By Dr. Dorit Dor, Co-founder of Qbeat Ventures & Check Point Fellow
I am proud to have served on the board of the Cyber Threat Alliance (CTA) for nearly four years. The level of collaboration achieved among industry leaders through the CTA is both inspiring and essential. It’s a call to action for those who haven’t yet joined, to become part of this important mission and leverage collaboration to bring greater value to the cybersecurity ecosystem.
Yet, we cannot rest on past achievements. We must look ahead and ask: what comes next?
We Live in Transformative Times.
In an era defined by rapid technological advancement, every opportunity brings not only promise but also risk. If we fail to seize these opportunities, the balance of power may shift unfavorably, especially at the intersection of artificial intelligence (AI) and cybersecurity.
How AI is Transforming the Cybersecurity Landscape
- AI-Driven Attacks: As AI becomes more accessible, we are seeing a rise in sophisticated, large-scale, and highly targeted cyberattacks. Attackers are leveraging AI to automate reconnaissance, identify vulnerabilities, and execute complex multi-stage attacks.
- New Interfaces, New Risks: AI is not just reshaping the attack landscape, it’s also changing how businesses operate. From AI-powered systems and interfaces to autonomous workflows, each innovation introduces new potential attack surfaces.
- Shifting Roles of Developers and DevOps: The evolution of software development is changing foundational security principles. Security by design, security by default, and vulnerability management need to be reimagined for a faster, more iterative development environment.
- New Opportunities for Defenders: This transformation also presents an opportunity for defenders to reinvent their playbooks, creating end-to-end protection flows that integrate security earlier and deeper into the development and IT lifecycle.
- Growing System Complexity: Security stacks are becoming more layered, often adding tools without removing legacy systems. Combine this with AI’s non-deterministic behavior, and you get environments with more identities, access routes, and permissions, each a potential point of failure.
Collaboration is the Strategic Imperative
The simplest and most urgent collaboration imperative is to continue and expand efforts like the Cyber Threat Alliance (CTA), which facilitate sharing of attack data, methods, and indicators. But with attackers now capable of orchestrating AI-driven campaigns at scale, the next phase of collaboration must go beyond static data sharing.
We need real-time, insight-level collaboration. Every defender sees a different vector, gathers different signals, and operates at different points of entry. If we can harness this collective intelligence in real time, we can detect, respond, and adapt more effectively than any one tool or vendor can do alone.
Building a Layered, Open Defense
The future of cybersecurity is modular. As the number of point solutions and experimental tools grows, defenders must create protective layers that span across tools and vendors. An open garden approach based on interoperability, real-time integration, and shared standards will help make emerging tools more defensible and allow defenders to respond with agility.
Accelerating Defender Learning
We should aim not only to stop attacks, but also to learn from our defenses. What worked? Why? Can we replicate and accelerate it? While this kind of introspective sharing is sensitive, especially for security vendors, it may be possible to create controlled, high-value sharing frameworks that yield insight without exposing risk.
Integrating Security into the Infrastructure Layer
Looking forward, collaboration should extend into infrastructure, development, and testing. AI makes rapid tool development and deployment easier than ever. To secure this programmable future, We must collaborate on hygiene standards, security APIs, and real-world testing environments to ensure safety from the ground up.
It’s a call to action
Attackers face little downside in experimenting with new attack methods. For defenders, innovation is not just an advantage, it’s a necessity.
Reinventing cybersecurity today means embracing multidisciplinary methods, integrating across entry points, and unlocking the power of collective data and insight.
Key Questions We Must Answer Together
- Can we improve defenses through real-time collaboration and integration between tools and vendors?
- Can we reduce risk by identifying and sharing small but critical pieces of data, if only we knew what to look for?
In this AI-driven era, collaboration is no longer optional. It’s essential to staying ahead.