{"id":11890,"date":"2026-05-08T16:11:05","date_gmt":"2026-05-08T15:11:05","guid":{"rendered":"https:\/\/www.withsecure.com\/resources-hub\/blog\/cybersecurity-has-become-a-timing-problem-heres-what-that-means-for-msps\/"},"modified":"2026-06-05T13:28:43","modified_gmt":"2026-06-05T12:28:43","slug":"three-patterns-every-security-professional-should-recognise-in-the-age-of-ai","status":"publish","type":"post","link":"https:\/\/www.withsecure.com\/fr\/ressources\/blog\/three-patterns-every-security-professional-should-recognise-in-the-age-of-ai\/","title":{"rendered":"Three patterns every security professional should recognise in the age of AI"},"content":{"rendered":"<section\n    class=\"wp-block-one-column-block edwp-block js-wp-block-one-column-block wp-block-one-column-block--content-1 layout--spacing-xxxl-top layout--spacing-xxxl-bottom\"\n    >\n    <div class=\"wp-block-one-column-block__container\">\n                                                                                                                            <div class=\"wp-component-content wp-component-content--default wp-block-one-column-block__content fade-in\">\n            <h1 class=\"wp-component-heading text--h2 wp-component-content__title\">\n    Three patterns every security professional should <span class=\"blue-text\">recognise in the age of AI<\/span><\/h1>                    <div class=\"wp-component-content__inner\">\n                                                    <div class=\"wp-component-content__meta\">\n                                                                            <span class=\"wp-component-content__meta-categories\">\n                                                                    <span class=\"wp-component-content__meta-category\">\n                                        AI                                    <\/span>\n                                                                    <span class=\"wp-component-content__meta-category\">\n                                        MSP                                    <\/span>\n                                                            <\/span>\n                                                                                                    <span class=\"wp-component-content__meta-date\">\n                                08 mai, 2026                            <\/span>\n                                                                    <\/div>\n                                            <\/div>\n                <\/div>                                                                            <div class=\"wp-component-image__wrapper wp-block-one-column-block__image fade-in\">\n                    <figure class=\"wp-component-image__figure\">\n                                            <img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"450\" src=\"https:\/\/www.withsecure.com\/wp-content\/smush-webp\/2026\/06\/WS_S2Y_26_Hero_1920x1080.jpeg.webp\" class=\"wp-component-image\n                            wp-component-image--desktop\n                            wp-component-image--mobile\n                            wp-component-image--ratio-content-25-1 wp-component-image--fit-cover\" alt=\"\" srcset=\"https:\/\/www.withsecure.com\/wp-content\/smush-webp\/2026\/06\/WS_S2Y_26_Hero_1920x1080.jpeg.webp 800w, https:\/\/www.withsecure.com\/wp-content\/smush-webp\/2026\/06\/WS_S2Y_26_Hero_1920x1080-300x169.jpeg.webp 300w, https:\/\/www.withsecure.com\/wp-content\/smush-webp\/2026\/06\/WS_S2Y_26_Hero_1920x1080-768x432.jpeg.webp 768w, https:\/\/www.withsecure.com\/wp-content\/smush-webp\/2026\/06\/WS_S2Y_26_Hero_1920x1080-447x251.jpeg.webp 447w, https:\/\/www.withsecure.com\/wp-content\/smush-webp\/2026\/06\/WS_S2Y_26_Hero_1920x1080-700x394.jpeg.webp 700w, https:\/\/www.withsecure.com\/wp-content\/smush-webp\/2026\/06\/WS_S2Y_26_Hero_1920x1080-260x146.jpeg.webp 260w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/>                                                    <\/figure>\n                    <\/div>\n                                                                                <\/div>\n<\/section>\n\n\n<section\n    class=\"wp-block-one-column-block edwp-block js-wp-block-one-column-block wp-block-one-column-block--content-5 layout--spacing-xl-bottom\"\n    >\n    <div class=\"wp-block-one-column-block__container\">\n                                                                                                                            <div class=\"wp-component-paragraph wp-block-one-column-block__paragraph fade-in\">\n    <p class=\"text--p-medium\">AI adoption is accelerating across every industry. But if history is any guide, the way we&rsquo;re bringing it in looks a lot like mistakes we&rsquo;ve made before \u2013 and cybersecurity professionals have seen this play out more than once.<\/p>\n<p><strong>Key Takeaways:<\/strong><\/p>\n<ul>\n<li>We consistently build for speed to market, then get surprised when technology gets misused<\/li>\n<li>We&rsquo;re good at adopting new technologies but poor at retiring old ones \u2013 and attackers exploit that gap<\/li>\n<li>Every new technology becomes an attack vector. AI is no different<\/li>\n<li>The same AI capabilities available to defenders are available to attackers \u2013 but defenders have a structural advantage<\/li>\n<\/ul>\n<h2 class=\"text--h6\">We&rsquo;ve been here before<\/h2>\n<p>Twenty-plus years in cybersecurity teaches you to spot patterns. And the pattern we&rsquo;re watching play out with AI right now isn&rsquo;t entirely new.<\/p>\n<p>The details change. The underlying dynamic doesn&rsquo;t.<\/p>\n<p>When the Internet of Things arrived, the priority was features and speed to market. Security was an afterthought. Devices shipped with default usernames and passwords. Firmware had no update path. And in 2016, Mirai \u2013 a botnet that exploited exactly those weaknesses \u2013 tore through connected devices worldwide. Nearly a decade on, Mirai variants are still circulating. The vulnerability was never really fixed, because by the time anyone noticed, the devices were already everywhere.<\/p>\n<p>Look at what we&rsquo;re doing with AI models today. The parallels are uncomfortable.<\/p>\n<h2 class=\"text--h6\">Pattern one: Build fast, secure later (and regret it)<\/h2>\n<p>The pressure to ship, to capture market share, to get to customers first \u2013 it consistently overrides the harder questions about how technology will be misused.<\/p>\n<p>This isn&rsquo;t a failure of intelligence or intent. It&rsquo;s a structural problem. The teams building for speed to market often aren&rsquo;t the teams thinking about adversarial use cases. And by the time those use cases materialise, the technology is already embedded.<\/p>\n<p>With AI, we&rsquo;re seeing it happen in real time. Models deployed at scale, agents given broad access, tools integrated into workflows \u2013 often without the security controls that would have been non-negotiable in other contexts.<\/p>\n<p>The good news, if you&rsquo;re looking for it: this pattern also means the security need doesn&rsquo;t go away. It compounds. Ten years from now, we will still be dealing with the security implications of decisions being made today about AI. That&rsquo;s not doom and gloom. For security professionals and the MSPs who serve them, it&rsquo;s a long-term mandate.<\/p>\n<h2 class=\"text--h6\">Pattern two: We adopt new technology. We never retire the old.<\/h2>\n<p>Here&rsquo;s a question worth sitting with: what is the value of email in a world where we have instant messaging, collaboration platforms, and half a dozen other ways to communicate?<\/p>\n<p>The answer, practically speaking, is that we haven&rsquo;t replaced it. Email is older than most of the people using it, and it remains one of the most heavily exploited attack vectors in existence. We piled new technologies on top without removing the old ones. Every layer we add creates new surface. And attackers \u2013 particularly social engineers \u2013 love complexity.<\/p>\n<p>The same dynamic is unfolding now with AI. Productivity tools, AI assistants, agentic systems \u2013 they&rsquo;re being added to environments that still carry the weight of decades of accumulated technology. Each addition is potentially useful. Each addition also widens the attack surface.<\/p>\n<p>The question that will matter in a few years: are AI tools replacing the systems they augment, or are they just another layer? The organisations that think carefully about that now will be easier to defend than the ones that don&rsquo;t.<\/p>\n<h2 class=\"text--h6\">Pattern three: Threats follow technology<\/h2>\n<p>Reduce cybersecurity to its core purpose and you get to this: there are real people, real criminal organisations, and real state actors who want what your customers have. That&rsquo;s why security exists. Not compliance \u2013 compliance is a consequence of the need for security, not the reason for it.<\/p>\n<p>And those threat actors pay close attention to technology shifts. They&rsquo;re not slow to adapt. When a new technology creates access, scale, or opportunity, they move toward it.<\/p>\n<p>AI is no different. The same capabilities that make AI useful for defenders \u2013 speed, pattern recognition, automation, scale \u2013 are equally useful for attackers. This isn&rsquo;t a reason for pessimism. It&rsquo;s a reason for clear-eyed preparation.<\/p>\n<h2 class=\"text--h6\">Who has the advantage?<\/h2>\n<p>It&rsquo;s a fair question, and the answer matters.<\/p>\n<p>Defenders have something attackers don&rsquo;t: they can operate openly. Security teams can register with AI providers, access full capabilities, disclose how they&rsquo;re using the tools, and integrate them directly into detection and response workflows. Threat actors work in the shadows. They&rsquo;re constrained by what they can access covertly.<\/p>\n<p>That&rsquo;s a structural advantage \u2013 and it&rsquo;s one worth building on deliberately. The organisations and MSPs that move now to understand how AI changes their customers&rsquo; threat landscape, and who start integrating AI-powered defences before a crisis forces the issue, will be better positioned than those who wait.<\/p>\n<h2 class=\"text--h6\">What this means in practice<\/h2>\n<p>For MSPs, these three patterns point to a consistent set of considerations when advising customers on AI adoption:<\/p>\n<p><b>Governance before tools.<\/b>\u00a0Before recommending or approving AI tools for customers, understand what data they access, what permissions they carry, and whether appropriate guardrails are in place.<\/p>\n<p><b>Visibility first.<\/b>\u00a0You can&rsquo;t protect what you can&rsquo;t see. Knowing which AI tools are running in a customer&rsquo;s environment \u2013 sanctioned or otherwise \u2013 is the starting point for any coherent AI security posture.<\/p>\n<p><b>Surface area management.<\/b>\u00a0Every new technology layer adds to the attack surface. Help customers think about what they&rsquo;re adding, what it connects to, and what the retirement path looks like if it doesn&rsquo;t work out.<\/p>\n<p>The patterns are familiar. The technology is new. The job \u2013 staying ahead of how threats will exploit it \u2013 hasn&rsquo;t changed.<\/p>\n<p><em>This blog is based on Christine Bejerasco&rsquo;s intro chat at SPHERE2YOU Helsinki in April 2026. Watch the full session at\u00a0<a href=\"https:\/\/youtu.be\/GJRU2Bo8euA\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/youtu.be\/GJRU2Bo8euA<\/a>.<\/em><\/p>\n<\/div>\n                                                                                <\/div>\n<\/section>\n\n\n<section\n    class=\"wp-block-sharing-icons edwp-block wp-block-sharing-icons--content-5 layout--spacing-xxxl-bottom\"\n    >\n    <div class=\"wp-block-sharing-icons__container\">\n        <div class=\"wp-block-sharing-icons__inner\">\n                            <p class=\"wp-block-sharing-icons__title fade-in\">\n                    Share this story                <\/p>\n                        <div class=\"wp-component-socials wp-component-socials--dark-mode\">\n    \n            <a href=\"https:\/\/www.linkedin.com\/shareArticle?mini=true&#038;url=https:\/\/www.withsecure.com\/fr\/ressources\/blog\/three-patterns-every-security-professional-should-recognise-in-the-age-of-ai\/&#038;title=Three%20patterns%20every%20security%20professional%20should%20recognise%20in%20the%20age%20of%20AI\" target=\"_blank\" rel=\"noreferer noopener\" class=\"wp-component-socials__link\" title=\"Partager sur LinkedIn\">\n            <svg class='edwp-icon edwp-icon--xlg js-icon ' aria-hidden='true'>\n                <use xlink:href='#linkedin'><\/use>\n            <\/svg>        <\/a>\n    \n            <a href=\"http:\/\/x.com\/share?text=Three patterns every security professional should recognise in the age of AI&#038;url=https:\/\/www.withsecure.com\/fr\/ressources\/blog\/three-patterns-every-security-professional-should-recognise-in-the-age-of-ai\/\" target=\"_blank\" rel=\"noreferer noopener\" class=\"wp-component-socials__link wp-component-socials__link--twitter\" title=\"Partager sur X (Twitter)\">\n            <svg class='edwp-icon edwp-icon--xlg js-icon ' aria-hidden='true'>\n                <use xlink:href='#x'><\/use>\n            <\/svg>        <\/a>\n    \n    \n    <\/div>\n        <\/div>\n    <\/div>\n<\/section>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":15,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[431,168],"tags":[],"content_type":[],"class_list":["post-11890","post","type-post","status-publish","format-standard","hentry","category-ai","category-msp"],"acf":[],"card":"<div class=\"wp-component-card-insight js-card-link wp-component-card-insight--highlighted\">\n    <div class=\"wp-component-card-insight__image-wrapper\">\n        <img width=\"618\" height=\"440\" src=\"https:\/\/www.withsecure.com\/wp-content\/uploads\/2026\/05\/placeholder.jpg\" class=\"wp-component-card-insight__image\" alt=\"\" decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/www.withsecure.com\/wp-content\/uploads\/2026\/05\/placeholder.jpg 618w, https:\/\/www.withsecure.com\/wp-content\/uploads\/2026\/05\/placeholder-300x214.jpg 300w, https:\/\/www.withsecure.com\/wp-content\/uploads\/2026\/05\/placeholder-447x318.jpg 447w, https:\/\/www.withsecure.com\/wp-content\/uploads\/2026\/05\/placeholder-205x146.jpg 205w\" sizes=\"auto, (max-width: 618px) 100vw, 618px\" \/>                    <p class=\"wp-component-card-insight__content-type\">Blog<\/p>\n            <\/div>\n    <div class=\"wp-component-card-insight__content\">\n                    <div class=\"wp-component-card-insight__meta\">\n                <div class=\"wp-component-card-insight__categories\">\n                                            <span class=\"wp-component-card-insight__category\">AI<\/span>\n                                            <span class=\"wp-component-card-insight__category\">MSP<\/span>\n                                    <\/div>\n            <\/div>\n                            <h3 class=\"wp-component-card-insight__title\">Three patterns every security professional should recognise in the age of AI<\/h3>\n                                                    <div class=\"wp-component-card-insight__button-wrapper\">\n                <a class=\"wp-component-button btn btn--primary btn--dark wp-component-card-insight__button btn--small\" href=\"https:\/\/www.withsecure.com\/fr\/ressources\/blog\/three-patterns-every-security-professional-should-recognise-in-the-age-of-ai\/\">En savoir plus<\/a>            <\/div>\n            <\/div>\n<\/div>","_links":{"self":[{"href":"https:\/\/www.withsecure.com\/fr\/wp-json\/wp\/v2\/posts\/11890","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.withsecure.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.withsecure.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.withsecure.com\/fr\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/www.withsecure.com\/fr\/wp-json\/wp\/v2\/comments?post=11890"}],"version-history":[{"count":2,"href":"https:\/\/www.withsecure.com\/fr\/wp-json\/wp\/v2\/posts\/11890\/revisions"}],"predecessor-version":[{"id":12241,"href":"https:\/\/www.withsecure.com\/fr\/wp-json\/wp\/v2\/posts\/11890\/revisions\/12241"}],"wp:attachment":[{"href":"https:\/\/www.withsecure.com\/fr\/wp-json\/wp\/v2\/media?parent=11890"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.withsecure.com\/fr\/wp-json\/wp\/v2\/categories?post=11890"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.withsecure.com\/fr\/wp-json\/wp\/v2\/tags?post=11890"},{"taxonomy":"content_type","embeddable":true,"href":"https:\/\/www.withsecure.com\/fr\/wp-json\/wp\/v2\/content_type?post=11890"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}