About Partners Contact Client Portal
LinkedIn Twitter
Services Industries Insights & Events Careers & Culture
Insights & Events

Services

RubinBrown specializes in providing a comprehensive range of services to meet business and personal needs. Whether you require expert tax, strategic business consulting, audit services or more, RubinBrown's team of experienced professionals are here to support you.

View All Our Services
Assurance Services
Benefit Plan Audit Services Public Company Services SOC Examinations, IT Audit, & Third-Party Risk
Consulting Services
AI & Data Services Business Process Improvement Services Business Restructuring & Bankruptcy Services Cyber Security Services Independent ERP Selection Consultants Fraud & Forensics Healthcare Consulting Services SOC Examinations, IT Audit, & Third-Party Risk Information Technology Services Litigation Services Mergers & Acquisitions Services Risk & Internal Audit Services Valuation Services
Entrepreneurial Services
Outsourced Accounting & Advisory Services
Tax Services
Federal Tax Services Private Client Services Credits & Incentives Services State & Local Tax Services
Wealth Management Services by RubinBrown Advisors RubinBrown Corporate Finance

Industries

At RubinBrown, we bring experience across a range of industries. Our experience enables our professionals to offer tailored solutions catering to the intricacies of each sector. Our professionals have years of focused engagement and skills, allowing them to navigate industry-specific challenges to benefit our clients.

View All Our Industries
Colleges & Universities Construction Financial Institutions Gaming Law Firms Life Sciences & Technology Manufacturing & Distribution Not-For-Profit Private Equity Public Sector Real Estate Transportation & Dealerships

Careers & Culture

At RubinBrown, we are inspired team members, working as one firm, living our core values, and Being Our Best for Others while delivering totally satisfied clients. We invite you to learn more about the Firm's culture, the Be Your Best for Others mentality, and explore the available opportunities at RubinBrown.

Discover Our Culture
Baker Tilly International Campus Recruiting Diversity & Inclusion Experienced Recruiting RubinBrown Charitable Foundation Join The Team
Back to Insights

AI Powered: How Hackers Use Artificial Intelligence in Cyberattacks

Contact Us

AI Powered: How Hackers Use Artificial Intelligence in Cyberattacks

Contact Us

AI Changes the Speed, Not the Rules, of the Cybersecurity Game

In our previous article, we outlined why traditional patching timelines no longer work in today’s threat environment. The recent Anthropic news about Claude Mythos and Project Glasswing makes the current topic very timely (Mythos is an advanced AI capable of thinking like an elite hacker and security engineer at the same time).

This raises a natural question: 

If attackers move faster, sometimes faster than organizations can act, has the cybersecurity playbook fundamentally changed?

The answer is no.

The speed has changed, not the rules determining outcomes.

What’s Actually Driving Cyberattacks and Breaches

AI has introduced new capabilities into the threat landscape, generating understandable concern. Common examples include:

  • AI-assisted attacks 

  • Advanced social engineering 

  • Automated exploitation 

These developments are real, but they do not represent the primary drivers of breaches. Industry data remains consistent:

  • Credential abuse remains a leading access vector 

  • Vulnerability exploitation drives a significant portion of breaches 

  • Phishing and social engineering continue to succeed 

  • Third-party risk continues to grow 

None of these represent new categories of failure. What changed is the speed at which attackers exploit them.

Key takeaway:

Breaches do not result from new rules. They result from faster exploitation of known gaps. When attackers move faster, previously manageable small control gaps can now result in business‑impacting incidents before leadership even knows something is wrong.

The Real Impact of Artificial Intelligence

AI accelerates several aspects of attacker behavior:

  • Faster reconnaissance 

  • More convincing phishing and social engineering 

  • Greater scale of attack campaigns 

  • Faster movement within compromised environments 

However, AI does not introduce entirely new failure modes; it amplifies existing ones. The distinction matters because it defines the appropriate response.

AI in Cybersecurity: The Fundamentals That Still Matter

The controls separating attempted attacks from successful breaches remain consistent.

They fall into three primary areas:

1. Identity and Access Control

Credential-based attacks remain dominant.

Organizations reducing risk here:

•    Deploy multi-factor authentication broadly, without gaps 
•    Address legacy authentication and service account exposure 
•    Move toward phishing-resistant authentication methods 

2. Visibility and Detection

Preventive controls fail. The difference lies in awareness.

Organizations detecting attacks early:

•    Monitor endpoints, networks, and identity activity 
•    Identify post-compromise behavior, not just initial access 
•    Retain sufficient logs for investigation 

The gap between internal detection and external notification often determines whether an incident remains contained or becomes public.

3. Resilience and Recovery

Modern attackers increasingly target recovery capabilities.

Effective programs ensure:

•    Backups remain isolated and protected 
•    Recovery processes undergo regular testing 
•    Critical systems can be restored under realistic conditions 

Why Execution Matters More Than Ever

Across major threat reports, a consistent pattern appears:

Breached organizations are not failing due to unknown threats. Failures occur in execution of known controls. AI reduces margin for error. Gaps previously tolerated for weeks or months now lead to exploitation within hours or days.

This shift increases required discipline, not strategic complexity.

Connecting the Dots: Speed vs. Fundamentals

The collapse of patching timelines reinforces this reality. Even strong vulnerability management programs cannot eliminate every exposure before exploitation. When exploitation timelines compress from weeks to hours, even mature programs with disciplined patching cadences will face exposures that close slower than attackers can find them. Preventing every instance of initial access is no longer a realistic standard. The controls that matter most are the ones that limit what an attacker can do after compromising the environment.

As a result:

  • Some attacks will achieve initial access 

  • Outcomes depend on response after access occurs 

Organizations able to:

  • detect quickly 

  • limit movement 

  • protect sensitive data 

  • recover effectively

will avoid, or at least minimize, business-impacting breaches.

What Business Leaders Should Do

For executives and boards, the practical response is not technical; it is operational and governance‑driven. Effective response to AI-driven threats does not begin with new technology, it begins with full implementation and consistent execution of core controls.

Key questions include:

  • Is accountability for cybersecurity clearly defined at the executive level? 

  • Is MFA enforced across all critical access paths? 

  • Can suspicious activity be detected quickly and reliably? (Detection that previously had days to surface now needs to happen in hours. The window between initial access and business impact continues to shrink.)

  • Have recovery capabilities been tested under realistic conditions? (Testing against a scripted scenario is not the same as testing under the pressure, ambiguity, and time constraints of a real incident.)

  • Is sensitive data fully understood and protected? 

  • Are third-party risks actively managed? 

Most organizations will identify gaps. Those gaps, not AI, create opportunities for attackers.

Final Thoughts

AI has made attackers faster, more scalable, and more efficient. It has not changed what works in cybersecurity, we do not need a new playbook. We need consistent execution of the existing one, with minimal tolerance for gaps.

The rules remain the same. The clock just moves faster.

The RubinBrown Cyber Security Services and Technology Consulting teams are dedicated to helping organizations identify risks, strengthen defenses, and build lasting cybersecurity resilience through proactive strategy, education, and technical expertise.


 

Published: 06/30/2026

Readers should not act upon information presented without individual professional consultation.

Any federal tax advice contained in this communication (including any attachments): (i) is intended for your use only; (ii) is based on the accuracy and completeness of the facts you have provided us; and (iii) may not be relied upon to avoid penalties.

 

Contact Us:

Talk to Our Experts

Audrey Katcher, CPA, CISA, CITP, CGMA Partner audrey.katcher@rubinbrown.com 314-290-3420
Ryan Orton Partner ryan.orton@rubinbrown.com 303.952.1214
Robert Rudloff, CISSP, CISA, QSA, CMMC RPA Partner rob.rudloff@rubinbrown.com 303-952-1220

Be Your Best for Others at RubinBrown

At RubinBrown, our firm fosters a culture built upon five vision points, and are guided by our philosophy of Being Our Best for Others. Discover how you can be your best at RubinBrown today by visiting our Careers & Culture Overview for available opportunities and more.

Discover Our Culture

Join Our Mailing List

RubinBrown periodically sends breaking regulatory updates, technical summaries, industry-specific information and event (in-person and virtual) invitations through electronic newsletters.

Sign Up for Our Communications
1-800-678-3134 Certified Public Accountants & Business Consultants

Ranked a Top 50 Accounting Firm by Inside Public Accounting

Firm News Disclaimers Privacy Policy Client Payment © 2026 RubinBrown LLP
RubinBrown Executive Recruiting RubinBrown Advisors RubinBrown Corporate Finance