{"id":225796,"date":"2026-06-04T03:48:00","date_gmt":"2026-06-04T07:48:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/04\/defending-against-ai-powered-cyber-threats-with-effective-threat-intelligence\/"},"modified":"2026-06-04T04:45:28","modified_gmt":"2026-06-04T08:45:28","slug":"defending-against-ai-powered-cyber-threats-with-effective-threat-intelligence","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/04\/defending-against-ai-powered-cyber-threats-with-effective-threat-intelligence\/","title":{"rendered":"Defending Against AI-Powered Cyber Threats with Effective Threat Intelligence"},"content":{"rendered":"

Defending Against AI-Powered Cyber Threats with Effective Threat Intelligence<\/a><\/p>\n

https:\/\/www.cybersecurity-insiders.com\/defending-against-ai-powered-cyber-threats-with-effective-threat-intelligence\/<\/a><\/p>\n

Publish Date: 2026-06-04 03:48:00<\/a><\/p>\n

Source Domain: www.cybersecurity-insiders.com<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n

AI is changing everything about the threat landscape. But how fast it upskills our threat intelligence is up to us.
\nArtificial intelligence is making exploits faster and smarter. It\u2019s reducing dwell time. And it\u2019s bringing script kiddies back with a vengeance.\u00a0
\nBut mostly, it\u2019s accelerating attackers\u2019 ability to customize attacks.\u00a0
\nIf we\u2019re smart, we\u2019ll take a page out of their books and fight back with highly customized threat intelligence of our own. Generic threat feeds are not going to cut it against sniper-like precision.
\nWe\u2019ll need AI to do that.\u00a0
\nAI-Powered Attacks: A New Era of Sophistication
\nAI is giving cybercriminals and casual hackers alike near-unlimited potential to customize their attacks.\u00a0
\nAI-Powered Voice Spoofing
\nBefore the AI boom, many high security cases used voice authentication as the ultimate security measure. Your voice could authorize the transfer of funds or the execution of a remote command.\u00a0
\nThanks to the sophistication of AI voice-cloning scams, a lot of professionals have removed this feature. Myself included.
\nOur voices are \u201cout there\u201d in webinars, TED talks, and video conferencing calls. AI crawlers regularly scrape the internet for this kind of data, and more. Relying on voice activation can unfortunately no longer be trusted.
\nBiometric Hacking
\nRemember the old days, when stealing someone\u2019s fingerprint meant sliding a piece of Scotch tape under it? Not anymore.
\nHacking tools and trojans are being used to spoof biometric banking locks and steal facial recognition data. It won\u2019t be long until AI\u2019s ability to deepfake fingerprints moves out of the realm of theory and into the real world.\u00a0
\nWe have to be increasingly wary of where and how we use biometrics, backing them up with cryptographic authentication methods where possible.
\nLighting Fast Dwell Times
\nAt the height of the \u201cransomware era\u201d 3-5 years ago, the primary focus was on reducing dwell times. If an attacker could successfully infect the network, move laterally to maximize damage, then get out before getting caught? That was a win for threat actors.
\nLockBit is probably the prime example of this. Between 2022-2023, LockBit was one of the largest, most prolific RaaS groups in the field, known for its \u201cbusiness-like\u201d efficiency and speed, having one of the fastest encryption times on the market. LockBit\u2019s 2.0 and 3.0 iterations (\u201cLockBit Black\u201d) could encrypt 100,000 files in under 45 minutes, outpacing the speed of most incident response teams.
\nIt still is. AI is only going to make this process faster and more reliable. By automating reconnaissance, autonomously exploiting vulnerabilities, and pre-programming security tool evasion into their exploits, AI contributes to breakout times of under 30 minutes.\u00a0
\nOnce, ransomware success was dependent upon the speed and expertise of a human operator negotiating the attack. They may have been good, but defenders had a chance of chasing them down with the right skills and incident response systems in place.
\nNow, it is the work of an agentic AI agent. And only AI-powered defense will have the firepower to stop it.\u00a0
\nAI-Powered Remote Operators
\nRemote access attacks are another place where AI is having an impact. Before, it used to be solo attackers in the criminal underground sitting behind multiple dashboards and moving at human speed.
\nIn the near future, I predict agentic AI agents will be the ones manning the controls behind these attacks.\u00a0
\nThe Rise of Script Kiddies
\nAI is rewarding a generation of low-level technical hackers, or \u201cvibe coders.\u201d Once referred to as script kiddies, this new generation may be even less skilled and even more dangerous.
\nAI makes complex, multi-stage attacks possible for novices and those with little to no technical background. This leads to the production and dissemination of AI malware at scale, and a record low barrier to entry for cybercrime.
\nThe only way forward is to route AI-driven threats before they become an issue. But generalized threat intelligence is not going to do that.\u00a0
\nThe Imperative for Personalized Threat Intelligence
\nThe industry has always given defenders very generic information. These are the vulnerabilities being exploited across the board. These are the IPs that should be dangerous to everyone.
\nBut context is key, and sometimes a threatening IP is one that our systems might need.
\nThis contributes to the firehose of information being shot at SOC analysts, drowning them in alerts and threat feeds that aren\u2019t relevant to their sector.\u00a0
\nIndustry-Relevant Is Not Enough
\nOrganizations can turn to ISACs and ISAOs for slightly more relevant threat data, but even those don\u2019t take into account the granular difference between each ecosystem.
\nImportantly, these are granularities attackers do not miss.\u00a0
\nThis is why it is essential to realize that the threat intel you receive must be as tailored to your environment as the attacks that target it.\u00a0
\nEven Within Your Sector, Your Environment Is Unique
\nIf you have two cloud-native startups both running AWS, they are going to do it differently. One is going to have its own set of SaaS apps. The other will have different requirements for how users can access its services. Even AWS can be used dozens of different ways within very similar architectures.
\nOne company\u2019s environment is not the same as anybody else\u2019s. Which means that their threat intelligence cannot be either.
\nDefining Priority Intelligence Requirements (PIRs)
\nIn Forrester\u2019s recent report on the State of Threat Intelligence, analyst Jitin Shabadu highlighted the importance of establishing your Priority Intelligence Requirements (PIRs), or top-line questions designed to get to the heart of what really matters when collecting threat intel.
\nPIRs vet all aspects of business and security, so defenders know what threat intel to intake: customization. Aspects of scrutiny include company-specific:<\/p>\n

Threat actors
\nMalware campaigns
\nIndustry trends\u00a0
\nGeopolitical risks
\nStakeholder needs<\/p>\n

The bottom line is that threat intelligence must be tailored to an organization\u2019s unique threat landscape. This means its unique architecture, attack surface, policies, risk appetites, industry (highly regulated bank vs. SaaS startup), and business profile.\u00a0
\nReducing Workloads and Accelerating Response
\nA company operating only with highly curated threat intelligence wastes less time sifting through alerts and missing potential threats. It devotes less time to ingestion, sterilization, and validation.\u00a0
\nIt has only what it needs, when it needs it, in time to make a difference. This is the future of threat intelligence, and why Forrester is trying to move the needle.
\nBridging the Threat Intelligence Adoption Gap
\nUnderstanding you need customized threat intel and getting board-level buy-in are two different things.\u00a0
\nThe Challenge of Proving ROI\u00a0
\nWhat the C-suite wants to see is ROI. But the challenge is that without undergoing an attack, there will be no immediate ROI to prove.\u00a0
\nAll too often, key stakeholders only see the value of a $2M security investment after getting hit with a $23M ransomware attack. By then you\u2019ve paid for the investment more than ten times over, when those costs could have been avoided with preventative care.
\nISACs and the Skills Gap
\nAs mentioned earlier, ISACs and ISAOs provide valuable threat data within their respective industries. Besides not being entirely curated to the organization, there is nothing wrong with the information itself.\u00a0
\nThe only problem is that many organizations lack the security maturity to use it effectively.\u00a0
\nIn smaller entities, fully developed cybersecurity programs are hard to come by. Sometimes, there may be no threat intelligence specialist at all. So, the information might be coming from the ISAC, but it may go unused due to the cyber skills gap.
\nThis is a gap that AI has the power to bridge.
\nUsing AI to Extract More Value from Threat Intelligence
\nThis is where the story comes full circle. When applied to threat intelligence, AI will do what it does best: customize.\u00a0
\nAI-driven threat intelligence platforms will be able to sift through threat feeds at scale, eliminating ones that don\u2019t have anything to do with the particular shape of the company and favoring ones that do.
\nThey can bridge the talent gap by allowing even junior-level analysts to leverage ISAC\/ISAO feeds and more and use natural language to explain what to do with them.\u00a0
\nAI can crawl your organization\u2019s unique architecture and assess its unique risks. Then, it can apply its machine-learning capabilities to build over time a threat intelligence program that customizes what you ingest to exactly what you need.\u00a0
\nThe results are lower dwell times, less analyst burden, greater ROI, and less business risk. In other words, fewer breaches because of better information.
\nConclusion
\nWhat\u2019s important to remember is that the AI-driven landscape is here. Attackers are finding success in using AI to personalize attacks. We can keep pace by using AI to personalize defense. And we can do that by customizing threat intelligence.
\nSecurity teams looking to level up their threat intelligence capabilities can align with the new industry consensus:\u00a0
\nIt\u2019s not about how many feeds you\u2019re subscribed to. It\u2019s about the quality of threat data you\u2019re getting and how you can use that to defend.\u00a0
\n____
\nAuthor:
\nRohit Dhamankar, VP, Product Strategy, Fortra
\n\u00a0<\/p>\n

Join our LinkedIn group Information Security Community!<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Defending Against AI-Powered Cyber Threats with Effective Threat Intelligence https:\/\/www.cybersecurity-insiders.com\/defending-against-ai-powered-cyber-threats-with-effective-threat-intelligence\/ Publish Date: 2026-06-04 03:48:00 Source…<\/p>\n","protected":false},"author":1,"featured_media":225797,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.cybersecurity-insiders.com\/wp-content\/uploads\/Threat-Intelligence-1.png","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,20,24,32],"class_list":["post-225796","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-artificial-intelligence","tag-cybersecurity","tag-malware"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/225796"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=225796"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/225796\/revisions"}],"predecessor-version":[{"id":225798,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/225796\/revisions\/225798"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/225797"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=225796"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=225796"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=225796"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}