Cyberattacks that used to take months now take minutes. And your defenders still can't keep up.

Rob T. Lee, Chief AI Officer of the SANS Institute, and David A. Bray, Chair of the Accelerator at the Stimson Center, explain why AI gives attackers a structural advantage. Attackers don't care if their AI breaks something. Your security team can't take that risk. That asymmetry changes everything.

✅ You'll discover:

✅ Why attackers will always remove the human in the loop faster than defenders can, and the risk calculus that creates

✅ How "death by 1,000 cuts" works: $300 per person times 10,000 targets via SIM farms equals a single ransomware payout

✅ The federated learning approach that lets organizations share threat intelligence without exposing their own data or vulnerabilities

✅ Why hackers are exploiting AI hallucinations by writing real code libraries for packages that models reliably hallucinate

✅ How to identify the right cybersecurity talent: hire for learning velocity and the "fiddling mindset," not static AI credentials

✅ Why boards must stop treating cybersecurity as prevention and start rewarding rapid detection and response

✅ The pre-compute vs. post-compute distinction for AI agent safety that most executives are missing entirely

✅ When autonomous cyber defense will actually be viable (hint: think pilotless planes and robotic surgeons)

⏱️ TIMESTAMPS

0:00 AI has made "death by 1,000 cuts" attacks scalable

0:39 Why the AI security lifecycle matters now

2:27 Military history lessons for cyber defense strategy

5:00 Federated learning: sharing threat intelligence without exposing data

6:48 How incident response must evolve for AI-speed attacks

8:05 The human-in-the-loop dilemma: defenders vs. attackers

11:37 Distraction attacks: coordinated multi-target campaigns

15:37 Autonomous agents as a new attack surface

19:44 Hackers weaponizing AI hallucinations against developers

22:23 Development velocity as the real "swarm" capability

24:20 Perverse incentives: why stopping an attack still counts as failure

27:09 Your personal attack surface grew from 3 devices to 50

31:22 Protecting AI tool chains from becoming prime targets

34:25 Hackathons as the future of cybersecurity hiring

36:53 Patterns of life: instrumenting your enterprise for anomaly detection

38:18 When will we trust AI defenders without human oversight?

41:09 Pre-compute vs. post-compute: where AI agent safety rules must live

46:45 AI trust, hallucinations, and prompt injection as information warfare

51:42 Building security culture: leadership, not blame

🔔 Subscribe so you never miss a conversation with the world's top business and technology leaders.

📩 Get notified about upcoming shows. Sign up for the CXOTalk newsletter: https://newsletter.cxotalk.com

💬 Check the summary and full transcript for episode 910: https://www.cxotalk.com/episode/the-ai-attack-lifecycle-digital-forensics-and-intelligent-threats

🎙️ ABOUT CXOTALK

CXOTalk features unfiltered conversations with C-suite executives from major companies about AI, digital transformation, and business strategy. Hosted by Michael Krigsman.

#CXOTalk #Cybersecurity #AIThreats #AutonomousAgents #CISO #SANS #CyberDefense #IncidentResponse #AIStrategy #EnterpriseSecurity