Among the organizations asserting that AI is accelerating the speed of cyberattacks is Palo Alto Networks Unit 42. In the executive summary of its Global Incident Response Report, it stated that “early observations of AI-assisted attacks show how AI can amplify the scale and speed of intrusions.” C8 Secure CISO Brian Borysewich said in a recent blog that AI-powered threats have moved from zero-day to zero-hour, implying that attack timelines have become compressed.
Security Buzz reported in a recent article how AI is transforming both the offensive and defensive sides of the cybersecurity industry. Now, another recent development has occurred in the race between AI-assisted attackers and the defenses that are out to stop them. CYE, a vendor in the cyber exposure management arena, recently announced a range of new AI-powered features and an AI Security Assessment program to help organizations defend against attacks that are themselves accelerated by AI. CISOs will want to understand this development, as they have come under increasing pressure to respond to AI-assisted techniques used by attackers.
What CYE Announced
CYE was founded in 2012 and offers an exposure management platform called Hyver, along with services related to cybersecurity. It outlined several improvements in its recent press announcement, stating that these are based on both AI and human expertise. One such feature is CYE AI, which lets teams ask natural-language questions to identify remediation plans in response to threats. It claims that this will reduce the time required to mitigate new threats. AI Security Posture Management helps organizations manage their AI-related security posture, "as well as assessing the security posture of internally developed LLMs.”
Another new feature enhances AI governance related to ISO/IEC 42001, which is an international standard related to AI management systems. The Industry Attack Graph feature provides industry-specific insight into possible attack vectors, with the ability to incorporate data specific to an individual organization. This enables an “attack graph” for that specific organization, allowing them to prioritize items for remediation.
Another new feature is a risk analysis dashboard, which “provides speed-to-insight by giving security teams access to deep analysis of exposure, maturity, likelihood of exploitability, and cost of breach trends.”
Why This Matters for CISOs
This acquisition will be of interest to CISOs because traditional security approaches can’t keep up with fast-moving, automated threats. Security professionals need to make data-driven decisions for rapid response to these threats. The CYE model will enhance the ability of teams to do this. Automation will be a force multiplier, reducing the time between detection and remediation for threats that are themselves powered by AI. It enables effective prioritization of items for remediation and accelerates the conversion of insight into action to combat these AI-powered threats.
According to John Watters, CEO and Managing Partner at iCOUNTER, “Traditional cyber intelligence is increasingly becoming marginalized in an AI-enabled adversary threat environment. Today, AI-enabled attackers of all types are rapidly shifting their focus and targeting specific companies, leveraging AI capabilities to dramatically reduce the time and cost of selecting and conducting reconnaissance to profile a target.” He continued, “To effectively defend against AI-driven rapid developments in targeted attacks, organizations need more than mere actionable intelligence—they need AI-powered analysis of attack innovations and insights into their own specific weaknesses that can be exploited by external parties.”
The Hybrid Approach to Threat Response: Human Intelligence and AI
The press announcement states, “CYE fuses AI and human intelligence to deliver live, quantified exposure metrics, reduce time to remediate, and lay the groundwork for AI-driven security posture management.” The hybrid approach allows AI and humans to do what each does best. AI handles identification of threats that are themselves AI-aided, and it does so rapidly and at scale. Human intelligence provides the needed context and strategic knowledge to make sure AI recommendations are put to their best use.
This blended model is becoming a new standard for cybersecurity defense. The combination of AI and human intelligence working in tandem is a theme that has played out repeatedly in a variety of contexts. Over time, the human input required may decline. Randolph Barr, Chief Information Security Officer at Cequence Security, said, “We’re seeing AI rapidly evolve from simple automation to deeply personalized, context-aware assistance—and it’s heading toward an agentic AI future where tasks are orchestrated across domains with minimal human input.”
Conclusion
CYE continues the trend toward proactive AI-powered remediation of cyberthreats. AI’s most valuable contribution to cybersecurity defense may be in accelerating this remediation. As attackers continue to figure out clever ways to automate attack workflows, defenders need tools that don’t just monitor threats—they need help winning the fight. CISOs should stay tuned for other such developments, as this announcement provides a preview of what’s ahead in AI-assisted cybersecurity tools.
