• While adversaries can boost the quality and volume of attacks with AI, defenders will apply AI to counter attacks with predictive and proactive defenses.
• The advent of agentic AIs will accelerate this trend and provide more avenues for attack, but defenders will always have the advantage by being able to train AIs with proprietary information and use them to identify vulnerabilities before attackers do.
• The transition to post-quantum cryptography will be an industry-wide heavy lift, with extensive rewriting of code to meet post-quantum standards.

Recently, I had the opportunity to share some of my experience and insights at the Billington CyberSecurity Summit in Washington, D.C. ​ Moderated by Chris Townsend, Global Vice President of Public Sector at Elastic, our panel session, “The Future of Cyber Threat: Anticipating Threat Actors’ Next Steps,” explored how threat actors are evolving and what organizations can do now to prepare. ​Not surprisingly, AI was a hot topic. We also discussed quantum computing, emerging threats, and the cybersecurity staffing shortage.

How attackers will leverage AI

Attackers are already using AI to power their attacks, but it’s important not to over-sensationalize the impact that AI is having because the proportion of AI-driven attacks is still quite small relative to the overall amount of malicious activity we are seeing. However, we expect that proportion to grow quickly.  

One of the main ways attackers are using it now is to create phishing materials, because it addresses what is a weak point for many threat actors, who often aren’t native English speakers. Attacks that are technically sophisticated can fail because they begin with a spear phishing email whose spelling or grammar is wrong. LLMs solve that problem brilliantly because if there’s one thing they’re good at, it’s creating plausible narratives in perfect English.

The other area we see attackers using it is to automate their work. We’ve already documented examples of code that appears to have been written by an AI.

In the short term, AI won’t enable adversaries to do anything new, but we expect it to enhance the quality and volume of their attacks. ​AI is lowering the entry bar for threat actors. They don't even need to know how to code anymore. Naturally, the number of attacks will begin to go up.  

In the medium term, the arrival of Agentic AI is likely to accelerate malicious activity levels, since agents can act autonomously, further minimizing the level of input needed from attackers.

We’ve already done some research on how agents could be abused and proven that they can already be used to carry out a basic spear phishing attack and deliver malicious code to a target. Agents are still in their infancy, and it is only a matter of time before they become capable of carrying out more sophisticated attacks with minimal instruction.

Preparing for the quantum era

The advent of quantum computing presents another significant challenge for cybersecurity. Quantum computers have the potential to break current encryption standards, making it imperative for organizations to transition to post-quantum encryption algorithms. ​

Adversaries are already preparing for this shift. ​The “harvest now, decrypt later” strategy involves stealing encrypted data today with the intention of decrypting it once quantum computing becomes viable. ​ ​

This process of transitioning to post-quantum encryption is not without its challenges. ​Decades of work have gone into refining and protecting the implementation of existing encryption methods, and we now face the task of revising and rewriting code using new, post-quantum standards. This will inevitably introduce a new generation of bugs, but we will have the benefit of AI to mitigate them.

It doesn’t stop here

Conferences such as Billington are essential as we navigate this complex landscape. It embodies the public and private sector collaboration that will be key to realizing better cyber defense outcomes moving forward. ​Together, with partners like Carahsoft delivering mission-critical industry expertise to U.S. federal and public sector agencies, we can anticipate and counter the next generation of cyber threats, ensuring the safety and resilience of our digital ecosystems. ​

Learn more about how industry icons like Symantec and Carbon Black are putting AI on the front lines of cybersecurity.