Skip to main content
Cybersecurity

AI Models Exacerbate Cybersecurity Skill Gap

AI Models Exacerbate Cybersecurity Skill Gap

“The rapid pace of frontier AI development means cyber risk assumptions can become outdated in months, not years. We must act before and be prepared to adapt and withstand evolving threats,” the Five Eyes security agencies warned in a joint statement released last week.

Five Eyes: an urgent, familiar checklist

The Five Eyes national security agencies issued a measured warning about rising cyber risks tied to AI models, emphasizing that the harms are not entirely new even if the urgency is. Their advice, the agencies acknowledged, echoes long-standing security recommendations but with a new timeline: defensive assumptions and practices that used to age over years may now be overtaken in months. The agencies explicitly urged using AI to strengthen defense—detecting vulnerabilities earlier, improving software quality, monitoring unusual behavior, and responding faster to incidents to reduce cost and impact.

The widening gap between skill and ability

The core argument is simple and stark: computers and AI have decoupled human skill from human ability. Historically, acquiring technical skill also instilled norms and ethics. The essay contrasts skilled attackers with outsiders who wield tools without understanding them. As prewritten attack tools proliferated in the past, so too did the population of potential attackers; AI amplifies that effect. Today’s models—“not just the frontier models, but most of them”—are described as capable of carrying out cyberattacks autonomously. They perform better with skilled operators, but increasingly can act with minimal prompting, expanding the set of people who can cause damage.

From L0pht testimony to modern script kiddies

That dynamic has precedent. In 1998 seven people from the hacker group L0pht testified before Congress, telling lawmakers they could take down the internet in 30 minutes. The episode illustrates a simple truth the essay stresses: hacking and sabotage once required sustained skill. In contrast, “script kiddies” used tools written by others and lacked understanding; the spread of those tools enlarged the attacker population. The essay argues AI functions as a next-generation vector for that same effect—prewritten, increasingly autonomous capabilities that will circulate widely.

Open-source models, local runtimes, and broken guardrails

The essay warns that corporate guardrails are a temporary barrier. Large AI companies are building restrictions and monitoring, and some proposals include instructing models to report malicious prompts. But those protections do not extend to smaller, cheaper, open-source models that can run locally or to ensembles of models working together. The author asserts these locally run or distributed models will be “passed around from person to person, like script kiddie hacker tools,” and will lack the centralized guardrails that might otherwise block abusive uses. Measures that depend on model-level censorship or reporting are therefore likely to buy only “a few months at best.”

AI’s dual use: defense and attack are the same knowledge

The essay highlights an intractable dual-use problem: the same capabilities that allow an AI to review code, find vulnerabilities, and automatically fix them are the capabilities that enable automated attacks—stealing data, deploying ransomware, or destroying systems. Attempts to excise harmful capabilities from models are likened to trying to teach doctors how to treat poison without teaching them how to poison. The practical outcome, the author warns, is increased volatility: “Super-powered humans with AI assistants will be able to do both wonderful and horrible things.”

What this means for security professionals, policymakers, and the public

  • Security professionals and technologists should accelerate the very measures the Five Eyes recommended: embed AI into defensive tooling to detect vulnerabilities earlier, improve software quality, monitor for unusual behavior, and speed incident response.
  • Policymakers and regulators need to accept a new tempo—risk assumptions can become outdated in months, not years—and consider policies that address distributed, locally run models as well as centralized platforms.
  • End users and the public face a broader exposure as lower barriers to attack expand the population of potential malicious actors; protective measures that rely solely on corporate guardrails will be incomplete.

The lesson is not novel—but the clock has shortened. The Five Eyes counsel that established security practices must be applied faster and at scale, and the essay closes on a pointed reality: given open-source models, local runtimes, and the inevitability that dual-use knowledge cannot be fully segregated, the only viable path is to harness AI for defense while preparing to adapt as threats evolve.

https://www.schneier.com/blog/archives/2026/07/cybersecurity-and-the-gap-between-skill-and-ability.html

Note: this essay was originally published in The Guardian, and is reproduced on Bruce Schneier’s blog.