AI Is Changing Cyber Offense and Defense, Says US Council of Advisers on Science & Technology Member, David Sacks

The recent demonstration that OpenAI's GPT‑5.5‑cyber can run a full multi‑step attack simulation marks a watershed moment for artificial intelligence in cybersecurity. Unlike earlier proof‑of‑concepts, this model operates without token constraints, suggesting it could be deployed in real‑world environments. By automating the identification of code flaws, AI shifts the balance from reactive patching to proactive hardening, turning what were once hidden bugs into actionable intelligence. This capability is rapidly spreading beyond the United States, with Chinese research labs expected to field comparable systems within months.

For security teams, the race is no longer about who can write the cleverest exploit, but who can integrate advanced AI tools into their defensive workflows first. Sacks' call for defenders to gain early access underscores a broader industry trend: vendors are packaging AI‑enhanced threat‑intel platforms, while governments scramble to draft policies that prevent misuse without stifling innovation. The challenge lies in establishing secure, auditable pipelines that let enterprises leverage models like GPT‑5.5‑cyber while maintaining data privacy and compliance. As AI lowers the skill barrier for sophisticated attacks, organizations must invest in talent and infrastructure that can interpret AI‑generated insights quickly.

Market analysts anticipate a "big upgrade cycle" as enterprises adopt AI‑driven security solutions, driving demand for next‑generation endpoint protection, cloud security, and managed detection services. Venture capital is already flowing into startups that fuse large language models with threat hunting, while legacy vendors are acquiring AI talent to stay competitive. This acceleration is likely to reshape the cybersecurity landscape, creating new revenue streams but also raising the stakes for regulators tasked with curbing malicious AI use. Companies that master the defender‑first approach stand to gain a decisive edge in the emerging AI‑powered cyber equilibrium.