Every major technology shift changes cybersecurity. I’ve spent much of my career working through major technology transitions, from the rise of the commercial internet to mobile and cloud computing. Each shift created new opportunities for innovation, but it also created new security problems organizations weren’t fully prepared for.AI may resemble previous technology shifts in some ways, but it differs in one important respect: it challenges one of the foundational assumptions modern security programs were built around: predictability.For most of my career, security teams operated in environments where systems behaved deterministically. Applications generally executed the same way every time. Infrastructure changed slowly enough for humans to map dependencies, understand trust boundaries and implement controls around them. Even cloud transformation allowed us to apply familiar security models to new infrastructure.AI changes those assumptions.Agentic systems make decisions dynamically. Large language models generate different outputs based on context. AI systems increasingly interact with external tools, APIs and environments in ways their developers can’t always fully predict ahead of time. When systems stop behaving consistently, the traditional “keep bad things out” approach to cybersecurity starts to break down.Prevention still matters. But prevention alone is structurally insufficient for environments where risk evolves continuously at runtime.Security was built for deterministic systemsWhen I was helping build security programs years ago, much of the focus centered on hardening systems before deployment. Security teams tried to identify vulnerabilities early, reduce exposure and prevent attackers from gaining access in the first place.Even during the early years of cloud adoption, most organizations still approached security primarily through configuration and policy management. We worried about permissions, exposed storage buckets and identity sprawl while cloud security tools focused heavily on identifying misconfigurations and locking down infrastructure.Those controls remain critically important today. But the cloud era also taught us that security failures rarely happen in static diagrams. They happen in live environments, where permissions change, APIs evolve and identities gain unexpected access paths while systems interact in ways architects never fully anticipated.By the time organizations map one state of the environment, it’s already changed. Risk increasingly emerges at runtime, when identities inherit unintended access, APIs change behavior or AI agents interact with systems in ways no architecture diagram captured.In conversations I’ve had with companies, I’ve seen them go from generating hundreds of thousands of lines of code per month to millions. AI-assisted development tools are fundamentally changing software engineering workflows. A Harvard Business School study found that after developers gained access to GitHub Copilot, coding activity increased by 12.4% while time spent on project management tasks dropped by nearly 25% – a shift that can leave less time for the reviews and coordination governance depends on.From a business perspective, acceleration creates leverage, but it also compresses the time security teams have to understand what’s entering production. Attackers are beginning to use AI to reduce the manual effort historically required for reconnaissance, exploit chaining and vulnerability validation at scale.Security by obscurity isn’t a winning strategy. For years, organizations often accepted certain vulnerabilities because exploitation required too much time, expertise or effort from attackers.Vulnerabilities once considered difficult to chain together are becoming easier to operationalize at scale as attackers use AI to automate portions of the process. Security leaders need to recognize that some of the prioritization models organizations built over the last decade may no longer reflect today’s reality.Why prevention alone no longer worksAs AI systems become more autonomous, runtime visibility becomes critical.Many organizations historically treated runtime monitoring as a secondary layer behind prevention, viewing it mainly as a safety net for edge cases.That model breaks down when systems can evolve and interact faster than security teams can realistically validate in real time.If an AI agent can interact with multiple systems, generate new actions independently or adapt its behavior based on changing context, organizations can’t rely exclusively on pre-deployment controls. Security teams need visibility into what these systems are doing while they operate.That includes:What data AI systems can accessHow identities interact with sensitive environmentsWhat actions agents are takingWhether systems are deviating from expected behaviorHow quickly organizations can contain unintended consequencesIn many ways, modern security is shifting from trying to prevent every compromise to limiting how quickly unintended behavior can spread once systems begin acting autonomously.Security leaders should be careful not to overreact to this shift with fear-driven narratives. AI will absolutely create new security challenges, but it also creates opportunities for defenders.Security teams can’t scale using human labor alone anymore. The sheer volume of infrastructure changes, software generation and vulnerability management exceeds what most organizations can handle manually.We’re already seeing organizations experiment with AI-assisted triage, automated investigation workflows and defensive agents that can help security teams move faster and manage growing operational complexity. Security products are beginning to evolve into operational extensions of security teams rather than passive alerting systems.That evolution makes sense. Attackers are using automation and AI to increase speed and scale. Defenders will need to do the same to maintain parity.5 priorities for security leaders in the AI eraThe organizations that adapt best to AI-driven risk won’t necessarily be the ones with the largest security teams or the biggest budgets. More often, they’ll be the ones that adjust fastest as software, infrastructure and attacker behavior evolve more quickly than traditional security operations were built to handle.That shift requires you to think differently about how you manage risk, operations and resilience.1. Rebuild vulnerability management for AI-scale software developmentMany vulnerability management programs were already overwhelmed before AI accelerated software generation and lowered portions of the attacker cost curve. That challenge is becoming exponentially harder.Stop assuming old exploitability models will hold up in an environment where attackers can use AI to accelerate reconnaissance, vulnerability chaining and exploit development.You need to reassess how vulnerabilities are prioritized, validated and remediated because some of the assumptions organizations made over the last decade about attacker limitations may no longer reflect reality.Some organizations are already investing in model harnesses to deploy new AI models more effectively and securely.2. Treat runtime visibility as a primary controlRuntime monitoring can no longer be treated as a secondary capability behind prevention. Every team needs to invest in new forms of tooling to gain this visibility.That said, runtime monitoring is not something security organizations can vibe code into existence. We need to expect our security vendors to build continuous visibility into workloads, identities, APIs and AI system behavior in production environments.Prioritize clearer context around which vulnerabilities are reachable, exposed or being actively leveraged. This becomes increasingly important as AI systems interact with infrastructure and data in less predictable ways.3. Use AI to augment defensive operationsMost organizations can’t hire enough people to keep pace with the operational demands AI introduces.Use automation and AI to reduce investigation time, automate repetitive workflows and improve response speed. Human judgment still matters, but security teams are operating in environments where the volume of alerts, infrastructure changes and software generation exceeds what people can manage manually.AI can help teams focus on higher-order decisions instead of operational noise.4. Focus on resilience and containmentPerfect prevention has never existed, but it becomes even less realistic in highly dynamic AI environments.Think more carefully about blast radius reduction, rapid containment and operational resilience. Your ability to detect unintended behavior quickly and limit downstream impact will matter far more as organizations deploy more autonomous systems.I think many security leaders are still too focused on whether AI systems can fail instead of preparing for how to operate safely when they inevitably do.5. Position security as an enabler of transformationOne of the biggest mistakes security organizations can make right now is to approach AI primarily as something to stop.Boards and CEOs are pushing aggressively toward AI adoption because they view it as strategically necessary. If you position security purely as a blocking function, you risk losing influence during one of the most important technology transitions in decades.Executive teams understand AI transformation can’t succeed without strong security leadership guiding risk decisions in real time.That creates an opportunity to help your business move faster safely while building security programs better equipped for dynamic environments.AI is forcing a new security operating modelThe core challenge AI creates for security teams isn’t simply scale. It’s the erosion of predictability. The pace of change will accelerate as AI systems become more deeply integrated into business operations.To operate effectively in this environment, focus on building security programs that can adapt quickly, contain risk in real time and support innovation without losing visibility or control. Drive this evolution through both hiring and vendor investments, with a stronger focus on AI fluency and operational expertise.Only with prioritized investment in staff and tooling can you achieve stronger runtime awareness, faster response capabilities and operating models that keep pace with continuously changing infrastructure and software environments.This article is published as part of the Foundry Expert Contributor Network.Want to join?