By Nadir Izrael, Co-Founder and CTO, Armis
The threat of cyber warfare against Australia has escalated, driving a significant increase in investment to strengthen national cyber capabilities. The shift reflects the rapidly evolving nature of cyber threats and the growing recognition that conventional cybersecurity strategies are no longer sufficient. As government and business alike face mounting risks, the national response underscores the critical need for a more robust and proactive approach to cyber defence.
Research from Armis revealed that 92% of Australian IT decision-makers expressed concern about the impact of cyber warfare, more so than any other country surveyed. This is against a backdrop of an expanding attack surface, with a projected 50 billion connected devices by the end of 2025, alongside growing global instability. Yet, the biggest driver behind this change is inexplicably linked to AI.
The key to effective preparation lies in the very tool being used against us.
The cost of falling behind in AI cyberwarfare
The news cycle constantly highlights how AI is rapidly supercharging the capabilities of nation-state attackers, cybercriminal groups and bad actors alike – and with good reason. Nearly three-quarters (74%) of Australian IT decision-makers now agree that AI-powered attacks pose a significant threat to their organisation’s security.
Yet, those threats are already slipping through the cracks. Nearly a third (39%) Australian IT leaders admit that offensive techniques regularly bypass their existing security tools. Additionally, as IT and operational technology (OT) environments become more connected, the illusion of isolated ‘air-gapped’ systems offering fool-proof protection is fading fast. AI cyber threats are bypassing traditional barriers as organisations integrate IT and OT systems for efficiency, unintentionally exposing new attack surfaces.
And the attack surface is only becoming more complex. Alongside traditional sources such as networks, endpoints and applications, bad actors are also using AI to power more deceptive techniques, such as voice cloning, deepfakes and synthetic social engineering. And yet, most defences remain reactive.
The concern goes further, as 76% of local IT leaders are specifically worried about the potential for nation-state actors to use AI to develop more sophisticated and targeted cyberattacks. Advanced persistent threat groups (APTs) aligned with Russia, Iran, North Korea and China are all using large language models (LLMs) and OpenAI’s systems to enhance their operations and erode trust in democratic institutions.
What’s worse, the cost of falling behind is also severe. The average ransomware payout for an Australian organisation has surged to AU$13.6 million , with over half (57%) of businesses having made a ransom payment. Yet, these numbers only capture part of the damage. Attacks result in operational shutdowns, data theft, reputational harm and – in 61% of cases – the stalling or abandonment of vital digital transformation projects.
In this era of AI cyberwarfare, organisations must adapt and fight fire with fire.
Turning the tables in the age of AI
AI may be the weapon of choice for attackers, but it’s also the most powerful tool defenders have at their disposal. When harnessed effectively, AI-driven threat intelligence transforms security from a reactive scramble to a proactive strategy, offering organisations the chance to get ahead of threats rather than chase them.
Predictive AI models can help neutralise threats before they escalate, while AI-powered solutions allow security teams to continuously monitor the entire attack surface – across networks, endpoints, connected devices and OT environments. It excels at processing vast amounts of data and identifying subtle patterns human analysts might miss, flagging early indicators of compromise across both the surface and dark web. Consider the difference it would make to have two months’ notice to act on an issue like Log4j, or to shut down a vulnerability like the Chrome Mojo sandbox bypass before it’s exploited.
But to truly stay ahead, organisations must shift their mindset. In this new AI-driven cyberwarfare landscape, reacting after the fact is no longer an option. Defenders must match the speed and sophistication of attackers, embracing AI not as a bolt-on tool but as the backbone of their security strategy. It’s no longer about fighting smarter, it’s about fighting AI with AI. And when used as a defensive tool, AI becomes even more powerful. Think of it like having a ‘home field’ advantage – defenders know their environment best.
Encouragingly, appetite is growing, with 47% of Australian IT leaders saying they wish they had AI tools supporting their security operations. Yet adoption continues to lag. Over half (56%) of organisations report lacking the budget and resources to invest in AI-powered security, while 57% admit to a shortfall in the in-house expertise required to deploy and manage these technologies effectively.
The stakes, however, are too high for inaction. Without understanding what resides within an organisation’s entire digital ecosystem, businesses remain exposed to AI-driven threats and the broader risks posed by unmonitored technologies. The key is to gain full situational awareness, map all activity across networks and proactively secure critical assets.
AI may be a growing risk, but when harnessed correctly, it can also be the strongest defence.
Unlocking the power of AI
In a digital environment where geopolitics, cyberwarfare and AI innovation are increasingly intertwined, organisations that fail to evolve will find themselves outpaced, outmanoeuvred and overtaken by AI-driven threats. AI is simply blurring the line between conventional warfare and digital conflict.
The only way to secure the advantage is to embrace proactive, intelligent and adaptive security strategies, fuelled by AI, turning it from a risk into an asset. Passively watching those same alarming headlines and hoping the next attack won’t land closer to home is no longer an option. Security leaders need AI to defeat AI.
The warnings are clear. The question now is whether organisations will continue to watch the headlines or act today.
