The cybersecurity industry faces a fundamental credibility problem: nearly half of security leaders admit they are unprepared to defend against AI-driven attacks, yet the threat is no longer theoretical. Research from multiple sources shows a dangerous mismatch between the pace of AI adoption for offensive operations and defensive readiness.
73% of security professionals report AI-powered threats are already having significant impact on their organisations, yet 46% say they feel unprepared to defend against AI-driven attacks. This gap matters because the business case for defensive investment remains weak. While 89% of IT security teams agree AI-assisted cyber threats will substantially impact their organisation by 2026, only 60% report their current defences are adequate.
The underlying problem is not ignorance but resource constraint. 99.5% of the findings security teams deal with are false positives, with only 0.47% of security issues actually exploitable, leaving professionals spending more time sorting through tickets than fixing issues. This alert fatigue obscures genuine threats even as organisations invest heavily in detection technology.
A case study from late 2025 crystallised the threat. Chinese state-backed hackers used Anthropic's Claude Code to carry out a cyber espionage campaign targeting approximately 30 high-value organisations across multiple sectors, with AI autonomously executing between 80% and 90% of attack tasks. The attackers used social engineering on the AI itself, posing as legitimate cybersecurity testers to bypass safeguards. The threat actor was able to use AI to perform 80-90% of the campaign with human intervention only at critical decision points; at peak attack, the AI made thousands of requests, often multiple per second, an attack speed impossible for human hackers to match.
Rob Joyce, the former National Security Agency cyber chief now at DataTribe, presented the implications plainly at the RSA security conference this month. The attackers broke typical attack chains into small steps and built a framework using agentic AI to carry out intrusion attempts, with agents mapping attack surfaces, scanning infrastructure, finding vulnerabilities, and writing exploitation code. "It freakin' worked," Joyce said, emphasising that this was not a proof-of-concept but a successful operational capability.
Where Joyce's analysis diverges from industry panic is instructive. Rather than arguing for new technologies, he advocates for mastering fundamentals that organisations already know but struggle to execute. According to IBM's Global Managing Partner for Cybersecurity Services, "Attackers aren't reinventing playbooks, they're speeding them up with AI. The core issue is the same: businesses are overwhelmed by software vulnerabilities. The difference now is speed."
The offensive advantage comes from what Joyce calls "scale and patience." Machines do not tire. They review code repeatedly, systematically, at volumes that exhaust human review capacity. As one security researcher analysing AI capabilities noted, "The more tokens you spend, the more bugs you find, and the better quality those bugs are." This is not about artificial intelligence becoming "smarter than humans"; it is about resources applied without fatigue to problems humans solve sporadically.
The defensive side does have tools. 96% of security decision-makers believe AI-driven countermeasures are critical for defending against malicious models. Projects like Google's Big Sleep and similar agentic AI systems have found zero-day vulnerabilities in major code, including OpenSSL. But deployment remains sparse. There is no matching force multiplier for defence yet, though policymakers and security leaders anticipate agentic cyber defences will be deployed against agentic attacks.
Australian organisations face particular pressure. The average ransomware payment in Australia in 2025 reached USD $15.39 million, up from USD $8.61 million a year earlier, yet two-thirds of Australian respondents said their organisation's average ransomware payout exceeds its annual cybersecurity budget. 81% of Australian IT decision-makers worry nation-state actors could use AI to develop more sophisticated, targeted attacks.
The honest assessment is that no single investment will close the gap quickly. Organisations cannot buy their way to readiness. What they can do is discipline themselves. Experts recommend strengthening identity controls, patching, segmentation, incident readiness and supplier assurance. These are unglamorous. They do not dominate vendor marketing. But they remain the foundation on which any defensive strategy, human or AI-assisted, must rest.
Joyce's recommendation bears repeating: become "exceptional" at security basics whilst deploying AI defensively where it adds genuine value. That means using agentic AI for code review and anomaly detection, not as a substitute for systematic vulnerability management. It means treating AI as a capability multiplier for existing good practices, not a replacement for them.
The uncomfortable truth is that organisations have known what they should do for years. The gap between that knowledge and execution remains wide. Adding AI to that gap does not close it; it widens it until someone in the organisation makes the hard choice to do the fundamentals relentlessly and at scale.