How AI is Changing Cybersecurity: 4 Key Takeaways from Innovate 2025

There is no denying that the cybersecurity industry is at a pivotal moment, as AI changes the world for both threat actors and defenders. Earlier this year, Abnormal Security hosted Innovate 2025—a virtual conference that brought together some of the most influential minds in technology and cybersecurity. Over the course of the event, key themes emerged that point to a rapidly evolving landscape shaped by AI-driven innovation, malicious use, and operational transformation.

If you missed Innovate 2025, be sure to watch the on-demand version, or read on to discover some of the key takeaways from the event:

AI is no longer a futuristic technology; it’s the present and future of innovation across industries. As Evan Reiser, CEO of Abnormal Security, noted during the opening keynote, AI is fundamentally reshaping how businesses operate. It’s optimizing workflows, reducing costs, and solving problems that were once thought unsolvable. However, adapting to this AI-native era is critical. Organizations that embrace AI will thrive, while those that hesitate risk falling behind.

The transformative power of AI lies in its ability to bridge the gap between manual and fully autonomous processes. In his fireside chat, Arsalan Tavakoli-Shiraji, co-founder of Databricks, emphasized that while we’re in the early stages of leveraging AI as a semi-autonomous tool, the future holds the promise of AI-powered agents delivering superhuman speed, precision, and quality. This shift will impact not just cybersecurity but every facet of business operations.

Unfortunately, AI’s power isn’t limited to defenders—cybercriminals are also exploiting its capabilities. In the closing keynote, Sherrod DeGrippo from Microsoft highlighted how threat actors use AI to scale their operations, craft more convincing phishing emails, and even create fully automated disinformation campaigns. And George Kurtz, CEO of CrowdStrike, further underscored that generative AI is democratizing sophisticated attack techniques, enabling even low-skilled actors to execute complex attacks.

This malicious use of AI presents new challenges for organizations. Threat actors are now leveraging AI to accelerate reconnaissance, improve attack success rates, and obfuscate their tracks. Whether it’s phishing as a service or AI-powered social engineering, the threats are evolving faster than ever, making it imperative for defenders to stay ahead by leveraging AI themselves.

This leads us to the next point. As attackers become more sophisticated, AI-driven defenses are no longer optional—they’re essential. During the CISO panel, two Fortune 500 CISOs explained that traditional tools relying on human-powered detection and response can’t keep pace with modern threats. The sheer volume of data, combined with the speed of AI-powered attacks, requires defenses that operate at machine speed.

George Kurtz noted that AI-native platforms, like those built by CrowdStrike and Abnormal, have been designed from the ground up to leverage AI for real-time detection and response. AI’s ability to analyze vast amounts of data, identify patterns, and autonomously neutralize threats is the only way to defend against the scale and sophistication of today’s attacks. Whether it’s detecting business email compromise or responding to credential theft, AI-driven solutions are proving to be indispensable.

But the operational impact of AI extends beyond defense into the core processes of cybersecurity. AI isn’t just helping defenders react faster; it’s enabling them to proactively identify vulnerabilities and streamline operations. For example, AI is revolutionizing security operations centers by automating the analysis of user-reported phishing emails, reducing false positives, and identifying high-risk anomalies that would’ve otherwise been missed. By augmenting human analysts with AI tools, organizations are addressing the workforce gap and allowing teams to focus on higher-value tasks.

Looking ahead, Ariel Weintraub, CISO of Aon, highlighted the importance of integrating AI across all security platforms, enabling context-sharing between tools for more comprehensive insights. And during the same session, Michael Baker, Global CISO of DXC Technologies, emphasized that 2025 will be the year when agent-based AI truly replaces human speed with machine speed—allowing for faster detection and remediation.

The message from Innovate 2025 is clear: AI is the critical differentiator in the evolving battle between hackers and defenders. It’s transforming how we detect and respond to threats, how we manage operations, and even how we think about the future of security. But to fully harness AI’s potential, organizations must adopt AI-native solutions, foster partnerships across the industry, and invest in building AI-ready teams.

As Sherrod DeGrippo put it, “We’re all fighting the same threat actors.” And those threat actors are using AI. Collaboration, innovation, and the strategic use of AI will tip the scales in favor of defenders. For those who are ready to embrace this new era, the opportunities to stay ahead of attackers and create safer digital environments are boundless.

Want to learn more about how you can use AI-native technologies to keep your organization safe? Request a demo of the Abnormal platform today.