Last week, we brought together leading CISOs, founders, and security practitioners for our 2026 AI Cyber Summit. The backdrop was hard to ignore: Anthropic had just disclosed the first fully-autonomous nation-state cyber attack three months prior, and days before the event, OpenClaw (an AI-powered social network that spawned 1.5M agents) collapsed under its own security vulnerabilities.
Over the course of the evening, a clear theme emerged: Adversaries are automating at-scale what defenders still handle manually. The teams that adopt AI defenses now will compound their advantages, and those that wait will find themselves irreversibly behind. Our summit brought together experts to weigh in on both sides of this equation: what the new threat landscape actually looks like, and what defenders need to do right now to stay ahead.
The Threat Landscape Has Changed
Nation-state actors are already using AI models to launch attacks, though mostly for mundane tasks like phishing and basic scripting. However, this will change quickly as the next two years will likely see a significant increase in volume, scale, and type of attacks. Jason Clinton, Deputy CISO at Anthropic, warned that the next two years are going to be very bad from a cybersecurity perspective. AI has lowered the barrier to entry for attackers while raising the ceiling on what they can do—and now they’re operating at machine speed.
At the same time, the attack window is collapsing. By the time your first SIEM alert loads, the attack could be over. Vulnerabilities that once took weeks to exploit can now be automated in hours, maybe less. And we’re seeing entirely new attack vectors emerge, from AI agents creating their own social networks to adversaries scaling complex, multi-step pathways that were previously too resource-intensive. Take the XZ Utils attack: A burned-out open-source maintainer, socially engineered over months, almost backdoored countless Linux systems.
The changing threat landscape creates two distinct challenges for security leaders. First, building machine-scale defenses to combat adversaries who now wield sophisticated, AI-powered attack operations. Second, securing AI systems themselves, which will require an entirely new class of security capabilities as AI continues to evolve.
AI Works Both Ways
Thankfully, the tools arming attackers can arm defenders, too. Security teams are already automating workflows that previously consumed 60% of their capacity, taking the toil out of finding exploits and lowering time to remediate.
But faster patching alone won’t solve the problem when threat models must account for attacks we can’t predict. This has pushed defenders towards a different model: “know what’s normal,” rather than “know what’s bad.” Traditional detection models attempt to maintain an ever-growing list of threat signatures, but struggle to keep pace with novel, LLM-generated attacks. Behavioral AI that learns how your organization actually operates (who talks to whom, when people work, what invoice processes look like, etc.) gives defenders an advantage that attackers can’t replicate. They can scrape the internet, but they can’t know how your company behaves.
The Window Is Still Open, But Not For Long
Despite the changing landscape, the room was marked by resolve, not fear. The message was unanimous: act now, and leverage the tools at your disposal. The security leaders who embrace AI agents, prioritize the fundamentals, and invest in behavioral defenses will pull ahead in ways that compound over time.
These tools are amazing for defense and it’s almost a moral duty to harvest that we have this opportunity.”
— Matt Knight, former VP and CISO, OpenAI
The next two years will be some of the hardest cybersecurity has faced. But the potential cuts both ways: the same AI that’s accelerating attacks gives defenders a generational opportunity to get ahead. As our evening keynote speaker Evan Reiser put it, teams that start adopting AI now—even for small wins—create a positive spiral: Each efficiency gained frees up capacity to tackle the next problem. But the baseline threat isn’t slowing down. The only way forward is to elevate your team’s capabilities faster than the threat landscape evolves. Those who wait will find the gap impossible to close.
We’ve never been at a point in civilization where the compounding liabilities of getting ahead or behind on AI has been so extreme.”
—Evan Reiser, Co-Founder & CEO, Abnormal AI
The window is open, but it won’t stay that way. If you’re building AI-native security, we’re actively investing in this space, so let’s talk. And if you’re a security leader looking to stay ahead of what’s coming, explore the companies in our portfolio that are solving these problems now.
Venky is a partner at Menlo Ventures focused on investments in both the consumer and enterprise sectors. He currently serves on the boards of Abnormal AI, Aisera, Appdome, Aurascape, BitSight, ConverzAI, MealPal, Obsidian, Sonrai Security, and Unravel Data. Prior to joining Menlo, he was a managing partner at Globespan Capital…
Rama is a partner at Menlo Ventures, focused on investments in cybersecurity, AI, and cloud infrastructure. He is passionate about partnering with founders to build the next generation of cybersecurity, infrastructure, and observability companies for the new AI stack. Rama joined Menlo after 15 years at Norwest Venture Partners, where…
As an investor at Menlo Ventures, Sam focuses on SaaS, AI/ML, and cloud infrastructure opportunities. She is passionate about supporting strong founders with a vision to transform an industry. Sam joined Menlo from the Boston Consulting Group, where she was a core member of the firm’s Principal Investors and Private…
Sabrina is an investor at Menlo Ventures, where she focuses on inflection-stage companies in enterprise SaaS, AI/ML, and cloud infrastructure. She’s excited about partnering with founders who challenge the status quo and supporting them in transforming bold visions into enduring businesses. Her passion for startups began at Fastcase (now vLex),…
