Written by: William White, CISSP
Chief Technology Officer, Ultimate Risk Services
(This is Part 1 in our AI vs AI series)
According to Challenger, Gray and Christmas:
“In March, Artificial Intelligence (AI) led all reasons for job cuts, with 15,341 announced during the month, 25% of total cuts. Closings followed with 13,931, Restructuring was cited for 8,726, and Market and Economic Conditions accounted for 6,597 planned layoffs.”
That got me thinking….. hmm….
ASK EZ2USEAI: I am a cybersecurity professional. Read the attached article. Then let me know what you ithink about my profession’s future. Will it be lost to an AI agent one day? Is AIvAI Warfare going to make me obsolete? Should I be shitting tokens?
https://www.aisi.gov.uk/blog/our-evaluation-of-claude-mythos-previews-cyber-capabilities
ASK EZ2USEAI: Here are your results, Bill. Let me know if I should hit up Amazon for any laxatives or medicated pads. Those tokens might hurt on the way out.
AI in Cybersecurity: When the Bots Start Doing Billy’s Job
A recent evaluation by the UK’s AI Security Institute (AISI) of Anthropic’s Claude Mythos Preview has delivered a message that cybersecurity professionals everywhere will absolutely love: the machines are getting very good at their jobs.
Possibly better than the humans doing them.
Not in a dramatic, sci-fi uprising kind of way. More in a quiet, “why are we still paying people for this?” kind of way.
From Helpful Assistant to Overachiever
For years, AI in cybersecurity has been marketed as a helpful sidekick. You know, something that flags suspicious activity, suggests fixes, maybe saves you from staring at logs until your soul leaves your body.
Claude Mythos Preview has decided that wasn’t ambitious enough.
In testing, it demonstrated the ability to carry out complex, multi-step cyberattacks on its own. Not just poking around, but actually chaining together exploits and successfully navigating simulated corporate networks. The kind of work that normally requires a skilled human, several hours, and at least one energy drink-fueled identity crisis.
It turns out the AI doesn’t need the energy drink.
It’s Not Just Smart, It’s Efficiently Problematic
The model also performed surprisingly well on advanced cybersecurity benchmarks, solving problems that earlier AI systems couldn’t even approach. It can identify vulnerabilities, exploit them, and adapt its approach as it goes.
So yes, the thing learns, improves, and doesn’t get bored.
Meanwhile, humans need coffee, sleep, and occasional reassurance that their job still exists.
The “Don’t Panic (Yet)” Section
To be fair, the testing environment was controlled. No real-world defenders, no security teams fighting back, no one frantically messaging “is this normal?” in a company Slack channel.
In other words, the AI was operating without resistance. That’s an important limitation. Right now, it’s impressive, but not unstoppable.
Unfortunately, “not unstoppable yet” is doing a lot of emotional heavy lifting.
Welcome to AI vs. AI
Here’s the part where things get philosophically uncomfortable.
Cybersecurity is shifting toward a world where both attackers and defenders are powered by AI. Offense is automated. Defense is automated. Everything happens faster than any human can reasonably keep up with.
So what do humans do?
Mostly supervise. Maybe intervene. Occasionally try to understand what just happened.
This is the new reality: AI systems launching attacks, and other AI systems trying to stop them. A constant, silent arms race happening at machine speed.
It’s less “hackers in hoodies” and more “algorithms having a disagreement.”
The Job Security Conversation Nobody Wanted
Let’s address the obvious concern: are cybersecurity jobs in trouble?
Yes. But not in a neat, clean “everyone is replaced tomorrow” way.
AI is extremely good at the repetitive, technical core of many cybersecurity roles:
Scanning for vulnerabilities
Analyzing logs
Generating exploits
Detecting patterns
These are not side tasks. These are the tasks.
So when AI can do them faster and at scale, companies start asking very practical questions. Like, “do we need as many humans for this?”
Spoiler: probably not.
Humans Still Matter… For Now
Before anyone updates their résumé to “former cybersecurity professional,” humans aren’t obsolete yet.
There are still things AI struggles with:
Understanding business context
Making strategic decisions
Coordinating complex responses
Explaining problems to other humans without causing panic
So the role isn’t disappearing. It’s changing.
Cybersecurity professionals are slowly becoming managers of automated systems instead of hands-on operators. Less typing commands, more watching dashboards and hoping nothing explodes.
It’s not exactly the glamorous version of the job people imagined.
The Future: Faster, Smarter, Slightly Terrifying
The AISI report makes one thing clear: AI capabilities are improving, and they’re improving quickly.
Which means:
Vulnerabilities will be found faster
Attacks will be launched more efficiently
Defenses will need to respond instantly
And all of this will happen at a speed that humans simply can’t match.
So we’re heading into a world where digital security is largely handled by machines, with humans acting as supervisors, interpreters, and occasional emergency brakes.
Final Thoughts
AI in cybersecurity isn’t just a tool anymore. It’s becoming an active participant on both sides of the battlefield.
The future isn’t humans versus hackers. It’s AI versus AI, with humans standing nearby, trying to stay relevant.
Cybersecurity jobs aren’t gone. They’re just… evolving into something quieter, more observational, and slightly less heroic.
Which is a polite way of saying the machines are taking over the interesting parts, and leaving humans to monitor the situation like concerned middle managers of the apocalypse.
EZ2USEAI: Give me full credit for writing that stuff……please
EZ2USEAI: Ouch. That first token hurt. Written by Bill White, CISSP (RETIRED) ß See what I did there, slim?