Artificial intelligence is everywhere – in headlines, in boardroom discussions, and in every cybersecurity product demo. But according to Google’s top threat analysts, many security leaders may be focusing on the wrong enemy. Speaking at the Singapore International Cyber Week 2025, Luke McNamara, Deputy Chief Analyst at Google’s Threat Intelligence Group, cautioned CISOs not to get lost in the noise.
“The role of AI in attacks today is overemphasized,” McNamara said. “Many of the most impactful breaches don’t even involve AI.”
It’s a refreshing reminder: while AI-assisted cyberattacks are real, most breaches still succeed using old-school tactics – stolen credentials, phishing, and unpatched systems.
The AI Panic That Overshadows Real Risks
Let’s admit it – “AI-powered hackers” make great headlines. They sound futuristic, menacing, and unstoppable. But the reality is more mundane.
McNamara explained that while some threat actors use AI to automate small tasks – like translating code or improving phishing messages – it’s not a major leap in their offensive capability. In other words, AI isn’t making hackers invincible; it’s just making them faster.
What’s concerning is how this hype distracts CISOs from the vulnerabilities already costing millions every year. According to the IBM Cost of a Data Breach Report 2024, the average breach cost hit $4.45 million, with most incidents stemming from credential theft, cloud misconfigurations, and delayed patching – not AI trickery. According to a McKinsey survey, the global cybersecurity “total addressable market” may reach between US $1.5 trillion and US $2.0 trillion, underscoring both the magnitude of the threat landscape and the scale of defensive investment required.
The lesson? Don’t let tomorrow’s fears overshadow today’s flaws.
Old Tactics, New Twists
One of the earliest fears around AI was that it would create perfect phishing emails – free of grammar errors and highly persuasive. And yes, AI can polish a phishing message. But here’s the truth: phishing was already effective long before ChatGPT entered the picture.
In fact, Google’s own Mandiant M-Trends 2024 report shows a decline in phishing as an initial breach vector over the past three years. Awareness training and advanced filtering are finally paying off.
So, if phishing isn’t the biggest problem anymore, what is? McNamara points to two major threat themes that deserve every CISO’s attention:
- Edge Infrastructure Exploitation – Attackers increasingly target edge assets such as VPNs, firewalls, and cloud access points, exploiting outdated firmware and misconfigurations.
- Credential Theft – Stolen credentials remain the most common entry point for attackers, often leading to ransomware and data exfiltration within hours.
Neither requires advanced AI. Both require stronger human vigilance and consistent security hygiene.
Why CISOs Need to “Right-Size” the AI Problem
Here’s the irony: AI is both overestimated and underestimated in cybersecurity. On one hand, it’s blamed for attacks it hasn’t caused. On the other hand, it’s underused in defense operations.
McNamara called it “right-sizing the problem.” CISOs should prepare for future AI-enabled threats, yes – but they also need to stay grounded in current realities. Attack surfaces, not algorithms, are today’s weak spots. Gartner predicts that by 2027, more than 40 % of AI-related data breaches will be caused by improper use of generative AI (GenAI) across borders.
A simple analogy: installing a high-tech smart lock doesn’t help if you’re leaving your back door open. The same goes for cyber defense – AI-driven monitoring tools are valuable, but only when fundamental controls are solid.
How AI Is Actually Helping Defenders
Now, let’s flip the script. AI may not be the villain in most cyberattacks, but it’s proving to be a powerful ally for defenders.
Google’s VirusTotal platform, for instance, uses AI to detect malicious behavior in code – even when there’s no known malware signature. That means security teams can catch zero-day threats before they spread.
McNamara highlighted another use: AI-driven threat intelligence. Google and other major players are using AI to sift through millions of logs, alerts, and dark web signals to generate actionable insights faster than human analysts could on their own.
McKinsey reports that the vended cybersecurity market is expected to grow at 12.4% annually between 2024 and 2027.
AI also assists in forensics and attribution – connecting the dots between different malware families to identify which groups are behind them. The faster analysts can link incidents, the sooner organizations can respond and contain threats.
In short: AI is your co-pilot, not your replacement. It makes analysts sharper, not redundant.
Shifting from Hype to Resilience
A modern CISO’s challenge isn’t just managing risks – it’s managing attention. Between vendors pitching “AI-powered everything” and executives asking about generative threats, it’s easy to lose focus.
But cybersecurity isn’t about chasing the loudest topic. It’s about strengthening the quiet fundamentals.
McNamara summed it up well:
“We should be more concerned with the overall attack techniques that are having an impact, not necessarily the tools that are being used.”
Here’s what that mindset looks like in action:
- Reassess edge security. Audit VPNs, cloud endpoints, and IoT assets for exposures.
- Tighten identity management. Rotate credentials regularly and implement adaptive MFA.
- Automate with purpose. Use AI to reduce analyst fatigue, not inflate complexity.
- Train continuously. Keep teams aware of evolving phishing, deepfake, and social engineering tactics.
This isn’t about ignoring AI – it’s about integrating it intelligently while keeping focus on where the real breaches begin.
Humans Still Hold the Line
Despite all the algorithms, sensors, and predictive models, one truth remains: humans make or break security.
Behind every compromised network is often a distracted employee, a misconfigured setting, or an unreviewed alert. Technology may be fast, but awareness and discipline still define resilience.
AI can accelerate response times, but it can’t replace judgment. It doesn’t understand context, ethics, or risk appetite – humans do. That’s why the most successful cybersecurity programs still prioritize people, not just platforms.
Bridging Technology and Human Vigilance: The CISO’s Dual Responsibility
While AI and advanced cybersecurity tools are indispensable, the reality is that technology alone cannot safeguard an organization. As Luke McNamara emphasized, attackers often exploit the human element– misconfigured systems, poor password hygiene, or inadvertent clicks. In other words, even the most sophisticated AI detection system can be circumvented if human vigilance lapses.
According to Gartner, while AI-related breaches are projected to rise, the majority of security incidents today still originate from credential theft and edge infrastructure exploitation– areas where human oversight is critical. This demonstrates the dual responsibility CISOs face: optimizing technological defenses while cultivating a security-conscious workforce.
Practical implementation of this dual focus often involves integrating AI-driven monitoring with human-led decision-making. For example, AI can flag anomalies in network behavior or detect unusual login patterns, but security analysts must interpret these alerts within the context of organizational workflows. An automated alert may indicate suspicious activity, but only a human can evaluate its legitimacy and decide on containment strategies. This hybrid approach ensures both speed and accuracy in response, bridging the gap between machine efficiency and human judgment.
Training and continuous awareness programs are equally essential. Research from McKinsey highlights that organizations with regular, scenario-based cybersecurity training see a 40% reduction in credential-related incidents. By empowering employees to recognize phishing attempts, unsafe downloads, or suspicious communications, CISOs can transform the workforce into a frontline defense layer, complementing AI’s predictive capabilities.
Finally, fostering a security-first culture at the leadership level is paramount. When executives recognize cybersecurity as a business enabler rather than an IT afterthought- as supported by the Gartner finding that 85% of CEOs now view cybersecurity as critical to enterprise growth– it sets the tone for organization-wide accountability. Strategic alignment ensures that investments in AI and automated tools are effectively leveraged, not wasted, and that human vigilance remains central to a resilient cybersecurity posture.
In short, CISOs must balance the allure of cutting-edge technology with the irreplaceable value of human insight. Only by bridging these two domains can organizations defend against both today’s threats and tomorrow’s AI-enhanced attacks.
Conclusion: Focus Where It Matters
The message from Google is clear: AI is transforming cybersecurity, but it’s not the root cause of most attacks.
Yes, prepare for what’s coming – AI-generated threats, deepfakes, and automated malware. But don’t lose sight of what’s already here: credential theft, edge exploitation, and delayed response times.
AI should amplify your defenses, not define them. Because in cybersecurity, the real risk isn’t falling behind technology – it’s losing focus on what actually matters today.
FAQs
1. Is AI being used in real-world cyberattacks today?
Yes, but in limited ways. Most attackers use AI to automate small tasks, not to launch complex, autonomous attacks.
2. What are the top threats CISOs should focus on?
Edge infrastructure vulnerabilities and credential theft are currently the most exploited attack vectors.
3. How can AI help security teams today?
AI improves threat detection, speeds up investigations, and helps correlate data from different sources for faster response.
4. Should organizations invest in AI-powered cybersecurity tools?
Yes, but strategically. Focus on tools that enhance detection and automate response without replacing critical human oversight.
5. What’s the biggest takeaway from Google’s statement?
Stay grounded. AI may shape the future of attacks, but your defenses against current threats matter far more right now.
Don’t let cyber attacks catch you off guard – discover expert analysis and real-world CyberTech strategies at CyberTechnology Insights.
To participate in upcoming interviews, please reach out to our CyberTech Media Room at info@intentamplify.com.
