The AI upheaval is just getting started
Cybersecurity is the canary in the coal mine. Every industry will eventually feel this.
AI is simultaneously creating and solving problems. Cybersecurity is just the start.
In my latest Substack piece on "Rapid AI transitions are the new normal," I look at why rapid AI-driven transitions are becoming the new normal, and why no industry will be spared. Here's the quick-read version.
When AI is both the problem and solution
Earlier this week, a man tinkering with Claude Code to hack his own DJI Romo robot vacuum inadvertently stumbled upon a serious security flaw. The bug gave him control over thousands of other robot vacuums using nothing more than his personal login credentials.
If even a commercial product from a well-known manufacturer could contain such security oversights, what about vibe-coded apps created by non-technical users with little regard for best practices? A study by Escape Research analysed over 5,600 publicly available vibe-coded apps and found over 60% were vulnerable, with 98 highly critical issues identified.
But here's where it gets interesting. Just yesterday, Anthropic unveiled Claude Code Security, a new capability that scans codebases for vulnerabilities and suggests targeted patches. Its internal team has already found over 500 vulnerabilities in production open-source codebases, bugs in mature, well-established products that had gone undetected for decades.
AI is creating new security problems and solving old ones at the same time.
Brace for protracted upheavals
Cyber stocks promptly tumbled after the Anthropic announcement, even though the static application security testing it offers is quite different from endpoint security or threat intelligence. Yet markets rarely parse such distinctions in the heat of the moment, and the sell-off likely reflects a broader anxiety that AI could eventually encroach on any segment of the cybersecurity value chain.
My hypothesis: we can expect years of transitions, even if AI stops getting better today. And there's no sign of it slowing down. If that's true of cybersecurity, it's true of just about every other industry AI touches.
The full piece explores the implications in more depth, including why the dust isn't going to settle anytime soon. Read it here.
