惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

量子位
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
F
Fortinet All Blogs
博客园 - 聂微东
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Hugging Face - Blog
Hugging Face - Blog
V
Visual Studio Blog
小众软件
小众软件
有赞技术团队
有赞技术团队
雷峰网
雷峰网
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
AWS News Blog
AWS News Blog
C
Cisco Blogs
美团技术团队
T
Threat Research - Cisco Blogs
C
CERT Recently Published Vulnerability Notes
人人都是产品经理
人人都是产品经理
宝玉的分享
宝玉的分享
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
酷 壳 – CoolShell
酷 壳 – CoolShell
Stack Overflow Blog
Stack Overflow Blog
W
WeLiveSecurity
D
DataBreaches.Net
博客园 - 司徒正美
Blog — PlanetScale
Blog — PlanetScale
IT之家
IT之家
云风的 BLOG
云风的 BLOG
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Simon Willison's Weblog
Simon Willison's Weblog
Google DeepMind News
Google DeepMind News
T
The Blog of Author Tim Ferriss
Know Your Adversary
Know Your Adversary
NISL@THU
NISL@THU
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
The Cloudflare Blog
Vercel News
Vercel News
月光博客
月光博客
T
Tailwind CSS Blog
H
Help Net Security
aimingoo的专栏
aimingoo的专栏
P
Proofpoint News Feed
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Spread Privacy
Spread Privacy
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Cisco Talos Blog
Cisco Talos Blog
Microsoft Security Blog
Microsoft Security Blog
V
V2EX
WordPress大学
WordPress大学
Cyberwarzone
Cyberwarzone
Recent Announcements
Recent Announcements

Forbes - Innovation

Why Do Humans Have Fingerprints? Hint: It’s Not What You Think Booking.com Confirms Data Breach, Reservation PIN Codes Changed Why Major News Sites Are Blocking The Internet Archive’s Wayback Machine iPhone Fold Release Date: New Report Details Frustrating Apple News Comet Tracker: How To See Pan-STARRS And Three Planets On Wednesday NYT Mini Crossword Today: Tuesday, April 14 Hints And Answers Today’s NYT Strands Hints, Spangram, Answers: Tuesday, April 14 (It’s A Little Unclear) Today’s Wordle #1760 Hints And Answer For Tuesday, April 14 Most Of The Microplastics In Urban Air Come From Tires Today’s Wordle #1759 Hints And Answer For Monday, April 13 NYT Mini Crossword Today: Monday, April 13 Hints And Answers NYT Pips Today: Hints, Answers And Walkthrough For Monday, April 13 The YC Chief Who Codes 10,000 Lines A Day Has A Simple Secret Samsung Expands One UI 8.5 Beta To More Galaxy Owners Why You Should Stop Using Your iPhone If It’s On This List Chamath Says Firms That Treat AI As A Strategy Hand Rivals Their Edge 3 Unexpected Habits Of Secure Couples, By A Psychologist The First Lamp That Folds Your Clothes Samsung’s Disappointing Price Update For Galaxy Phone Buyers 3 Subtle Signs Someone Is Falling In Love With You, By A Psychologist Do Mantis Shrimp See More Colors Than Humans? A Biologist Explains NYT Connections Answers Explained For Monday, April 13 (#1,037) NYT Connections Hints Today: Monday, April 13 Clues And Answers (#1,037) LEGO Luigi & Mach 8 (72050) Review: 2026’s Best Set Yet? Marc Andreessen Says AI Productivity Will Trigger A Hiring Boom 3D Printing Is The Ultimate Hack To Reduce Household Spending Apple iPhone Fold: Striking Design Revealed In Leaked Photos Apple Smart Glasses: New Leak Reveals A Major Design Twist To Beat Meta Tested: The AI Coming To The Rivian R2 Quordle Hints Today: Monday, April 13 Clues And Answers Companies And H-1B Employees Endure Immigration Waits At Consulates 3 Easy Ways To Turn Anxiety Into Sustained Focus, By A Psychologist Here’s The Most Affordable Humanoid Robot You Can Buy Now UFC 327 Results: 5 Biggest Takeaways From A Wild Night In Miami UFC 327 Results, Bonus Winners, Highlights And Reactions Dana White Announces Huge New Fight For UFC White House Today’s NYT Strands Hints, Spangram, Answers: Sunday, April 12 (Get Ready) Tesla ‘Model 2’ Rises From The Ashes Today’s Wordle #1758 Hints And Answer For Sunday, April 12 NYT Pips Today: Hints, Answers And Walkthrough For Sunday, April 12 Tyson Fury Vs. Arslanbek Mahkmudov Results: Highlights and Reaction NYT Mini Crossword Today: Sunday, April 12 Hints And Answers How Shadow AI Culture Is Destroying Your Business Venture Capital Funds That Market Like Startups Win More Deals Conor Benn Vs. Regis Prograis Results: Highlights and Reaction Samsung’s Disappointing Price Update For Galaxy Phone Buyers Artemis Reached The Moon. The Grid Can Reach The 21st Century A Biologist Explains How Archerfish Shoot Down Prey. Hint: Their Aim Rivals Human Throwing Is It Time For Apple To Forget About The MacBook Air NYT Connections Hints Today: Sunday, April 12 Clues And Answers (#1036) Trump’s 2027 Budget To Reshape U.S. Environmental And Energy Policy CDC Delays Reporting Of COVID-19 Vaccine Benefits—Here’s What To Know Oura Has Designed A Solution To A Big Smart Ring Problem Netflix’s Best New Show Has A Near-Perfect 95% Rotten Tomatoes Score Coachella 2026 Is Being Taken Over By Creator Streams Quordle Hints Today: Sunday, April 12 Clues And Answers This Startup Wants To Use AI To Help Digitize History How To Get The Best Shield In ‘Crimson Desert’ Microsoft Venom Attack Targets C-Suite Executives ‘Maul: Shadow Lord’ Sets Even More Star Wars Rotten Tomatoes Records 3 Ways Happy Couples Argue Differently, By A Psychologist Success For Leapmotor Might Have Negatives For Stellantis New Names Surface As Potential Rogue And Wonder Woman In The MCU And DCU 4 Reasons Artemis Mission Matters Even If You Think It Is Wasteful Fast ‘Crimson Desert’ Patch Adds New Moves, Shield Hiding And One Great Feature Why Do Humans Blush? An Evolutionary Biologist Explains The Signal We Can’t Control Apple iPhone Fold: Striking Design Revealed In Leaked Photos Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update iOS 26.4.1 Release: Crucial iPhone Feature Update Arrives, But No Security Fix Fury vs. Makhmudov Full Card, Ring Walk Times and How to Watch Can’t Stand Liquid Glass? This New Hidden iPhone Setting Is A Game-Changer Test-Driving The 2026 Changan Deepal S05: Italian Style Made In China NSA Warning—Reboot Your Internet Router Now Ways That Human-AI Collaboration Slides People Into ‘AI Brain Fry’ And Cognitive Downturns Stop Using These Networks—Google, NSA And TSA Warn NASA Changes Moon Plan: Landing Now Depends On SpaceX Or Blue Origin Samsung Expands One UI 8.5 Beta To More Galaxy Owners The Evolution Of Programmable Hardware At Xilinx NYT Mini Today: Saturday, April 11 Hints And Answers Today’s NYT Strands Hints, Spangram, Answers: Saturday, April 11 (You’re Putting Me On) Splashdown! NASA’s Artemis II Returns To Earth After Moon Mission Attention Is All You Need. The Human Kind Is Still The One That Counts Today’s Wordle #1757 Hints And Answer For Saturday, April 11 NYT Pips Today: Hints, Answers And Walkthrough For Saturday, April 11 Android Circuit: Galaxy S27 Pro Emerges, Honor 600 Pre-Order Offers, Pixel 11 Display Leaks Apple Loop: iPhone 18 Pro Leak, Urgent iOS Update, MacBook Neo Issues Morgan Stanley Has Mostly Positive Outlook On Tesla Robotaxi, FSD V15 Running Out Of AI Tokens Faster Than Ever? Here’s Why CoreWeave Shares Pop 13% After Anthropic Deal ‘Euphoria’ Season 3’s Rotten Tomatoes Score Crashes, Has Lost Key Player People Don’t Agree On What AI Can Do, But They Don’t Even Use The Same Product ‘Overwhelming’—Google Issues Gemini Update For Gmail Users NYT Connections Hints Today: Saturday, April 11 Clues And Answers (#1035) Quordle Hints Today: Saturday, April 11 Clues And Answers The Costly Dream Of Space-Based AI Infrastructure Can You See The Watcher In This ‘Daredevil: Born Again’ Shot? Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update You Just Watched The Backdoor Pilot For ‘The Pitt: Night Shift’ Are Nicotine Pouches Like Zyn And VELO Safe To Use? A Doctor Answers Human Resources (HR) Is The Key To AI Success Per WalkMe ( SAP)
An Ounce Of Prevention Is Worth $4.88 Million Of Cure
Michael George · 2026-05-27 · via Forbes - Innovation

Michael George is CEO of Syncro, a SaaS company specializing in PSA and RMM software for managed service providers (MSPs) and IT teams.

getty

Forty-four thousand security professionals, 650 exhibitors and a floor full of solutions built to answer the same question: Once an attacker is inside, how do we stop them faster?

That framing—detect and respond, react and remediate—has defined security investment for the better part of a decade. Walking through the RSAC Conference in San Francisco this year, I kept hearing the same acknowledgment underneath the vendor noise: It isn't working well enough.

Additionally, a major AI announcement that landed days after the conference closed put an exclamation point on why the industry's posture needs to change, and urgently.

The Cost Of Responding Has Become Unsustainable

IBM's 2024 Cost of a Data Breach Report put the average breach at $4.88 million, a 10% increase from the prior year and the largest year-over-year jump since the pandemic. Seventy percent of breached organizations reported significant or very significant disruption to their business operations.

The number that deserves more attention is the root cause data. Security Magazine's 2024 analysis found misconfigurations driving 80% of security exposures. IBM's X-Force Threat Intelligence Index found misconfigured cloud services involved in nearly a quarter of all cloud security incidents. These are not sophisticated nation-state intrusions exploiting unknown vulnerabilities. They are failures of environment hygiene, correctable before any attacker arrives.

Incident postmortems keep revealing the same pattern: The organization already owned the tool that would have stopped the breach. The breach happened because the environment carried configuration drift, a policy went unenforced across endpoints or the foundational work fell behind. Reaction was (and is) expensive because prevention was skipped.

AI Is Arming Attackers Faster Than It Is Arming Defenders

The AI conversation at RSAC cut both ways, and the more substantive half was uncomfortable. The most serious discussions were about AI accelerating attack, rather than accelerating defense.

Microsoft's 2024 Digital Defense Report tracked 600 million cyberattacks per day across its customer base. CrowdStrike's 2025 Global Threat Report documented adversary breakout times falling to under 30 minutes, meaning the window between initial access and lateral movement inside a network keeps compressing. Threat actors now have access to the same models and automation capabilities that security teams do.

Then, days after RSAC, Anthropic announced something that put a hard edge on those conversations. They built a model, Claude Mythos Preview, that autonomously discovers and chains zero-day exploits across every major operating system and browser.

The model found thousands of critical vulnerabilities entirely without human steering, including a 27-year-old flaw in OpenBSD and a chained browser exploit spanning four separate vulnerabilities. The capabilities were significant enough that Anthropic declined to release it publicly, making it the first time a leading AI lab has openly said a model is too capable for general deployment. They instead launched a controlled defensive program, Project Glasswing, to use the model to patch critical software before those capabilities proliferate.

Once Weaponized, The Attack Surface Expands Faster Than Defenders Can Respond

The core concern is that once Mythos-class capabilities escape controlled programs and reach malicious actors, the number of AI-initiated attacks will increase exponentially, and the speed and sophistication of those attacks will outpace any reactive defense.

A joint analysis from the Cloud Security Alliance, SANS Institute and OWASP concluded that organizations are already likely to be overwhelmed by threat actors using AI to find and exploit vulnerabilities faster than defenders can patch them. And Anthropic's own documentation notes that Mythos "presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders." Detection and response, by definition, requires something to detect. Against autonomous exploit chains moving at machine speed, that window collapses.

The only viable answer is to not be the easiest target when that wave arrives. That means shift-left: investing in prevention now and hardening identities, endpoints and networks before an attacker finds the drift that makes the difference.

The Market Is Repricing Where Security Value Is Created

Q1 2026 cybersecurity financing hit $3.8 billion across 211 rounds, up 33% year over year. AI Security captured 46% of all capital deployed that quarter. The investment community is not waiting to see what AI-enabled attacks look like at scale. It already has a view, and it is directing capital accordingly.

The shift gaining momentum on the RSAC floor, in the technical sessions and in the conversations that happen off the main floor, is back toward prevention. Left of boom. Environment hardening over incident response. Getting in front of the failure rather than cleaning up after it.

The organizations that do this work now will be in a measurably different risk position than those still running reactive playbooks when Mythos-class capabilities become broadly accessible.

Government And Capital Are Paying Attention At The Same Time

On the policy side, Alexei Bulazel, the NSC's Senior Director for Cyber, delivered a keynote signaling the current administration intends to take a more assertive posture on offensive cyber operations, particularly against nation-state threats from China. That posture moved from conference keynote to active government engagement within days. The Federal Reserve and Treasury briefed major U.S. bank CEOs on the cyber risks the Mythos model represents.

I also attended a Moelis and Company event where former House Majority Leader Eric Cantor spoke about the federal legislative landscape. The convergence of private capital, bipartisan policy interest and enterprise urgency is real. Security is infrastructure now, and the legislative environment is catching up.

What This Means Right Now

The window between RSAC's conversations about AI-accelerated attacks and AI actually delivering autonomous zero-day exploit chains at scale turned out to be days, not years. The organizations that treat that as a distant problem will be in a fundamentally different position than those that treat it as a present one.

RSAC confirmed the direction. Glasswing confirmed the timeline.​


Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?