AI: defender — and weapon

Splunk’s 2026 CISO report, based on a survey of 650 global security leaders, found “nearly all” respondents now say they are responsible for AI governance and risk management. (investor.cisco.com) A separate 2026 CISO risk survey of 235 enterprise security leaders reported that 71% said AI systems have access to core business systems while only 16% said that access is governed effectively. (cybersecurity-insiders.com) Independent threat analyses show AI-assisted social engineering is pervasive: one study measured 82.6% of phishing emails analyzed between Sept. 2024 and Feb. 2025 exhibited some use of AI. (securitytoday.com) ThreatLabz and Mandiant’s M‑Trends trace an attacker shift toward hyper‑personalized campaigns that combine AI-crafted messaging with voice and video deepfakes to bypass traditional controls. (zscaler.com) A high‑profile example: an early‑2024 deepfake video‑call scam that impersonated a CFO led to roughly US$25–25.6 million being wired from an Arup office, an incident documented by the World Economic Forum and reporting in the Financial Times. (weforum.org) Defenders are responding with AI‑specific tooling and playbooks: MITRE’s ATLAS maps 14 AI tactics and 66 techniques for adversarial AI threats, and Google’s GTIG intelligence program is tracking model‑extraction and distillation attacks as concrete offensive vectors. (practical-devsecops.com) Platform and vendor statements now include practical countermeasures—OpenAI published updates on disrupting deceptive uses of its models, Microsoft threat intel published research on how actors operationalize AI, and Cloudflare has documented a Defensive AI framework for network and email protections. (openai.com) Operational shifts are visible across industry: organizations are formalizing LLM red‑teaming and board‑level AI mandates while community resources such as the 2026 LLM Security Guide and red‑teaming primers document concrete tests and mitigations for deployed generative systems. (github.com)