AI-driven cyberattacks demand machine-speed defences, says Kiteworks CISO

Tahawul Tech

3 days ago

Frank Balonis, CISO and SVP of Operations at Kiteworks, warns that compliance-led organisations must replace human-dependent security with automated, AI-enabled controls to survive the next wave of autonomous cyber threats.
AI-driven cyberattacks are reshaping the threat landscape with unprecedented speed, scale, and precision. Frank Balonis, CISO and SVP of Operations at Kiteworks, spoke to Sandhya D'Mello, Technology Editor, CPI Media Group about how traditional compliance frameworks and human-dependent controls are no match for autonomous adversaries. Organisations must now adopt machine-speed defences, real-time data visibility, and automated enforcement to withstand AI-enabled threats. With regulatory demands increasing and the financial impact of breaches soaring, the path forward demands unified architectures, zero-trust strategies, and AI-powered anomaly detection to ensure both security and compliance.
Interview Excerpts:
The recent research demonstrates AI's ability to autonomously execute complex network attacks with alarming precision and scale. How do you see this redefining the cybersecurity threat landscape for compliance-driven organisations?
The convergence of autonomous AI attack capabilities and organisational vulnerability creates an unprecedented compliance crisis. Carnegie Mellon and Anthropic research proves AI can autonomously breach networks with 100% success rates, while 83% of organisations lack basic controls against AI data exposure. This redefines the threat landscape fundamentally. Attacks now operate at machine speed 24/7, systematically exploiting hundreds of vectors simultaneously while, per IBM, shadow AI incidents cost $670,000 more than standard breaches. With 59 new AI regulations in 2024 and fines exceeding $100,000 becoming common, compliance-driven organisations face a stark reality: deploying AI-enabled security isn't optional anymore. For healthcare, financial services, and any entity handling sensitive data, machine-speed defenses have become the minimum viable protection against adversaries that never sleep, never forget, and scale infinitely across attack surfaces.
What makes traditional data loss prevention (DLP) and regulatory compliance frameworks ineffective against such AI-driven attacks?
Traditional DLP and compliance frameworks fail against AI-driven attacks because they were designed for predictable, human-speed threats within controlled environments. The research reveals fundamental mismatches. DLP relies on signature-based detection, but AI attackers generate novel attack vectors in real-time that never existed before, rendering pattern databases obsolete. While security teams investigate alert #1, AI has already executed attacks #2 through #50 at machine speed. Most critically, compliance frameworks like GDPR and HIPAA require tracking all data processing activities. Yet, 86% of organisations are blind to their AI data flows. With employees routinely sharing sensitive data through 1,200+ shadow AI applications. The fragmentation compounds failure: organisations average 15,000 ghost users and 176,000 inactive identities that AI can exploit, while disconnected security tools create visibility gaps.
Traditional controls – training (40% adoption), policies (10%), and warnings (20%) – provide zero protection against autonomous systems that methodically catalog every vulnerability and execute multistage attacks with surgical precision.
From a compliance standpoint, what immediate controls or policies must be re-evaluated or re-implemented in light of this development?
From a compliance standpoint, organisations must immediately shift from human-dependent controls to automated technical enforcement. The research proves only 17% of organizations with automated blocking survive AI attacks. Training, policies, and warnings provide zero protection.
Critical re-evaluations are required in regard to:
Access Controls: Deploy automated AI-specific blocking, as 97% of breached firms lacked proper controls.
Audit Trails: Establish forensic-quality tracking for GDPR/HIPAA compliance, since 60% can't respond to data requests.
Real-time Classification: Only 10% have properly labeled files required for compliance.
Unified Governance: Consolidate fragmented tools into command centers, tracking data lineage through AI processing.
The mandate is clear. Compliance requires machine-speed technical controls, not human measures that fail universally.
What architectural shifts should organisations consider to secure sensitive content when attackers operate at machine speed and scale?
Organisations must architect for machine-speed defense through four fundamental shifts. Unified Command Centers should be used to consolidate fragmented security tools into platforms providing total visibility, as AI exploits blind spots between disconnected systems. Automated Technical Controls should be used to deploy blocking and scanning at machine speed, since only 17% with these controls survive AI attacks while human-dependent measures fail universally. Zero-Trust Data Architecture implements controls that verify every access in real-time, as AI systematically exploits trust relationships and 15,000 ghost users in typical enterprises. AI-vs-AI Defense Layers includes AI-powered anomaly detection that learns organisational patterns and responds in milliseconds, not hours, matching attacker capabilities.
The architectural imperative here is to shift from perimeter-based human-speed security to data-centric machine-speed protection that follows sensitive information wherever it flows. With forensic-quality audit trails satisfying regulatory requirements while defending against adversaries that operate 24/7 at inhuman precision.
Given the scale and memory capabilities of AI-driven attacks, what practical steps would you recommend to CISOs and compliance heads to strengthen their defence posture and ensure regulatory readiness?
CISOs and compliance heads need three critical defenses against AI's perfect memory and infinite scale.
Immediate (0-30 days): Deploy automated blocking and anomaly detection, as only 17% with these controls survive AI attacks. Establish zero-trust verification for every access since AI catalogs all discovered credentials.
Consolidate (30-90 days): Unify fragmented tools into a single platform, eliminating blind spots between 1,200+ shadow applications. Deploy AI-powered defense responding in milliseconds, not hours.
Compliance (90+ days): Implement forensic audit trails for every data movement, automated classification, and real-time reporting. Success metrics: sub-second detection, 100% audit coverage, minutes-to-containment.
The mandate here is to match AI's machine speed and memory with equally capable defenses. Human-dependent measures guarantee failure.'