In the era of artificial intelligence (AI), cybersecurity is no longer just a technical competition but has become a true intellectual game.
According to Ami Luttwak, technology director of Wiz cybersecurity company, AI is opening up both opportunities and risks, both supporting businesses to accelerate development and giving attackers unprecedentedly powerful tools.
Mr. Luttwak said that when businesses rush to integrate AI into processes, from encryption automation, AI agents to internal tools, the scope of attack is expanding rapidly.
"AI helps developers develop code faster, but the speed with shortcuts can easily create vulnerabilities. If you don't require the system to be built in the safest way, AI won't replace you," Mr. Luttwak warned.
Not only the defense is taking advantage of AI, the attackers are also taking the lead. They use prompt injection techniques, even training their own AI agents to explore secrets, delete data, or take control of internal tools.
The case of Drift, a chatbot startup that suffered a breach that leaked Salesforce data of many large corporations, is clear evidence of the risk of third-party supply chain attacks.
Another example is the s1ingularity campaign targeting the build Nx system, where attackers install malware, taking advantage of AI tools such as Claude and Gemini to automatically search for sensitive information. As a result, thousands of token codes and private GitHub access locks were stolen.
Although the rate of businesses deploying new comprehensive AI is about 1%, Wiz has recorded weekly AI-related attacks on a scale of thousands of customers.
AI has penetrated every attack step, and the pace of change is faster than any previous technological revolution. That means the cybersecurity industry must respond faster, Mr. Luttwak emphasized.
To cope, Wiz has developed specialized security tools for the AI era such as Wiz Code ( helping to detect and minimize vulnerabilities right from the development stage) or Wiz Defend (monitoring and responding to threats in the cloud environment).
Along with that, the company calls on businesses, especially AI startups, to consider security as a priority from the very beginning.
Even with only five employees, you still need a CISO, said Mr. Luttwak, emphasizing the importance of designing a secure data architecture, controlling access and complying with security standards such as SOC2 early to avoid future security debts.
According to Luttwak, the current time is a golden opportunity for cybersecurity startups. Because if each security sector is experiencing new forms of attack, it is also an opportunity to reshape the way of defending.
