As AI transforms cyberattacks, organizations must stop relying on assumed security and start proving whether their defenses can withstand real-world threats, Dan Bird Member of the Order of the British Empire (MBE) and Field Chief Technology Officer for Europe, the Middle East, and Africa (CTO EMEA), told Inside Telecom in an exclusive Q&A on cybersecurity resilience today.
Speaking to Inside Telecom, Bird said many organizations still rely too heavily on activity-based security metrics such as patching, scans, and closed tickets, without validating whether attackers can still exploit weaknesses. He warned that confidence in security controls often outpaces real evidence, especially as AI cyberattacks enables attackers to move faster, automate reconnaissance, and chain vulnerabilities across complex digital environments.
Confidence Is Not the Same as Validation
Bird said the gap between confidence and actual security validation has become common because organizations often measure proxy indicators rather than security itself.
“Most organizations are measuring proxy indicators of security rather than security itself,” Bird said.
He explained that modern cyberattacks rarely depend on one vulnerability. Instead, attackers combine misconfigurations, abused identities, weak controls, and exposed pathways to reach critical systems.
“The issue is not a lack of effort,” Bird added. “It’s that many organizations have become very good at measuring responsiveness.”
Activity Metrics Can Hide Real Exposure
According to Bird, traditional measurements such as vulnerability scans, patching, and ticket closure show that work is taking place, but they do not necessarily prove resilience.
“Activities like vulnerability scanning, patching and ticket closure tell you that security work is happening,” he said. “They do not necessarily tell you whether an attacker can still reach critical systems.”
Bird highlighted a sharp divide between confidence and verification, noting that organizations risk optimizing for compliance while remaining exposed to the most important attack paths.
“That gap between confidence and verification is where risk often hides,” he said.
AI Is Turning Cybersecurity into Algorithm vs Algorithm
Bird said cybersecurity is increasingly becoming “algorithm vs algorithm,” with attacks and defenses unfolding at machine speed.
“In practice, it means cyber conflict is increasingly happening at machine speed rather than human speed,” he said.
As attackers use AI to identify vulnerabilities, generate exploits, and accelerate the attack chain, Bird argued that defenders must adopt continuous security validation rather than relying only on periodic human-led testing.
“The goal should not be to replace human testers, but to complement them with continuous, automated validation,” he said.
Looking ahead, Bird said offensive security will become more central to daily cyber decision-making as organizations uses AI to safely test themselves before attackers do. He emphasized that the first practical step is to stop measuring security by activity alone and begin validating outcomes, especially around critical assets.
“Ultimately you only know your defenses work when they are tested,” Bird concluded.
Inside Telecom provides you with an extensive list of content covering all aspects of the Tech industry. Keep an eye on our Press Releases section to stay informed and updated with our daily articles.
