Security leadership is more anxious than it has been in years. Not because organisations are less protected, apparently budgets are up, tooling is more sophisticated, and threat intelligence has never been more accessible. Unsurprisingly this anxiety is being driven by the speed of change caused by artificial intelligence. And it is arriving from two directions at once.
On one side, adversaries are weaponising AI at speed. According to CrowdStrike’s 2026 Global Threat Report, AI-enabled adversaries increased their operations by 89% year-on-year in 2025. Average eCrime breakout time, the interval between initial access and lateral movement, has collapsed to just 29 minutes, down from 48 minutes in 2024 and 98 minutes in 2021. In one documented intrusion, data exfiltration began within four minutes of initial access. The fastest observed breakout occurred in 27 seconds. Adversaries are not merely using AI to craft more convincing phishing campaigns; they are attacking AI infrastructure directly, injecting malicious prompts into enterprise GenAI tools across more than 90 organisations in 2025 alone.
On the other side, AI has embedded itself into the enterprise estate faster than security teams have been able to govern it. LLM APIs connected to sensitive data, AI-assisted development tools in software pipelines, productivity applications with AI features operating on confidential documents, shadow AI adopted by business units without security sign-off, the attack surface has expanded, and in many organisations it remains poorly inventoried and poorly understood. All this is fuelled by business leaders’ relentless ambitions to innovate and build competitive advantage.
The resulting challenge is creating a genuine paradox.
Security leaders are being asked to secure against supposedly different threats, all the while having a growing attack surface caused by AI usage. But, speak to some of the industry’s most experienced voices and they are arguing that the fundamentals haven’t changed at all. Understanding why is the key to navigating the moment without either panic or complacency.
We Have Been Here Before.
Cast your mind back to 2013. The conversation happening then in security circles sounds eerily familiar. Cloud adoption was accelerating beyond the control of security teams. Shadow IT was exploding. CISOs were being told their perimeter-based models were obsolete, their controls irrelevant, their tooling designed for a world that no longer existed. The refrain was near-universal: this is different, the old rules don’t apply.
Picture a (fictional) CISO, with over two decades in security, remembers the emergence of cloud computing well. Her team told her the same thing at the time. The cloud, they said, had dissolved the perimeter, everything they’d built was now theoretical. She pushed back. She extended identity controls outward, built cloud-specific logging, got ahead of shadow IT by bringing it into scope rather than fighting it. The same principles, applied to different terrain. This experience is not unusual. The pattern is consistent: technology changes the shape of the estate; the security principles that govern it do not change. Visibility, identity, least privilege, detection and response, these held through the cloud transition. They are holding now. What AI has done is add new terrain, not invalidate the map.
In the military, this is understood intuitively. Tactics evolve, from muskets to guided munitions to cyber operations, but the underlying principles of mission clarity, situational awareness, and layered defence remain constant. The ground changes. The doctrine doesn’t.
The Estate Has Changed. The Principles Haven’t.
The practical implication for security leaders is straightforward, even if the execution is not. AI needs to be brought into scope the same way cloud was, through asset inventory, access governance, and detection capability that covers the specific attack patterns relevant to that environment.
The vocabulary is new: prompt injection, model exfiltration, data poisoning, shadow AI. But the discipline behind the response is familiar. Inventory what you have. Understand what it has access to. Apply least privilege. Ensure your detection logic covers the attack surface. Validate through testing. CrowdStrike’s own analysis of AI-driven intrusions reinforces this: AI is accelerating established tactics rather than creating entirely new ones. The countermeasures, therefore, are extensions of existing frameworks, not wholesale replacements.
As with the emergence of Cloud Security Posture Management, AI Security Posture Management is now a formal discipline precisely because the industry recognises this. This is augmented with AI Detection and Response to provide a proactive approach to security. This is not a new philosophy. It is posture management applied to a new class of asset.
A CISO briefing their board today need not rip up existing strategies, the answer to the AI security question is not something build from scratch. It is an extension of the existing approach, an inventory of AI tooling across the business, access controls applied to LLM APIs and data connections, and detection logic extended to cover AI-specific threat vectors. Structured, grounded, and built on methodology teams already knows how to execute.
The Paradox Resolved.
The anxiety is real, and the data justifies it. The threat is evolving at measurable speed. The attack surface is expanding in ways that caught many organisations off-guard.
But the response is not a new discipline arrived at from nowhere. It is the same discipline that navigated the cloud transition, the mobile transition, and every significant shift in the enterprise estate before that. Security leaders who treat AI as a categorically new problem risk overcomplicating their response and losing time to indecision. Those who recognise it as familiar terrain, wearing a new face, requiring updated controls, but governed by the same underlying principles, will move faster and more effectively.
Interested in continuing the conversation?
