How can we build intelligent resilience against cyber threats in the age of AI

Artificial intelligence (AI) has evolved beyond its origins as a productivity booster and is now fundamentally reshaping the cybersecurity battlefield.

The number of AI-related cyberattacks is surging across industries, with autonomous AI systems executing attacks with a speed and precision that surpass those of traditional, human-led defences. In 2023, security researchers documented the use of generative AI (GenAI) to craft highly convincing, personalized phishing emails in seconds, targeting thousands of employees simultaneously, leading to a 40% increase in successful phishing incidents.

Such campaigns adapt in real time, exploiting weaknesses faster than legacy security models can respond. Imagine an AI system that continuously scans a corporate network for vulnerabilities and upon detection, automatically deploys customized malware within minutes, outpacing any manual intervention or response.

This level of automation and adaptability illustrates how AI-enabled attacks can operate, emphasizing the urgency for organizations to rethink their defensive strategies.

Resilience, therefore, requires more than incremental improvements; organizations must deploy security strategies that anticipate threats, neutralize risks before they materialize and evolve as quickly as the adversary.

GenAI and agent-based AI have fundamentally reshaped the cyber threat landscape. The World Economic Forum’s Global Cybersecurity Outlook 2026 reported that 87% of surveyed organizations believe the risk associated with AI vulnerabilities has increased.

CrowdStrike’s 2025 State of Ransomware Survey also found that nearly half of organizations now identify AI-automated attack chains as the most significant ransomware threat. In the same survey, 85% of security professionals felt traditional detection approaches were becoming obsolete against AI-enhanced attacks.

Compounding these challenges is the rise of shadow AI – unauthorized employee use of AI tools – dramatically expanding the attack surface. According to a 2025 Gartner report, analysts predict that by the end of the decade, a substantial proportion of security breaches will be directly linked to the misuse of autonomous AI agents.

Together, these developments point to a major shift in cybersecurity strategy and striving for perfect prevention is no longer realistic.

Organizations must accept that disruption is a constant and resilience, defined as the ability to absorb, adapt and quickly recover from incidents, is paramount – realities with significant implications.

Alongside an expanding attack surface, regulatory scrutiny is mounting, with AI governance compliance becoming an audit necessity. Additionally, global geopolitical tensions and complex supply chains amplify organizational vulnerabilities.

However, the same AI technologies that empower attackers offer defenders powerful tools to strengthen their security posture, allowing organizations to transition from reactive defence to predictive, proactive strategies.

To navigate the rapidly evolving cybersecurity landscape, a phased, horizon-based approach breaks down the transformation journey into manageable steps, helping organizations focus efforts and measure success.

Organizations in early AI adoption can benefit by automating compliance checks or leveraging AI-powered identity management solutions in cloud-based platforms.

The first step is securing and modernizing the core infrastructure that supports AI. Security-by-design should be built into every layer of the AI stack, including data, models, applications and identity.

Organizations need to address risks such as shadow AI, protect systems from threats such as prompt injection and data poisoning, and put governance structures in place that align with emerging regulations.

At the same time, legacy platforms should be modernized or replaced with solutions that offer AI-driven analytics, predictive threat modelling and automated remediation.

The Accenture State of Cyber Resilience report found that 77% of organizations lack foundational data and AI security practices, leaving critical models and cloud infrastructure exposed.

One example of successful modernization highlighted in the report involved a multinational oil and gas company that moved its security monitoring tools from on-premise systems to the cloud. This enabled greater data capacity, improved scalability and AI-ready tools that support automation in the security operations centre.

Even smaller organizations can begin this journey by identifying their AI agents and defining their permissions, laying the foundation for future transformation and long-term resilience.

Key priorities at this stage include:

A strong foundation enables organizations to adopt advanced AI capabilities more quickly, helping automate threat detection, reduce false positives and streamline security operations.

For instance, a major agricultural and chemicals company revamped its security operations and identity and access management, achieving faster incident resolution through an AI chat interface, real-time incident response, improved ticket management, and data-driven insights to support better decision-making and ongoing improvement.

However, technology must be paired with structured change management, including training to adapt to new workflows and maximize AI capabilities.

High-impact use cases for enterprise leaders to consider include:

Organizations with smaller budgets can still move forward by clearly defining the boundaries for autonomous AI actions, keeping humans in the loop and ensuring automated actions are logged.

The final horizon redesigns security operations to integrate AI agents as active defenders. These autonomous systems augment human teams, automate repetitive tasks and enable proactive threat management at scale.

For example, a national utilities company has established an AI centre of excellence to accelerate deployment of its agentic AI across finance, operations and security.

Key workflows to consider for agent-first operations include:

This shift moves cybersecurity from reactive proactive anticipation of threats, neutralizing them before they materialize.

Autonomous agents are changing the rules of cybersecurity and inaction carries real risk. Yet these same technologies can strengthen defences if organizations act now.

Regardless of size, organizations can begin with focused investments in foundational AI security tools and workforce training to drive meaningful progress.

Will your organization build the resilience to stay ahead of tomorrow’s threats or let the future outpace it? The time to decide is now.