Celebrated on November 30, International Information Security Day comes in 2025 at a time when the issue has never been so central to companies' strategic decisions. The accelerated growth of artificial intelligence has brought significant advances to business, but has also placed tools with unprecedented attack capabilities in the hands of digital criminals.
For technology and security managers, the equation has become more complex. Attacks have evolved in scale, precision and speed. Defenses need to keep pace.
How AI has expanded the attack power of digital criminals
Artificial intelligence has given malicious actors something that previously required a lot of time and technical expertise: the ability to automate, customize and scale attacks with industrial efficiency.
"Although AI is used to create much more enhanced and realistic attacks, such as deepfakes, deepvoices and phishing, it is also our greatest defense tool, especially in automation and detection actions," says Gabriel Loschi, CISO at Foursys.
Among the most common practices observed today are:
- Highly personalized phishing: emails that accurately mimic the communication of real companies, or voice deepfakes used in financial transfer scams
- Automatic generation and mutation of malware: codes capable of changing their own signature with each attack, making detection by traditional systems ineffective
- Automation of malicious operations: algorithms that perform credential stuffing at scale, scan for vulnerabilities in systems and replicate human behavior to fool defense mechanisms
The result is an environment in which the sophistication of attacks is growing continuously and security models based on static rules are no longer sufficient.
Why AI is also the main defense tool
The answer to this new reality lies largely in the use of artificial intelligence itself on the defense side. As attacks evolve with the help of AI, protection solutions need to evolve at the same speed, and tools based on machine learning are at the heart of this response.
"Among the main solutions available today, real-time detection systems, automatic incident response tools and the proactive strengthening of security policies are some of the tools available," Loschi points out.
In practice, this defense is structured on three main fronts:
Real-time detection: models simultaneously analyze events and the behavior of users and entities, identifying anomalies before they become incidents. The ability to cross-check thousands of signals at the same time is what differentiates this approach from traditional monitoring systems.
Automated incident response: on identifying a threat, the systems act immediately, isolating suspicious endpoints, blocking malicious traffic and initiating mitigation without relying on human intervention for each action. Response times, which used to be measured in hours, are now measured in seconds.
Proactive strengthening of security: continuous attack simulation tools, exposure surface analysis and cloud configuration monitoring allow companies to identify vulnerabilities before they are exploited. Security stops being reactive and starts operating predictively.
What this scenario requires of companies
The adoption of AI-based tools for security is a necessary response, but insufficient when applied in isolation. The effectiveness of these solutions depends directly on the quality of the data that feeds them, the maturity of internal processes and an organizational culture that treats security as a strategic priority.
Companies that invest only in cutting-edge technology without structuring clear policies, training teams and establishing data governance tend to create a false sense of protection. Defensive AI works best when it finds an environment prepared to receive it.
At Foursys, the cybersecurity approach is based precisely on this integrated vision: technology, processes and people working together to reduce the surface of exposure and increase the resilience of operations.
The challenge that won't go away
The race between attack and defense in the digital environment has no finish line. Every advance in protection tools stimulates a response from malicious agents, and vice versa. What changes in this cycle is the speed with which adaptations take place.
For companies, the relevant question is no longer whether they will be the target of a cyber attack. The question is whether they will be prepared when it happens.
This post was based on an article published by Gizmodo Brasil, with statements by Gabriel Loschi, CISO of Foursys, on the occasion of International Information Security Day.
.jpeg)
