and improve attack techniques by himself. AI systems are capable of continuous learning of successful and unsuccessful methods within your network.

2. Where should CISOs be the most concerned regarding vulnerabilities associated with AI threats?

It is a mistake to expect AI attacks to affect your infrastructure and endpoints. Your biggest threat lies in being fooled by your own perception. Phishing and deepfakes, as well as identity theft, will be used to attack higher-level decision making.

3. How can organizations protect themselves from constantly changing AI-based attacks?

Traditional cybersecurity measures will not be effective anymore. We must move to dynamic security approaches, including behavior-based monitoring of suspicious activities.

4. Are we raising risks by adopting AI more than creating value from its usage?

This can happen simultaneously. AI brings efficiency and competitive advantage to the table, but it also increases your attack surface into domains that most teams aren’t ready to defend. The question isn’t whether or not to embrace AI.

5. In the case of a CISO looking to stay one step ahead of AI-related threats, what should their first move be?

Visibility and control should be the order of the day. You have to know what AI is being applied to, the data it’s touching, and the decisions it’s influencing. Only then can you establish guardrails around identity, access, and model integrity.

To share your insights, please write to us at news@intentamplify.com