Jen Easterly, former head of CISA, has suggested that the advent of AI technology is set to redefine the cybersecurity landscape. During her address at the AuditBoard user conference in San Diego, she highlighted how the burgeoning spread of data and new devices have widened the potential attack surfaces for adversaries like nation-states and cybercriminal groups. While cyber threats continue to evolve, Easterly insists that the fundamental issue lies with the poor quality of software that’s rampant with vulnerabilities. She emphasizes that rather than having a cybersecurity problem, the technology sector suffers from a ‘software quality problem’. Software vendors, she noted, often prioritize quick-to-market launches over secure development. AI, however, is a double-edged sword in this domain. It empowers attackers to create more covert attacks while simultaneously offering defenders sophisticated tools to identify and rectify software flaws. The balance, Easterly argues, can shift to favor defenders with proper AI integration, making security breaches rare rather than expected. Easterly also voiced the need to downplay the mythologizing of hackers by stripping away dramatic titles like ‘Fancy Bear’ in favor of less intimidating monikers. Equally crucial is the expectation of higher standards from software vendors to address software risks comprehensively. Easterly remains optimistic, believing that securely developed AI could potentially render future cybersecurity threats negligible if developed with secure-by-design principles.