Folks, cybersecurity might be heading into some strange new territory. IBM is warning that attackers are starting to use powerful AI models to speed up hacking operations. If that sounds a little unsettling, well, it should. The company says these so-called frontier AI models can help criminals discover vulnerabilities, map out attack paths, and potentially automate parts of an intrusion.
In response, IBM is introducing new cybersecurity services that lean heavily on AI to defend against those threats. The idea is pretty straightforward. If attackers are moving at machine speed, defenders probably cannot rely on slow, manual security workflows anymore.
SEE ALSO: IBM and Arm want to run Arm workloads on IBM Z and LinuxONE systems
One piece of the announcement is a new cybersecurity assessment from IBM Consulting designed to help enterprises understand how exposed they might be to AI-driven attacks. Large organizations tend to have sprawling IT environments that are difficult to fully understand or secure. According to IBM, that complexity can give AI systems plenty of room to hunt for weaknesses.
The assessment looks for policy gaps, security weaknesses, and AI-specific risks across an organization’s infrastructure. It also identifies potential exploit paths and provides guidance on how companies might close those holes. In other words, it is meant to show businesses where they might get burned before an attacker figures it out first.
IBM is also rolling out something it calls IBM Autonomous Security. This new service relies on coordinated AI agents that act like digital security workers across an organization’s security tools.
Those AI agents are designed to analyze vulnerabilities, monitor runtime environments, enforce policies, detect suspicious activity, and respond to threats quickly. The system can also feed insights into governance and risk platforms so companies can keep track of their overall security posture.
The pitch from IBM is that security teams cannot keep up with modern threats on their own. As attacks become faster and more automated, security defenses will likely need to operate at a similar pace.
Of course, this also raises an interesting question. If AI-powered attackers become the norm, we could end up with AI systems on both sides of the battlefield. At that point, humans might mostly be supervising while machines do the fighting.
Mark Hughes, Global Managing Partner of Cybersecurity Services at IBM Consulting, explained the thinking behind the effort.
“Frontier models are creating a new category of enterprise threat that is fast moving, systemic and increasingly autonomous,” Hughes said. “Meeting that threat requires a systemic defense. AI powered offense demands AI powered defense. That’s what IBM is delivering.”
Whether that vision actually plays out is anyone’s guess. But one thing seems clear. As AI gets better at finding weaknesses in software and infrastructure, the security industry may be forced to rethink how it protects systems in the first place.
For better or worse, IBM thinks the future of cybersecurity will involve machines defending against machines. And honestly, that might not be as far away as it sounds.
