This year’s AI Appreciation Day shines a light on the rising power of artificial intelligence in every field. Cybersecurity experts come together to discuss what AI has achieved, and the hurdles it still faces.
Cybersecurity experts share their views with Information Security Buzz:
Traditional Access Controls Fall Short
Rom Carmel, Co-founder and CEO at Apono, adds that unlike static on-prem environments, cloud infrastructure is distributed and dynamic, requiring real-time capabilities to manage access securely and efficiently. “As organizations scale and adopt multi-cloud architectures, traditional access controls often fall short, lacking the agility and context awareness needed to keep pace.”
Carmel says AI intelligence plays a critical role in modern access management by enabling just-in-time, least privilege access decisions based on real-time context such as user behavior, access history, and risk signals. “This intelligent automation reduces manual overhead, strengthens compliance, and minimizes the attack surface while supporting operational speed and flexibility.”
He says modern access management demands smarter, more adaptive solutions to keep organizations secure, compliant, and agile in today’s complex digital landscape.
The Pivotal Role APIs Play in AI’s Future
Ivan Novikov, CEO of Wallarm, believes that AI Appreciation Day is an opportunity to celebrate the transformative power of artificial intelligence and the pivotal role APIs play in shaping its future. “APIs are the backbone of AI innovation, enabling seamless integration, data sharing, and collaboration across platforms. They empower businesses to unlock AI’s potential at scale, driving efficiency and creativity like never before. However, with this power comes responsibility.”
Novikov says securing AI systems and the APIs that connect them is one of the greatest challenges we face today. “As we celebrate the advancements AI has brought, we must also commit to building robust, secure frameworks that protect data, ensure ethical use, and foster trust. Together, we can harness AI’s capabilities while safeguarding its integrity for generations to come.”
It’s Here, It’s Necessary
Bryan Cunningham, President of Liberty Defense, says: “Artificial Intelligence (AI) isn’t notional or optional, it’s here, and it’s necessary. A primary reason why our systems are built on AI is not only to maximize detection accuracy and minimize traveler inconvenience, but also because AI enables technology to be future-proofed, constantly upgraded to detect evolving threats without replacing hardware or altering security protocols.
Democracy Must Win the AI Race
More broadly, Cunningham says AI is revolutionizing every part of the human endeavor, from disease-ending medical breakthroughs, to protecting national and personal security. “This includes deterring or, if necessary, winning wars, and improving work while delivering dazzling new entertainment that would have been unimaginable just years ago. We must embrace AI, rather than run from it, in part because our adversaries are rushing toward it with the intent to advance autocratic ambitions, not to enhance human life. Not to put too fine a point on it, but democracy must win the AI race against dictatorship, and we must do so responsibly.”
Cunningham says we must earn and deserve the advantages AI can bring by:
- Developing it with focused and sustained attention to minimize ethical, discriminatory, and societal risks
- Reducing error rates, hallucinations, and the risk of undetectable deepfakes while equipping users to recognize them
- Determining which tasks are appropriate for AI versus human labor and talents
- Building robust security and privacy protections into large language models and other foundational AI technologies.
The development and appropriate use of AI is a race that global democracies cannot abandon and must win, he adds.
Opening Up New Attack Surfaces
Dilip Bachwani, Chief Technology Officer at Qualys, adds: “AI is reshaping enterprise operations and redefining the front lines of cybersecurity. From large language models (LLMs) to generative AI, these technologies are the ultimate force multipliers impacting Risk Operations Centers (ROCs), automating detection, predicting threats, and triaging risks at a scale humans simply can’t match. AI pinpoints anomalies in seconds, speeding up incident response, and transforming reactive security teams into proactive defense engines.”
Bachwani explains that that same tech also opens up new attack surfaces. “From prompt injection and data leakage to model manipulation and hallucinations, AI introduces a fresh class of vulnerabilities. Organizations that harness AI must also secure it across the full lifecycle: from development and deployment to monitoring and governance. That means embedding security by design, enforcing real-time oversight, and setting clear, ethical boundaries for AI behavior.”
On AI Appreciation Day, Bachwani says let’s go beyond the hype. “Let’s celebrate AI’s impact and reckon with its risks, ensuring security and compliance remain top priorities in our race towards innovation.”
Stronger Together
The day is a great reminder of how far technology has come and how much stronger we are when human insight and machine intelligence work together, Comments John DiLullo, CEO at Deepwatch.
“In cybersecurity, that partnership is essential. Threats don’t take breaks, and neither do the teams working to stop them. AI helps by spotting patterns, flagging suspicious activity, and speeding up response times. But it’s the people like analysts, engineers, and threat hunters who bring the experience and judgment needed to make the right call or provide detailed insights on what is important.”
DiLullo says it’s not about choosing between humans or AI. “It’s about combining the best of both. AI handles the scale and speed; humans bring the insight and strategy. Today we’re not just appreciating AI–we’re celebrating the partnership between people and technology that keeps organizations secure every day.”
Empowering SMBs
Nick Heddy, President and Chief Commerce Officer, of Pax8, says: “AI has been transformative for Pax8’s mission to empower small and medium-sized businesses through our partner community leveraging our cloud commerce Marketplace. We’ve integrated AI-powered tools throughout our Marketplace that help managed service providers (MSPs) discover new opportunities, design tailored technology solutions, and engage more effectively with their customers. Our AI-driven technology is redefining how partners manage their business operations, making enterprise-level capabilities accessible to SMBs that previously couldn’t afford them.”
Heddy adds that as we look to the end of 2025 and beyond, AI continues to be central to our vision of democratizing technology access. “Our recent research into ‘The Agentic Inflection Point’ highlights how agentic labor and AI-powered automation are transforming SMB operations, as 54% of midsize enterprises have already deployed AI, and 83% of high-growth SMBs are actively experimenting with it. AI Appreciation Day is a perfect opportunity to recognize how this technology is not just changing how we work, but fundamentally improving how small businesses can compete and thrive in today’s digital economy.”
A Driving Force, Reshaping Work, Connections, and Value
Khadim Batti, Co-Founder & CEO at Whatfix, adds that as we celebrate AI Appreciation Day, it’s clear that AI is no longer just a technology trend. “It is a driving force reshaping how we work, connect, and deliver value.”
Batti says Whatfix sees AI not just as a tool, but as a catalyst for finally making software work for people, not the other way around. “From helping a global humanitarian organizations achieve a six-fold surge in volunteer participation to modernizing complex systems for the U.S. Army, our solutions are built around one principle: putting users first.”
Enterprise software remains too complex, fragmented, and inefficient, Batti adds. “The future of digital adoption is not just about guiding users; it’s about helping them accomplish their goals intelligently and effortlessly. With ScreenSense, our patented AI technology, we are changing that. It understands user context, interprets interfaces in real-time, and delivers intelligent, adaptive guidance without the need for deep integrations.”
This, he adds, represents a shift from static digital adoption to intelligent execution. “By learning user workflows, anticipating the next steps, and automating tasks, we transform software into a system of intelligence and action. The results are tangible: faster onboarding, higher adoption, fewer support tickets, and stronger ROI.
“We are laying the foundation for a new kind of enterprise, one where technology senses, responds and evolves with its users. The future is intelligent, intuitive, automated, and adaptive. As AI continues to evolve, so will our ambition to create experiences where technology disappears into the background and outcomes take the center stage.”
A Timely Opportunity to Consider AI’s Immense Potential
Eric Schwake, Director of Cybersecurity Strategy at Salt Security, believes AI Appreciation Day is timely opportunity to consider AI’s immense potential, particularly the transformative role of Agentic AI. “These autonomous agents are taking on complex tasks, making decisions, and engaging with core systems mainly through APIs, potentially gaining unfettered access to sensitive data.”
However, Schwake says this powerful integration also introduces a significant security blind spot. “It is crucial to maintain full visibility and robust governance over how these AI agents communicate through the API layer, including the use of emerging Model Context Protocols (MCPs). Doing so is essential to fully realize AI’s benefits safely and to prevent risks such as data leaks or fraud.”
AI Isn’t Coming, It’s Here
Alex Quilici, CEO of YouMail says AI isn’t coming, It’s already here. “While most of us see the good, scammers see the opportunity. We’re now dealing with voice cloning that sounds uncannily real, phishing emails and texts tailored using live data, and chatbots that patiently extract personal info as if they were customer support.”
What makes this wave different, says Quilici, is how personal and convincing it has become. “We’ve moved from broad robocalls and generic spam to hyper-targeted fraud that sounds like your boss, your bank, or even your closest friend. AI is turning what used to be clumsy scams into believable, highly customized attacks that can catch anyone off guard.”
He says AI Appreciation Day is a good reminder that the same technology driving business transformation is also transforming fraud. “It’s no longer enough to block obvious spam. Protecting consumers now means anticipating how these tools will be misused next, and building defenses that adapt just as fast. At YouMail, we see this every day, and it’s why we’re focused on staying one step ahead in a world where even the scams sound real.”
An Exciting Couple of Years
Andrew Bolster, Senior Manager, Research and Development at Black Duck, adds: “Wow, what an exciting couple of years for AI in Cybersecurity! As with any new technology, Large Language Models launching on to the scene after the release of ChatGPT set everyone’s minds and tongues and fingers aflame, claiming simultaneously that AI was going to take away everyone’s jobs, but make all the security mistakes, but would also be able to fix them all, but would end the world, but we might all live in a simulation anyway.”
Bolster adds that the real impact that we’ve seen on the “Rise of the Machines” in cybersecurity has been both a little more mundane but also much more transformative long term. “AI now means that our software engineering teams all have ‘co-pilots’ to rubber-duck their ideas and challenges, and ’talk’ with our documentation and ticketing systems, greatly accelerating their interaction with these systems and reducing wasteful context-switching. Large Language Models help us understand customers’ support questions en masse to identify gaps or potential improvements in our documentation and product capabilities. Our management teams use internal MCP-like interfaces to ‘check in’ on their teams and colleagues, and to draft reports based on their activity.”
This, he says, is before we start talking about applications of AI to the actual cybersecurity domain.
“AI did change the world for cybersecurity, as it did for everyone else; it made it easier to bridge the interface between Natural Language and Machines and made it easier for subject matter experts to collate, assess, and act on their data and their context, and above all, to scale expertise in ways that wouldn’t have been possible just a few years ago.”
Trusting AI’s Output
Satish Swargam, Principal Security Consultant at Black Duck, adds that as organizations embrace AI in enhancing their products and services, AI governance is taking shape and evolving into a practice that will be woven into the secure software development lifecycle.
“There is a greater and unforeseen impact to human life as AI is widely adopted. AI is a double-edged sword and will impact our day-to-day activities both positively and negatively. As AI is leveraged in making decisions, whether it is simple like where to shop or critical like clinical decisions that impacts patient safety, it is important to ensure that AI is used ethically, and that it is fair, transparent, accountable, protects privacy, and is secure, safe and reliable.”
Swargam shares some interesting trends on AI:
- 76% to over 97% of developers use AI coding tools (GitHub Survey 2024, DORA Report 2024, Axify).
- 41% of organizations have AI-generated code appearing in weekly production
- 75% of developers use AI for code writing. (Google’s 2024 State of DevOps report.)
- 30-40% of companies actively encourage AI tool adoption, while 29-49% allow it with limited encouragement. (GitHub survey)
- 256 billion lines of code generated by AI as of 2024 (Elite Brains 2025); Google reports over 25% of new code is AI-generated.
- 92% of companies plan to invest more in GenAI over the next 3 years. (according to McKinsey & Company)
- Emerging issues like “code churn” suggest AI-generated code may need more revisions.
- Only 43% of developers fully trust AI output accuracy. (2024 Stack Overflow developer survey)
“To instill trust and confidence in the use of AI, there needs to be a structured governance of AI, such as an AI BOM (Bill of Materials) and a criterion established to score the indeterministic output from AI. The fear of using AI can only be addressed if the output from AI can be trusted. And this trust can be built only with effective governance of AI,” Swargam explains.
“With a fast paced agile development, organizations should be concerned about using AI with regard to IP & licensing risks, data privacy and leakage and a false sense of security and over-reliance. These concerns can be addressed with AI governance and true scale application security.”
The Tip of the Iceberg
AI is one of the biggest opportunities of human potential we’ve seen in our lifetime, says Gokcen Tapkan, director of data research, Black Kite. “And yet we’re just beginning to discover. We should rethink how we work, how we create, and how we solve problems together. The biggest concern is job loss—but we can reframe this challenge by asking better questions. What truly matters for humanity? And how can we shape a future with those values?”
Tapkan adds that AI has made a powerful shift, and like every shift we need time to adapt. “But I believe we will figure out new ways to support each other socially and economically. I choose to believe the real potential is not tools themselves but people with imagination. So there is a window which is wide open– let’s not waste it.”
Evoking Excitement, and Fear
Stuart McClure, CEO, Qwiet AI, says AI is a term that can evoke both excitement and fear, a force that often (over) promises to reshape our world in ways we’re only beginning to grasp. “Today, on AI Appreciation Day, let’s take a moment to recognize the remarkable contributions AI has already made to our lives.”
McClure says AI is quietly powering many of the tools and services we use every day. “From the personalized recommendations on your streaming platform to the intelligent assistants that answer your questions, AI is enhancing our experiences and making our lives just a little bit easier. It’s flying drones, optimizing traffic flow in our cities, accelerating scientific discovery, and even helping doctors diagnose diseases earlier and more accurately.”
However, he says AI’s potential goes far beyond convenience as a powerful tool for solving some of humanity’s harshest challenges. “In healthcare, AI is assisting in drug development, hyper-personalizing medical treatments, and predicting patient outcomes. In environmental science, it’s helping us monitor climate change, predict natural disasters, and develop sustainable solutions. In cybersecurity, AI is playing a crucial role in identifying and mitigating threats, predicting and preventing weaknesses in our digital infrastructure from insanely sophisticated attacks.”
Of course, with any powerful technology, McClure says there are risks that we cannot forget. “We must address the ethical implications of AI, ensuring it’s used responsibly and for the benefit of all. We need to consider issues of bias, transparency, privacy, and job displacement, and work together to create a future where AI empowers, not endangers, humanity.
“So, on this AI Appreciation Day, let’s celebrate the incredible advancements we’ve made and embrace the transformative potential of AI while remaining mindful of its challenges. The future of AI is not predetermined; it’s up to us to shape it into a force for good, a tool that helps us create a more just, equitable, and sustainable world for all,” McClure adds.
The Jury is Still Out
Naomi Buckwalter, AI Security Strategist, Contrast Security, is on the fence about celebrating ‘AI Appreciation Day’ as a security professional. “On one hand, I see the amazing benefits of AI for software development and product creation. On the other hand, the jury is still out if AI-generated code meets the quality and security standards that human-generated code provides.”
She sees a future where software engineers delegate more and more of their work to AI and agents as a way to ship code more quickly, without truly understanding that code, leaving the door open to unchecked security vulnerabilities and an ever-expanding attack surface.
“We as a security industry should be raising alarms with our development teams that the old axiom still holds true, even in the age of AI: Good, Fast, Cheap – pick two. You can never have all three.”
Predictive AI
Andre Piazza, Cybersecurity Research at BforeAI, says on AI Appreciation Day, we recognize the transformative power of technologies evolving away from the public eye and outside the spotlight, such as Generative AI. “There’s a more silent version of AI that delivers peace of mind to businesses and consumers alike: predictive AI.”
Piazza explains that predictive AI analyzes large amounts of data – an unfathomable task for humans – using machine learning algorithms that can forecast future outcomes. “Unlike its Generative AI counterpart, which aims to create novel content in various formats (text, audio, images, or video), it anticipates what will come next based on sophisticated algorithms and past behavior.”
One of its more visible applications is in cybersecurity, where it assists organizations in predicting attacks before they happen, Piazza adds. “Its predictions provide organizations with the ability to make defensive decisions ahead of an incident. Running at high accuracy, this enables defenders to automate how they respond to threats, further enhancing productivity for security teams, often challenged by the amount of incident alerts with a high mix of false alerts. Examples include preventing ransomware attacks that could reach double-digits.”
He says predictive AI excels at predicting malicious behavior on the web, such as attempts to impersonate known brands (like banks, retail stores, social media platforms). “For consumers, this means safer interactions online: phishing websites attempting to extract personal information or credentials can be identified and taken down before any victims are made.”
Developing a predictive AI solution is a recent, and remarkable feat, he says. “It is enabled by technologies like the cloud and the computational power that analyzes large sets of data known as graph databases. It is also a byproduct of human genius, able to devise algorithms that can uniquely identify patterns and correlations that enable the accuracy of this type of AI.”
Meaningful Human Connection
Javvad Malik, Lead Security Awareness Advocate at KnowBe4, adds: “Undoubtedly AI has delivered on many fronts to the point where many of us take it for granted. However, as much as it’s a great innovation, it’s important to recognize AI’s limitations and that it cannot replace meaningful human connection. So while we should celebrate the positive impact of AI, we must remain vigilant around its ethical challenges. While it can operate at great speed and scale, no AI can replicate authentic human relationships or judgement.”
Security When Using AI
Jeremy London, Director Of Engineering, Ai & Threat Analytics at Keeper Security, comments: “While the focus of the European Union’s new voluntary AI Code of Practice is, understandably, on the responsible development of artificial intelligence, it indirectly raises the spectre of another key pillar of responsible adoption – security when using AI.”
London says AI systems are quickly becoming embedded in daily operations for many organizations. “Much of the discussion, recommendations and legislation around compliance to date has focused on how AI models are built to function, rather than how they will be deployed and utilised by end users. Businesses today are not only training AI but operationalising it, deploying Agentic AI across departments to generate reports, automate workflows and access internal or third-party systems. Doing so means granting AI models access to some of the most sensitive data an organisation holds.”
Security leaders face a dual-challange in this scenario, London adds. “There is, unquestionably, a clear productivity gain to be harnessed through AI integration. But that gain brings with it a growing risk surface. Every AI assistant, script or model interface is a potential point of compromise, especially when interacting with credentials or privileged systems.”
He says adopting secure-by-design principles doesn’t end with how AI is developed – it must extend to how AI is integrated, deployed and monitored. “This is a key consideration that organizations must address alongside the EU’s recommended regulatory framework.
“Organizations should strongly consider introducing a Model Context Protocol (MCP) for Agentic AI integration. MCP allows enterprises to connect third-party or in-house AI tools to privileged systems without breaching zero-trust boundaries or compromising zero-knowledge architectures.
“Enabling an AI agent to retrieve or manage credentials without proper governance could inadvertently see them bypass internal access controls or violate compliance standards, London continues. “Fundamentally, AI agents should be treated like any other privileged user or application. That means least-privilege access, human oversight, full audit trails and explicit enablement by administrators. Failure to implement such safeguards could severely undermine the very data protection frameworks organizations have worked so hard to establish over the past decade.”
London says the EU’s initiative to shape AI governance through voluntary codes is a welcome step. “But technical and operational controls must evolve in parallel to ensure that the adoption and operationalising of AI systems is considered, intentional and regulated. Sovereign AI places responsibility back in the hands of organizations, who must define and enforce their own usage policies, access controls and data governance frameworks.”
A Force Multiplier For Human Intelligence
Jamie Akhtar, CEO and Co-founder at CyberSmart, says: “AI, when used thoughtfully, has the potential to be one of the most transformative tools of our generation. For individuals, it can boost productivity, unlock creativity, and simplify everyday tasks. For organizations, it offers smarter ways to analyse data, streamline operations, and improve customer experiences. Whether it’s helping someone draft a CV or enabling a business to serve its community more efficiently, AI is already reshaping how we live and work for the better.”
Akhtar adds a caveat: “For all its promise, AI also comes with serious cyber consequences if implemented without care. Tools like generative AI can be exploited by attackers to craft highly convincing phishing emails, deepfakes, or malicious code which can lower the technical barrier to entry for cybercrime. There’s also the growing threat of “Shadow AI,” where employees use unauthorised AI tools that put company data at risk. Organizations need to ensure AI use is governed by clear policies, properly monitored, and always aligned with good cyber hygiene.”
He says AI is neither inherently good nor bad—it’s how we choose to apply it that matters. “With the right guardrails in place, AI can be a force multiplier for human intelligence. Without them, it risks becoming a vulnerability in itself.”
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.