The New Cyber Arms Race in the Age of AI
Watch the full discussion.
The rapid adoption of AI is expanding cyber risk, giving attackers the ability to operate at far greater scale and sophistication. Unlike human hackers, AI can run autonomous operations that scan massive datasets, identify vulnerabilities in real time, and adapt tactics on the fly to evade detection. This creates the potential for highly coordinated, destructive attacks targeting multiple organizations simultaneously. It also heightens the need for stronger cybersecurity.
On March 3, the Corporations and Society Initiative (CASI) at Stanford Graduate School of Business hosted a conversation with Nicole Perlroth on AI and systemic risks in cybersecurity. Perlroth spent more than a decade as the lead cybersecurity reporter at The New York Times and wrote the bestselling book, This Is How They Tell Me the World Ends. In recent years, Perlroth’s work has expanded beyond journalism to include advising the U.S. government on cyber policy and launching a venture capital firm focused on cybersecurity technologies.
Session moderator, CASI student leader Alexis Opferman (MBA ’26), first asked how Perlroth came to focus on cybersecurity as a journalist. Perlroth explained that her entry into the field was largely accidental. In 2009, while covering venture capital for Forbes, she was recruited by The New York Times for what seemed like an unappealing assignment.
“Frankly, at that time, I thought it was a little boring,” she admitted. “I told myself, if The New York Times thinks they're hiring a cybersecurity expert for this job, it's going to be a disaster.”
The editors ultimately chose her, she said, not for her expertise but because she could translate complex technical issues into accessible stories for a broader audience. She began the job just as the Stuxnet cyber warfare operation against Iran’s nuclear program was uncovered and spent the next decade reporting on growing digital threats.
Much of Perlroth’s early reporting focused on the underground market for “zero-day” vulnerabilities, previously unknown flaws in widely used software that once discovered by bad actors give developers “zero days” to fix. Hackers who find the flaws can quietly use them to break into devices or networks or surreptitiously sell them for large sums on the dark web.
“The time it takes for companies to discover these zero-day vulnerabilities could be years,” she explained. “If someone discovers a really good one, they can sell it to a number of brokers. The highest bidder right now is the Saudis. They'll pay you $10 million if you can discover a really good iOS zero-day exploit.”
What is changing, she said, is the speed and scale at which these vulnerabilities can now be discovered and used. AI tools are starting to identify software weaknesses far faster than humans, dramatically lowering the barrier to sophisticated cyberattacks. At the same time, AI is automating much of the ransomware kill chain, from identifying valuable data inside a network to encrypting files and even negotiating ransom payments through AI-driven chatbots.
“All these things that cybersecurity experts have told us all to do for years, [such as] looking for software vulnerabilities, using multifactor authentication, suddenly, with AI, there's no more room for human error. All of these things can be discovered and exploited at scale.”
The result, Perlroth warned, is a rapidly expanding threat landscape in which capabilities that were once only available to elite intelligence agencies are now accessible to a broader range of actors, raising the risk of ransomware, espionage, and infrastructure attacks.
When asked whether AI is also strengthening cyber defenses, Perlroth said hackers currently have the advantage. AI is already making social engineering attacks more effective, from highly convincing phishing emails to sophisticated deepfake audio and video. These tools allow attackers to impersonate executives, employees, or trusted contacts with alarming realism.
Companies are responding to these risks by developing defensive technologies that can more closely monitor their systems and respond faster to threats.
“There's a lot of work that needs to go into things that are not that exciting, which is third party risk assessment,” she explained. “Are they using multifactor authentication? Are they using strong security protocols? Now there are tools coming to market that have agents that do all of that for you and not just one time a year, but 24 /7. They're continuously scanning your third-party systems and third-party software to tell you if anything's offtrack. So, in that sense, AI is a godsend.”
Opferman asked what founders should do to protect their companies while moving quickly to build new products. Perlroth pointed to rising security risks tied to the rapid adoption of AI-generated code, often called “vibe-coding.” Recent research has raised concerns: one study found code produced by large language models (LLMs) received failing grades for secure coding practices.
The takeaway for founders, she said, is that speed should not come at the expense of security.
“We have to make sure people understand that every time you introduce new code, you're widening an attack surface, and it will come back to bite you,” she warned. “There will be bad guys scanning for your vulnerabilities continuously. And when they find them, they can now exploit them in sub-seconds in some cases.”
Perlroth highlighted tools such as Semgrep, which functions almost like a spell-checker for code, scanning software as it is written and flagging potential security issues. By analyzing the broader context of a project, these tools can identify vulnerabilities and suggest practical fixes without overwhelming developers with endless alerts. She also noted that some AI companies are beginning to integrate security tools directly into their platforms. While no system is perfect, she said, these security tools represent a promising step toward making security a more natural part of the development process rather than an afterthought.
The conversation then turned to a broader discussion on how AI might shape the information people receive and trust online. Despite closely tracking cybersecurity threats, Perlroth said she believes the most immediate and destabilizing threat is disinformation, as AI dramatically reduces the cost and increases the effectiveness of large-scale influence campaigns.
New technologies are being developed to help identify and counter these coordinated narrative attacks online. Companies such as Alethea Group and Blackbird, she explained, specialize in detecting disinformation campaigns, tracing where they originate and helping clients respond in real time by flagging deceptive campaigns or requesting the removal of harmful content.
But Perlroth warned that these defensive tools are largely available only to large corporations and well-funded institutions. That raises difficult questions about what protections exist for anyone else who becomes the target of coordinated disinformation or harassment campaigns.
“I worry about the rest of us. What are we going to use when someone decides they don't like us for whatever reason or we write a book that someone doesn't like? And I think when you start extrapolating on that, you see how these tools become real censorship [with] very powerful silencing capabilities.”
When asked about the debate surrounding AI guardrails and corporate responsibility, Perlroth pointed to the controversy around Anthropic’s stance against using its technology for mass surveillance on Americans and the use of AI in autonomous weapons. The Pentagon recently canceled a $200 million contract with Anthropic, effectively blacklisting the company from doing business with the government by designating it a supply chain risk. Anthropic is now suing the Department of Defense over that designation.
She noted that while companies may take principled positions, government contracts and commercial incentives often drive the industry forward regardless. Perlroth praised Anthropic for publicly drawing lines around certain uses of AI.
“Good for Anthropic for taking a stand on mass surveillance. They were very specific in saying we're not ready to start using autonomous weapons. Good for them for creating this market pressure around security.”
At the same time, she warned about the broader AI ecosystem moving too fast in the quest for market domination.
“The money is winning the day right now with AI. We are building these things at breakneck speed. And I don't see anyone in this administration talking thoughtfully about regulation.”
“I just hope there are some adults in the room who are bringing up how these things could really go off the rails.”
