When the Wright brothers piloted their biplane 120 feet down the beach at Kitty Hawk, they could’ve hardly imagined that a mere 65 years later, flight would carry us 240,000 miles to the lunar surface—and back. It’s a remarkable evolution that parallels the pace of the cybersecurity industry, where in only a few short decades, the leap from securing our first digital steps to advanced frontiers like AI has been nothing less than historic. 

While keeping pace with a mutable threat landscape is nothing new for chief information security officers (CISOs), the speed, scale, and sophistication of today’s adversaries are—from tailored phishing and multi-channel spearfishing campaigns to deepfake-powered social engineering that further blurs the line of reality.

AI Authority TrendThe Electric Car Problem of Cloud Pricing

In this unprecedented era, the challenge for CISOs is twofold: relevance and risk—can we understand the broader business while balancing risk tolerance with a revenue-driving remit? There’s simply no longer room for cybersecurity to be the ‘party of no.’ We can’t just be rigid enforcers, rather we must also be agile enablers who support and secure in equal measure.  

As cybersecurity rightfully takes its place as a core business risk, CISOs are rapidly ascending from backroom technicians to boardroom trustees. Here are three considerations to help ensure our hard-earned seats at the table don’t turn into a game of musical chairs.   

Time? Never heard of it 

As security leaders, we have to get out of our own way—time is simply not our ally. It took many CISOs three or four years to get comfortable with cloud and understand its true business value. With AI, that urgency is eight, even 10-fold, where if you’re not on board in three to six months, you’ll likely never catch back up.

Just look at the sheer amount of zero-day exploits in the last 24 months. In most cases, there aren’t legions of keyboard warriors behind these attacks, rather models manipulated to incessantly probe and penetrate at machine speed and scale.  

At DXC, we’ve compressed our annual roadmap into quarterly cycles, with bimonthly or even monthly roadmaps likely ahead. We must transition long-term strategies into short-term sprints that prioritize rapid prototyping, deep AI integration, and heightened partner and vendor accountability.  

ROI as the AI North Star 

Many CISOs find themselves stuck in a digital quagmire when it comes to protecting their companies from the dangers of adversarial AI. Yet the opposite is equally true: as much as AI can be a poison pill to our security ecosystems, it can also be the antidote.  

As adversarial AI probes our perimeters with greater velocity, precision, and guile, the only way to defend against this is at machine speed—with AI behind the wheel. For CISOs eager but unsure where to start, go where the ROI is most valuable and easiest to articulate: Security Operations Centers (SOCs), adversarial penetration testing, and vulnerability management for starters. 

Security leaders must be comfortable and fluent in the language of the broader business and translate AI’s revolutionary potential into real-world impact for leadership. Dollars and hours saved are the baseline. But CISOs must also be able to communicate returns on more nuanced metrics—like speed, efficiency, and resilience—to CFOs, boards, or other stakeholders. 

AI Authority TrendAccelerating Enterprise AI: Why the Next Era Requires Scale

Talent gap is an opportunity gap 

For years, our industry has suffered from a pair of persistent challenges: burnout among our existing workforce and a shortage of new talent to relieve it. For the first time in my career, I’m optimistic both are beginning to recede. In their place, an opportunity gap where automation and agentic systems alleviate fatigue and augment our teams so they can embrace more fulfilling assignments. 

In my 25 years in cybersecurity, I doubt I had a single colleague hired as a SOC analyst who went home raving about the monotony on their screens—ticket after ticket, alert after alert, false positive after false positive. Having humans triage hundreds or thousands of inbound tickets at human speed is like sending the Wright Flyer into a dogfight with a drone swarm. 

Agentic security isn’t some vague forecast or an AI sticker slapped on existing automation. Autonomous agents are already proving themselves in the SOC trenches, eliminating manual bottlenecks that historically have clogged the ticket funnel. DXC was “customer zero” for our own Agentic SOC that resulted in a 95% reduction in ticket volume for human analysts. In fact, in just the first 40 days, we saved 165 days of analyst work time—freeing our teams to focus on the critical signals and tasks through the noise. 

Our evolve-or-die moment 

Cybersecurity has a gravitational pull of its own—every few years, a new force emerges that draws us in and reenergizes our industry. To borrow from the world’s biggest pop star: we’re clearly in our AI era—where exponential breakthroughs continue to both amplify threats and arm us with the tools to combat them. 

As CISOs continue to earn our place as trusted voices at executive tables, for leaders often defined by our hunger, ambition, and love of the hunt, there’s one question we should all be asking about the next few years—how fun is this going to be? 

AI Authority TrendShadow AI: The Monster Under IT’s Bed

To share your insights on AI for inclusive education, please write to us at sudipto@intentamplify.com