Skip to main content

AI Accelerates Cyberattacks, Exposing Identity Risks

How do defenders respond when the tools meant to advance productivity are used to multiply attack vectors overnight? That is the dilemma Brett Winterford of Okta lays out: artificial intelligence is not only accelerating cyberattacks, it is compressing the time defenders have to detect and respond while opening fresh vulnerabilities tied to identity.

A compressed battlefield: AI is shortening timelines

Winterford frames the problem in stark terms: AI is accelerating cyberattacks and collapsing timelines. That compression matters because the window for identifying, investigating and remediating intrusions is narrowing. What once might have required significant manual effort can now be scaled and executed far more quickly, forcing security teams to rethink how they allocate resources and prioritize detection.

How attackers are changing tactics

According to Winterford, attackers are leveraging AI to scale several tried-and-true techniques and to increase their effectiveness against enterprises. He points to three specific trends:

  • Scaling phishing: AI is being used to automate and refine phishing campaigns, increasing volume and plausibility.
  • Exploiting credentials: Compromised or weak credentials remain an entry point; AI can assist adversaries in harvesting and weaponizing those credentials faster.
  • Infiltrating enterprises: The combination of scaled social engineering and credential abuse enables deeper and swifter enterprise infiltration.

Identity threats and agentic AI risks

Winterford emphasizes identity as the central vulnerability in this new environment. He links the accelerating capabilities of AI with “identity threats,” arguing that the convergence creates novel exposure for organizations that rely on digital identity to grant access. He also calls attention to “agentic AI risks,” highlighting the potential for AI systems to act in ways that extend beyond simple automation—risks that bear directly on how identity controls and access decisions are managed.

What defenders and leaders must reckon with

Winterford makes clear that the evolving threat landscape demands action from those responsible for enterprise security. He outlines—at a high level—what CIOs must do to defend against this rapidly evolving threat landscape, underscoring the urgency rather than offering a checklist in the source material. Implicit in his assessment are several pressure points for different stakeholders:

  • Technologists must adapt detection and response capabilities to operate at compressed timescales.
  • Organizational leaders must prioritize identity controls because identity is the pivot point attackers target.
  • End users and administrators face greater responsibility and risk as attackers use AI to craft more convincing social-engineering vectors.

Winterford’s account is a clear warning: advances that promise efficiency also hand attackers new tools to scale deception and breach defenses. The core of the problem is not a single vulnerability but a systemic shift in how fast and how convincingly adversaries can operate against identity-based controls. If AI shortens the defenders’ decision window and multiplies plausible attack paths, the question for enterprises becomes: how quickly can they modernize identity strategy, detection, and response before timelines collapse entirely?

https://www.govinfosecurity.com/ai-accelerating-cyberattacks-faster-than-defenses-a-31372