(Editor’s note: This is the 44th installment of a monthly column on the growing number of cyberthreats facing businesses of all sizes and what they can do about them. See previous installments here.)
In my time as a cybersecurity professional and an operational leader, I’ve always believed that security should be an acceleration department. In the Marine Corps, we utilized the OODA Loop – observe, orient, decide, act – with the goal to not just react to a threat, but a way to process information and execute a decision so efficiently that you controlled the tempo of the engagement.
In the business world, we are facing a massive shift in that tempo. With the arrival of "Mythos-class" artificial intelligence capabilities, software development and refinement have moved from a human pace to a machine pace. This isn't a threat to be feared, but it is a new baseline for operational excellence and resilience.
For those who haven’t seen the latest news, Claude Mythos is a frontier AI model that represents a significant change in cybersecurity, capable of autonomously discovering and exploiting vulnerabilities. In order to manage the enormous power of this tool, “Project Glasswing” was established, bringing together industry giants such as Microsoft, Amazon and Google to use Mythos for "finding and fixing" flaws in critical infrastructure before they can be weaponized. The rewards are incredible, offering a path to AI-driven defense that can scan millions of lines of code and patch vulnerabilities at machine speed.
But the risks are just as unbelievable. These same capabilities that enable autonomous “healing” also lower the barrier for sophisticated cyberattacks, creating a lopsidedness, where any delay in human oversight could leave an organization exposed to threats that materialize in minutes instead of months.
We must start challenging the processes of today. For years, businesses have accepted the risk of a "lag time" in cybersecurity. We lived with a window of weeks or months to address vulnerabilities. But these new AI-driven capabilities show us that frontier AI models can now identify and resolve complex code issues in hours. The core challenge for business executives isn’t just "the hackers,” it is business friction. If a business is running at the speed of light, but technology and security governance is moving much slower, we aren't secure. We’re stalled.
To maintain the edge, we must start asking how we can automate the friction and latency out of the processes. We need to evolve technology risk management into a high-speed, automated and “continuous healing” discipline.
For businesses to accomplish this, we must empower the "force multipliers." In today’s model, we spend too much time in the “observe” phase, fighting through thousands of logs and alerts. By integrating AI agents directly into our production pipelines, we accelerate observation. These agents don't just see the data; they help us “orient” by providing context and identifying which vulnerabilities truly pose a risk. This acts as an operational catalyst for our teams, taking the raw noise and turning it into actionable intelligence. This allows our teams to focus on high-level strategic initiatives.
From there, we must streamline our resilience governance. The “decide” phase is usually where business agility dies. If the governance model requires three weeks of meetings to approve a patch or a new defensive tool, the OODA loop is broken. We need to make governance into a speedy, well-oiled machine. By creating an environment that allows for preauthorizing business resilience actions within set boundaries, we allow the teams to make high-stakes decisions at the speed of the threat.
The ability to “act” swiftly is the final hurdle. In many organizations, leadership is hesitant to move fast. A business needs a resilient foundation to execute changes at machine speed. When your environment is built to contain risks, your team gains the confidence to pull the trigger on patches and improvements instantly.
This “AI Great Acceleration” is an opportunity to rebuild processes for a new era. It’s a call to lead with discipline, lean into improvement and innovation, and treat security as a foundational business enabler.
Next month: Deepfake deception and fraud at scale.
Jason Albuquerque is the chief operating officer of Pawtucket-based Envision Technology Advisors LLC. You can reach him at www.envisionsuccess.net.
