By Nadir Izrael, Co-Founder and CTO at Armis
The headlines scream familiar warnings: ‘geopolitical tensions escalate’ and ‘massive AI cyberattacks surge.’ These recurring stories are a stark indicator of the evolving landscape: traditional approaches to cybersecurity are no longer enough. We must move beyond passive defence and actively prepare for this new era of cyberwarfare.
The statistics underscore this urgency. Research from Armis revealed that 88% of UK IT decision-makers expressed concern about the impact of cyberwarfare, a 32% jump from the previous year. This is against a backdrop of an expanding attack surface, with a projected 50 billion connected devices by the end of 2025, alongside growing global instability. Yet, the biggest driver behind this change is inexplicably linked to AI.
The question then becomes: “What can organisations do to prepare?” Fortunately, the key to effective preparation lies in the very tool being used against us.
The cost of falling behind in AI cyberwarfare
The news cycle constantly highlights how AI is rapidly supercharging the capabilities of nation-state attackers, cybercriminal groups and bad actors alike – and with good reason. Nearly three-quarters (70%) of UK IT decision-makers now agree that AI-powered attacks pose a significant threat to their organisation’s security.
Yet, those threats are already slipping through the cracks. Four in five (82%) UK IT leaders admit that offensive techniques regularly bypass their existing security tools. Additionally, as IT and operational technology (OT) environments become more connected, the illusion of isolated ‘air-gapped’ systems offering fool-proof protection is fading fast. AI cyber threats are bypassing traditional barriers as organisations integrate IT and OT systems for efficiency, unintentionally exposing new attack surfaces.
And the attack surface is only becoming more complex. Alongside traditional sources such as networks, endpoints and applications, bad actors are also using AI to power more deceptive techniques, such as voice cloning, deepfakes and synthetic social engineering. And yet, most defences remain reactive.
The concern goes further, as 71% of UK IT leaders are specifically worried about the potential for nation-state actors to use AI to develop more sophisticated and targeted cyberattacks. Advanced persistent threat groups (APTs) aligned with Russia, Iran, North Korea and China are all using large language models (LLMs) and OpenAI’s systems to enhance their operations and erode trust in democratic institutions.
What’s worse, the cost of falling behind is also severe. The average ransomware payout for a UK organisation has surged to £5.6 million, with 1 in 8 companies paying out up to £7.9 million. Yet, these numbers only capture part of the damage. Attacks result in operational shutdowns, data theft, reputational harm and – in nearly half (49%) of cases – the stalling or abandonment of vital digital transformation projects.
That’s why, in this era of AI cyberwarfare, organisations must adapt and fight fire with fire.
Turning the tables in the age of AI
AI may be the weapon of choice for attackers, but it’s also the most powerful tool defenders have at their disposal. When harnessed effectively, AI-driven threat intelligence transforms security from a reactive scramble to a proactive strategy, offering organisations the chance to get ahead of threats rather than chase them.
Predictive AI models can help neutralise threats before they escalate, while AI-powered solutions allow security teams to continuously monitor the entire attack surface – across networks, endpoints, connected devices and OT environments. It excels at processing vast amounts of data and identifying subtle patterns human analysts might miss, flagging early indicators of compromise across both the surface and dark web. Consider the difference it would make to have two months’ notice to act on an issue like Log4j, or to shut down a vulnerability like the Chrome Mojo sandbox bypass before it’s exploited.
But to truly stay ahead, organisations must shift their mindset. In this new AI-driven cyberwarfare landscape, reacting after the fact is no longer an option. Defenders must match the speed and sophistication of attackers, embracing AI not as a bolt-on tool but as the backbone of their security strategy. It’s no longer about fighting smarter, it’s about fighting AI with AI. And when used as a defensive tool, AI becomes even more powerful. Think of it like having a ‘home field’ advantage – defenders know their environment best.
Encouragingly, appetite is growing, with 91% of UK IT leaders saying they wish they had AI tools supporting their security operations. Yet adoption continues to lag. Half (50%) of organisations report lacking the budget and resources to invest in AI-powered security, while 48% admit to a shortfall in the in-house expertise required to deploy and manage these technologies effectively.
The stakes, however, are too high for inaction. Without understanding what resides within an organisation’s entire digital ecosystem, businesses remain exposed to AI-driven threats and the broader risks posed by unmonitored technologies. The key is to gain full situational awareness, map all activity across networks and proactively secure critical assets.
AI may be a growing risk, but when harnessed correctly, it can also be the strongest defence.
Unlocking the power of AI
In a digital environment where geopolitics, cyberwarfare and AI innovation are increasingly intertwined, organisations that fail to evolve will find themselves outpaced, outmanoeuvred and overtaken by AI-driven threats. AI is simply blurring the line between conventional warfare and digital conflict.
The only way to secure the advantage is to embrace proactive, intelligent and adaptive security strategies, fuelled by AI, turning it from a risk into an asset. Passively watching those same alarming headlines and hoping the next attack won’t land closer to home is no longer an option. Security leaders need AI to defeat AI.
The warnings are clear. The question now is whether organisations will continue to watch the headlines or act today.
