Artificial intelligence (AI) is transforming the rules of engagement in cybersecurity. As the technology advances at rapid speed, organisations are facing an increasingly complex digital battlefield – one where defenders and attackers alike are wielding AI as a weapon.
That’s because the tools that enable speed, scale and automation for legitimate business processes are also allowing cybercriminals to launch more sophisticated, efficient and scalable attacks.
The attacker’s edge: AI as a weapon
What once required human labour, for example writing phishing emails, conducting reconnaissance, probing for vulnerabilities, can now be automated and scaled with AI.
“AI allows attackers to become faster and more efficient at doing things that once required people,” explains Dr Carl Windsor, CISO at Fortinet. “Tasks that were mechanical and time-consuming can now be completed autonomously. It’s automated, scalable and cost-effective.”
Organisations are facing an increasingly complex digital battlefield
The impact is already being felt. Deepfake content, realistic phishing campaigns, malicious bots and fraudulent websites can now be generated using online services with minimal effort, dramatically lowering the barrier to entry for cybercrime. In fact, 87% of global organisations faced an AI-powered cyber attack in the past year.
The situation is made more complicated by the emergence of agentic AI, a form of AI that is goal-driven, autonomous and context-aware.
“Agentic AI has reasoning and situational awareness,” says Windsor. “It can take actions based on what’s happening in real time, without human input. That makes it incredibly powerful.”
The dark side: AI as a business risk
But, at the same time, not all AI-related threats come from external attacks. The adoption of AI tools such as third-party large language models (LLMs) and AI cloud-based applications has created new vulnerabilities within organisations themselves. At this year’s RSA Conference, one supply chain risk survey revealed that 45% of organisations using third-party LLMs experienced a security incident tied to that dependency.
“Organisations are being driven to move faster than their security teams can keep up with. The genie is out of the bottle and cannot be put back. The security team now has to deal with this new technology they don’t fully control, an app, an AI model, an AI workload, previously unseen dependencies and a whole new set of security risks,” says Windsor. “If you expand your attack surface so rapidly and are not fully aware of the nuances, this is where incidents can occur.”
In addition, the ‘shadow AI’ effect – the use of unvetted AI tools by employees – may expose organisations to data leakage, model poisoning and compliance failures. Sensitive data may be fed into external models without adequate governance, creating major privacy and security risks.
“This is the difficulty,” says Windsor. “AI brings with it so many benefits, it is hard to stop, but with it comes significant risk to the security of your data should it be used blindly.”
Flipping the script: AI as a cyber defender
Despite these growing risks, Windsor sees an opportunity to use AI more effectively on the defence side of cybersecurity.
This approach is built on Fortinet’s long-standing expertise in both cybersecurity and AI, with FortiAI representing the culmination of years of innovation and insight in defending complex digital environments. FortiAI innovations are embedded across the Fortinet security fabric platform to enhance protection against new and emerging threats, simplify and automate security and network operations and secure use of AI-enabled services and tools.
FortiAI reflects Fortinet’s ongoing commitment to applying AI across its portfolio – helping organisations stay ahead of evolving threats and simplifying how they defend increasingly dynamic digital ecosystems.
“If you look at the AI usage by attackers versus defenders, we have the advantage,” he says. “AI technologies can help us defend not just against AI-based attacks, but against any type of attack. AI gives us better visibility, deeper insights, faster reaction times and smarter automation.”
Businesses must treat AI as a strategic capability
AI can analyse vast amounts of threat data in real time, detect subtle anomalies that would go unnoticed by humans and even respond autonomously to incidents.
Fortinet’s own approach integrates AI across the entire cybersecurity lifecycle, not as a bolt-on feature but as a foundational capability. Rather than isolate AI in individual tools, its FortiAI roadmap embeds intelligence across the entire cybersecurity stack.
“Our AI is part of the Fortinet security fabric platform, where its components are aware of each other. They share data. They make decisions together,” says Windsor. “That’s the real power – not just isolated tools, but an intelligent, coordinated system.”
FortiAI applies AI to the three key pillars of cybersecurity: threat intelligence, security enforcement and security operations. Each pillar has its own AI-driven focus, which together form the backbone of Fortinet’s integrated security fabric.
FortiAI-Protect
FortiAI-Protect enhances detection, protection and prevention capabilities by embedding AI technologies, tools and services into both Fortinet’s threat intelligence and the cybersecurity products and infrastructure enforcing security. The goal is faster, more accurate identification and mitigation of known and unknown threats, whether conventional or AI-driven.
“AI helps us recognise threats in real time, understand them more deeply and react accordingly,” says Windsor. “We can also detect AI-specific risks, like synthetic content or model misuse.”
FortiAI-Protect gives security teams improved insight into the threat landscape and speeds up incident detection and response across Fortinet solutions, on-premise or in the cloud.
FortiAI-Assist
FortiAI-Assist combines AI-driven analytics and automation for security and network operations – critical areas plagued by talent shortages and increasing complexity.
“How do we make the Security Operations Centre (SOC) and Network Operation Center (NOC) more efficient and effective? By using AI to analyse incidents, automate configurations, actively hunt for threats, analyse the network, applications and data and autonomously take actions to protect, mitigate and optimise availability and performance,” says Windsor.
The platform uses generative and agentic AI to provide deep and correlated analysis, suggest and automate network and security configurations and adjust systems dynamically in real time. Fortinet tools can now create and implement network changes in minutes that used to take hours or days.
FortiAI-SecureAI
Finally, FortiAI-SecureAI is Fortinet’s answer to the growing risks posed by enterprises’ use of AI tools. It secures AI models, workloads and their underlying infrastructure – preventing data leakage from LLMs and ensuring data integrity. It addresses issues such as prompt manipulation, shadow AI, data leakage, supply chain risks, data and model poisoning and zero-trust access.
“AI tools used by your employees – internally or externally – become part of your attack surface,” says Windsor. “FortiAI-SecureAI tools and capabilities ensure that this usage is vetted, monitored and protected.”
AI as a force multiplier
The growing role of AI in cybersecurity is inevitable. But Windsor argues that the outcome depends on how organisations harness it.
“Any technology can be used for good or bad,” says Windsor. “And, like any powerful technology, AI can be dangerous if misused. But when smartly used throughout the cybersecurity stack by defenders, it’s a force multiplier.”
Ultimately, as AI accelerates the pace and scale of cyber threats, the stakes for organisations have never been higher. To stay ahead on this fast-evolving battlefield, businesses must treat AI not just as a defensive add-on, but as a strategic capability woven into the very fabric of their cybersecurity approach.
Artificial intelligence (AI) is transforming the rules of engagement in cybersecurity. As the technology advances at rapid speed, organisations are facing an increasingly complex digital battlefield – one where defenders and attackers alike are wielding AI as a weapon.
That’s because the tools that enable speed, scale and automation for legitimate business processes are also allowing cybercriminals to launch more sophisticated, efficient and scalable attacks.
