Opfer eines Hackerangriffs?
Sprache auswählen
Demo anfordern
Sprachen
Demo anfordern
Zur Startseite zurück

Partners

PartnerangebotePartner-Erfolgsservices
Zur Startseite zurück

Ressourcen

Ressourcen-Hub Ressourcen
Zurück zu Ressourcen

Ressourcen-Hub

Alle anzeigen
Kontakt
Zurück zu Ressourcen

Ressourcen

ErfolgsgeschichtenWebinareEventsPodcastsPresseBlogW/Labs
Kontakt
Zur Startseite zurück

Über uns

Über WithSecureFührungsteamKontakt & StandorteKarriere bei WithSecureMuseum für Malware-KunstErfolge & ZertifizierungenNachhaltigkeitVergleichen Sie unsProgramm zur Belohnung von Schwachstellenmeldungen
Kontakt
Zur Startseite zurück

Platform

Elements Cloud Elements capabilities
Zurück zu Platform

Elements Cloud

Übersicht ansehen
Zurück zu Platform

Elements capabilities

Exposure ManagementExtended Detection & ResponseCo-Security Services
Zur Startseite zurück

Solutions

Industry Use case
Zurück zu Solutions

Industry

Solution industry page linkSolution industry page linkSolution industry page link
Zurück zu Solutions

Use case

ComplianceSolution use case page linkAI threatsSolution use case page linkSOC transformationSolution use case page link
Zur Startseite zurück

Anmelden

Zur Startseite zurück

Sprachen

Englisch Finnisch Französisch Deutsch Japanisch

Three patterns every security professional should recognise in the age of AI

AI MSP 08 Mai, 2026

AI adoption is accelerating across every industry. But if history is any guide, the way we’re bringing it in looks a lot like mistakes we’ve made before – and cybersecurity professionals have seen this play out more than once.

Key Takeaways:

  • We consistently build for speed to market, then get surprised when technology gets misused
  • We’re good at adopting new technologies but poor at retiring old ones – and attackers exploit that gap
  • Every new technology becomes an attack vector. AI is no different
  • The same AI capabilities available to defenders are available to attackers – but defenders have a structural advantage

We’ve been here before

Twenty-plus years in cybersecurity teaches you to spot patterns. And the pattern we’re watching play out with AI right now isn’t entirely new.

The details change. The underlying dynamic doesn’t.

When the Internet of Things arrived, the priority was features and speed to market. Security was an afterthought. Devices shipped with default usernames and passwords. Firmware had no update path. And in 2016, Mirai – a botnet that exploited exactly those weaknesses – tore through connected devices worldwide. Nearly a decade on, Mirai variants are still circulating. The vulnerability was never really fixed, because by the time anyone noticed, the devices were already everywhere.

Look at what we’re doing with AI models today. The parallels are uncomfortable.

Pattern one: Build fast, secure later (and regret it)

The pressure to ship, to capture market share, to get to customers first – it consistently overrides the harder questions about how technology will be misused.

This isn’t a failure of intelligence or intent. It’s a structural problem. The teams building for speed to market often aren’t the teams thinking about adversarial use cases. And by the time those use cases materialise, the technology is already embedded.

With AI, we’re seeing it happen in real time. Models deployed at scale, agents given broad access, tools integrated into workflows – often without the security controls that would have been non-negotiable in other contexts.

The good news, if you’re looking for it: this pattern also means the security need doesn’t go away. It compounds. Ten years from now, we will still be dealing with the security implications of decisions being made today about AI. That’s not doom and gloom. For security professionals and the MSPs who serve them, it’s a long-term mandate.

Pattern two: We adopt new technology. We never retire the old.

Here’s a question worth sitting with: what is the value of email in a world where we have instant messaging, collaboration platforms, and half a dozen other ways to communicate?

The answer, practically speaking, is that we haven’t replaced it. Email is older than most of the people using it, and it remains one of the most heavily exploited attack vectors in existence. We piled new technologies on top without removing the old ones. Every layer we add creates new surface. And attackers – particularly social engineers – love complexity.

The same dynamic is unfolding now with AI. Productivity tools, AI assistants, agentic systems – they’re being added to environments that still carry the weight of decades of accumulated technology. Each addition is potentially useful. Each addition also widens the attack surface.

The question that will matter in a few years: are AI tools replacing the systems they augment, or are they just another layer? The organisations that think carefully about that now will be easier to defend than the ones that don’t.

Pattern three: Threats follow technology

Reduce cybersecurity to its core purpose and you get to this: there are real people, real criminal organisations, and real state actors who want what your customers have. That’s why security exists. Not compliance – compliance is a consequence of the need for security, not the reason for it.

And those threat actors pay close attention to technology shifts. They’re not slow to adapt. When a new technology creates access, scale, or opportunity, they move toward it.

AI is no different. The same capabilities that make AI useful for defenders – speed, pattern recognition, automation, scale – are equally useful for attackers. This isn’t a reason for pessimism. It’s a reason for clear-eyed preparation.

Who has the advantage?

It’s a fair question, and the answer matters.

Defenders have something attackers don’t: they can operate openly. Security teams can register with AI providers, access full capabilities, disclose how they’re using the tools, and integrate them directly into detection and response workflows. Threat actors work in the shadows. They’re constrained by what they can access covertly.

That’s a structural advantage – and it’s one worth building on deliberately. The organisations and MSPs that move now to understand how AI changes their customers‘ threat landscape, and who start integrating AI-powered defences before a crisis forces the issue, will be better positioned than those who wait.

What this means in practice

For MSPs, these three patterns point to a consistent set of considerations when advising customers on AI adoption:

Governance before tools. Before recommending or approving AI tools for customers, understand what data they access, what permissions they carry, and whether appropriate guardrails are in place.

Visibility first. You can’t protect what you can’t see. Knowing which AI tools are running in a customer’s environment – sanctioned or otherwise – is the starting point for any coherent AI security posture.

Surface area management. Every new technology layer adds to the attack surface. Help customers think about what they’re adding, what it connects to, and what the retirement path looks like if it doesn’t work out.

The patterns are familiar. The technology is new. The job – staying ahead of how threats will exploit it – hasn’t changed.

This blog is based on Christine Bejerasco’s intro chat at SPHERE2YOU Helsinki in April 2026. Watch the full session at https://youtu.be/GJRU2Bo8euA.

Share this story