Why Assume AI Breach is the Next Evolution in Security

For the past decade, “assume breach" defined security strategy in the SOC. We placed trust in the perimeter and built defenses around detection and response. It transformed resilience, but relied on a critical assumption: that our adversaries were human.

Today, that assumption is gone.

As we articulated in Part I of this series, AI-enabled attackers break these assumptions. When the kill chain completes in minutes rather than weeks, "detect and respond" isn't a viable strategy if detection and response depend on human analysts who can’t keep up.

Today, that posture has evolved to assume AI breach. Operating under this mindset means defenders assume attackers can move faster and with more thoroughness than human analysts, and across more assets than they can track.

How to operationalize an assume AI breach security posture

What does this mean for our day-to-day operations? The focus is shifting to three critical areas.

First, detection latency matters just as much as detection capability. It's not enough to have the ability to detect an attack: detection must be near real-time. An alert that fires an hour after the incident occurred is too late if the kill chain completes in minutes. Security teams should optimize detection pipelines for speed, not just accuracy.

The second is that machines, not just people, must carry out investigations. Workflows that require human judgment at every step become bottlenecks. Investigation flows and “gut feelings” that only exist in analysts' heads can't operate at machine speed. Security teams will need to create their own agentic investigators, but ones that they feel comfortable delegating responsibility to, at least for the lower-priority incidents.

And third, response requires automation and pre-authorization.

This is where your existing (non-AI) SOAR playbooks will come in handy. Humans can then shift from "in the loop" (approving each action) to "on the loop" (supervising and overriding when necessary).

In short, “assume breach” was the mindset shift that defined the last decade of security architecture. Assume AI Breach is the mindset shift that will define the next one.

Strategic defense priorities for AI-speed cyber security

If the Attacker's Dilemma remains valid only when defenders can operate at machine speed, the strategic imperative is clear: defenders must leverage the same time and scale advantages that AI provides to our adversaries. This doesn't mean replacing human analysts with AI; it means augmenting them so they can interdict attackers in a compressed kill chain. in a compressed kill chain.

To restore defenders' advantage, we should consider three strategic levers:

1. Raising the cost of scarce resources:

Strategies that waste individual attack attempts become less effective as inference costs drop. If an attacker can run a thousand attempts for pennies, making each attempt slightly more expensive doesn't change their economics meaningfully. Instead, we can target the resources that remain scarce even for AI-driven attackers.

• Attacker time: Even with AI, time has value. Deception that wastes hours of agent execution time imposes real costs and buys the defenders valuable time to boot.

• Infrastructure requiring human effort: Attackers spin up automated infrastructure quickly, but most burned infrastructure will still require human attention to replace, reconfigure, and validate it. Attackers using agents for help in this area will likely need to leverage cloud infrastructure, which comes with its own set of costs.
• TTPs and tools: Exposure is permanent. Sharing high-Pyramid-level indicators and signatures through threat intelligence networks irreversibly burns attacker investments.

2. Using deception as a force multiplier

Deception may be where defenders gain the most ground. AI agents optimize for task completion. A honeypot that's technically well-constructed may fool an AI, whereas a human might distrust it on instinct.

Moreover, because AI agents are thorough, they trigger tripwires faster than a human would. They'll find your honeytokens, touch your canary files, scan your darknets, and authenticate to your decoy services. Their speed becomes an advantage to your detection

Deception technologies become more valuable in an AI-enabled threat environment, not less. They waste attacker time (still a finite resource), generate high-confidence alerts (reducing the false positive problem), and exploit AI agents' lack of intuition.

3. Building Architectural resilience

Finally, assume your detection and response capabilities won't always be fast enough. Architect for containment, even when attacker speed exceeds your response speed.

Micro-segmentation limits how far a fast-moving attacker can spread before defenders can respond. Zero trust principles mean that compromising one asset doesn't automatically grant access to others. Least privilege principles ensure that compromised accounts offer minimal access. Organizations should implement these measures today against human adversaries. Now is the time to escalate efforts.

Winning the race against AI-enabled cyber threats

The economics favor continued acceleration: inference costs dropping, tooling maturing, barriers lowering. Organizations that can’t adapt quickly will face increasingly asymmetric odds. The attackers are already adopting AI; they don't have procurement processes, compliance reviews, or change management boards. They're moving now.

But the “Attacker's Dilemma” remains our structural advantage — if we adapt to exploit it. The kill chain still constrains attackers. Detection opportunities still exist at every stage. Attackers still face irreversible exposure when defenders burn their techniques. Deception still works and may work even better against AI.

For these advantages to matter, we must be able to act on them at machine speed. That means:

• Adopting an “assume AI beach” posture now, before the threat, forces an organization to adopt it.
• Building toward automated detection, investigation, and response to eliminate human bottlenecks.
• Investing in deception technologies that exploit the predictable nature of AI agents. Architecting for containment and resilience, assuming defenders will not always respond in time.
• Focusing cost-raising strategies on scarce resources, specifically attacker time and infrastructure.

The “Attacker's Dilemma” tells us that attackers face real constraints. “Assume AI breach” tells us those constraints only matter if we can operate fast enough to exploit them. The question for every security organization is whether they can field defenses that work at AI speed.

Implementation is hard, and organizational change is rarely fast. As an industry, we still have a lot of work to do to address the practical challenges of building AI-assisted security operations.

But the strategic direction is clear. The race is already running. The only question is whether we'll compete.

We learned to “assume breach.” Now we must “assume AI breach.”

The attackers already have.

To explore how AI-enabled agents are reshaping the traditional Attacker’s Dilemma and why your current defensive frameworks require a strategic recalibration, read Part I of this series here.

To learn more about agentic AI attack and defense strategies, please subscribe to the Perspectives by Splunk monthly newsletter.