The numbers stopped being hypothetical a while ago. According to IBM’s 2026 X-Force Threat Intelligence Index, AI-enabled attacks escalated sharply across every vector last year. CrowdStrike’s 2026 Global Threat Report documented an 89% year-over-year surge in attacks from AI-enabled adversaries, with the fastest eCrime breakout time clocking in at 27 seconds. The average was 29 minutes — a 65% speed improvement over 2024.
These are not projections. These are incident retrospectives.
What changed
For years, adversarial AI in cybersecurity meant phishing lures that read better than the ones written by humans. That was the extent of it. What changed in the last twelve months is scope: AI moved from crafting the bait to running the operation.
CrowdStrike documented a 340% increase in AI-assisted intrusion attempts compared to 2024, with adversarial AI tools now responsible for roughly 38% of all credential-harvesting campaigns globally. IBM’s X-Force found that vulnerability exploitation displaced phishing as the leading initial access vector, accounting for 40% of observed incidents — a 44% increase year-over-year, driven largely by AI-enabled vulnerability discovery.
Researchers have documented “AI scout swarms”: multi-agent systems running continuous OSINT campaigns that fuse LLM orchestrators with internet-scale scanners to autonomously map exposed infrastructure. These systems don’t sleep, don’t forget, and don’t lose context between sessions.
The financial sector alone lost $28.6 billion globally in 2025 to AI-enhanced fraud and breaches. Total reported cybercrime losses exceeded $16.6 billion — a 33% increase from 2023.
Agentic AI in real intrusions
The shift from AI-assisted to AI-driven is not theoretical. In September 2025, Anthropic disclosed detection of a cyber-espionage operation where AI agents — autonomous code-execution instances — handled roughly 80-90% of the tactical work in an intrusion campaign targeting approximately 30 entities. Human operators only stepped in at critical decision points.
This is the pattern that should concern every blue team: the attacker provides strategy, the AI provides execution. The human sets the objective, the agent does the reconnaissance, identifies the pivot points, moves laterally, and exfiltrates — at machine speed, around the clock.
The defender’s gap
Here is the asymmetry: attackers adopt AI tools the moment they become available. Defenders adopt them after procurement, compliance review, integration testing, and a six-month pilot. By the time the SOC has a sanctioned AI assistant, the adversary has been running autonomous agents for a year.
87% of organisations reported being targeted by an AI-powered cyberattack in the past year. 94% of security leaders say AI will be the most significant driver of cybersecurity change in 2026. The question is not whether AI matters for defence — it is whether defenders are moving fast enough.
The answer, in most organisations, is no.
Manual triage at scale is already impossible. The volume of alerts, the speed of lateral movement, the sophistication of evasion — none of this is compatible with a human reading logs at human speed. AI on the defensive side is not an upgrade; it is a prerequisite for staying in the fight.
AI vendors are starting to notice
Anthropic’s Cyber Verification Program (CVP) is one example of the shift — a free initiative that adjusts default AI safeguards for security practitioners working on legitimate dual-use tasks.
This kind of development matters because it signals that AI vendors are starting to recognise the asymmetry. The same frontier AI capabilities that adversaries use to accelerate attacks can — and must — be available to defenders. Analysing malware samples, reconstructing attack chains, generating detection rules, automating reconnaissance during authorised assessments — all of these are standard security workflows that benefit enormously from AI assistance.
Closing the gap
The cybersecurity market is projected to reach $50.8 billion by 2026. The investment is there. What is often missing is the willingness to let defenders use the same class of tools that attackers already have.
The alternative — defenders working with one hand tied behind their back while adversaries operate at full AI-augmented speed — is not a viable strategy.
If you work in cybersecurity and you are not yet integrating AI into your defensive workflows, the data says you are already behind.