It has become a standard line at industry conferences: AI will change the paradigm of cybersecurity, and defenders must adapt to keep pace with attackers who inevitably will.
While this is certainly true, the magnitude of the shift – one that is changing cybersecurity forever – is only now beginning to be fully understood.
This week, the US Treasury Secretary convened the CEOs of the largest American banks to discuss the implications of Anthropic’s latest model, Mythos.
The reason is telling.
These systems are no longer incremental improvements. They are capable of identifying and exploiting vulnerabilities at a level no human can match.
Mythos has reportedly uncovered thousands of severe vulnerabilities across major operating systems and browsers, including flaws that had remained undetected for decades. This is not just acceleration. It is a structural break.
The key question now is what it takes to survive in this new age. The prevailing framing – that you fight AI with AI – is too simplistic. It underestimates what it truly takes to stay ahead.
The real shift is this: Attackers are becoming AI-native. They no longer need to manually search for vulnerabilities.
They can systematically discover, chain, and exploit them at scale. They can simulate attack paths, adapt in real time, and iterate faster than any human-led security operation ever could.
Defenders, in contrast, still largely operate with fragmented tools, manual processes, and reactive workflows – limited by human resources and capabilities.
A fundamental shift in the approach
What it takes is not merely better tools, more people, or incremental improvements powered by AI. What is needed is a fundamental shift in the approach:
- Fusion of every single signal and every piece of data to not just identify individual vulnerabilities but to map the attack chains that can threaten a whole nation.
- Full autonomy to move from reacting to alert signals to automated responses – moving faster than any AI-enabled attacker can.
- Deeply embedded defenses, based on an intimate understanding of the context, the structure, and the environment of an organization, and continuously learning from its data and behavior.
- Sovereignty without compromise: everything is owned and operated in-house. No data ever leaves the premises. Zero dependence on third parties – not for hardware, not for models, and not for the interface.
This is precisely why we founded DREAM three years ago. It was clear to us that assembling collections of tools and augmenting them with AI would not be sufficient.
What is required is an AI-native system. In a world where AI can autonomously discover and exploit weaknesses, defense must become autonomous as well.
We agree with Jamie Dimon, who highlighted in his annual shareholder letter this week that cybersecurity is one of the biggest risks – not only for the financial sector, but for our economies and societies as a whole – and that addressing it will require significant investment.
But investment alone is not what determines the outcome.
Just as in conventional conflict, battles are no longer won by those with the most tanks or ships. Autonomous, AI-driven systems are what make the difference – in traditional warfare as well as in cyber.
This has been the thesis behind DREAM from the beginning. And as this week’s release of Anthropic’s Mythos model shows, it is more relevant than ever.