NewKerala.com

AI Reshapes Cybersecurity Offense and Defense, Says US Advisor David Sacks

David Sacks argues AI models like GPT-5.5 are not doomsday devices but tools that automate cyber tasks. He emphasizes these models discover existing vulnerabilities rather than create them. Sacks predicts a major upgrade cycle as AI reshapes cyber offense and defense. He stresses the need for defenders to get AI access before attackers.

Key Points: AI Reshapes Cybersecurity: Offense & Defense, Says US Advisor

  • AI models automate cyber tasks, not magic doomsday devices
  • GPT-5.5 completes multi-step cyber-attack simulations
  • AI discovers existing bugs, not creates them
  • Shift to post-AI cybersecurity triggers a big upgrade cycle
3 min read

AI is changing cyber offense and defense, says US' Council of Advisers on Science & Technology member, David Sacks

US advisor David Sacks says AI models like GPT-5.5 are not doomsday devices but tools reshaping cyber offense and defense, predicting a big upgrade cycle.

"The bugs are already in the code. Using AI to discover and patch them will actually harden these systems. - David Sacks"

New Delhi, May 1

Former White House Crypto and AI Czar and US' Council of Advisers on Science & Technology member David Sacks has weighed in on the growing role of artificial intelligence in cybersecurity, arguing that AI models are not a "doomsday device" but tools that will reshape both cyber offense and defense.

Sacks made the remarks on X while reposting a thread by the AI Security Institute, which announced that OpenAI's GPT-5.5 is the second model to successfully complete one of its multi-step cyber-attack simulations end-to-end.

"It's time to demystify Mythos," Sacks wrote, referring to an earlier AI cyber model. "Mythos is not magic. It's not a doomsday device. It's the first of many models that can automate cyber tasks (just like coding)." He added that OpenAI's GPT-5.5-cyber can now do the same, and that "all the frontier models (including those from China) will be there within approximately 6 months."

Sacks emphasized that these models do not create vulnerabilities but discover them. "The bugs are already in the code. Using AI to discover and patch them will actually harden these systems," he said. He predicted that the shift from pre-AI to post-AI cybersecurity would trigger a "big upgrade cycle," after which the market is likely to settle into a new equilibrium between AI-powered cyber-offense and AI-powered cyber-defense.

He stressed the importance of ensuring that cyber defenders get access to these models before attackers, noting that the process is already underway but needs to move quickly given the pace of development in China and elsewhere. Unlike Mythos, Sacks said, GPT-5.5-cyber "appears not to be token constrained so it may be the first cyber model that defenders actually get to use."

Sacks is a Silicon Valley entrepreneur and investor and is a co-founder of PayPal and was previously the founding COO of the company. He also founded Yammer, which was acquired by Microsoft for $1.2 billion in 2012. In his current role, he advises on policy around artificial intelligence, cryptocurrency and digital assets.

The AI Security Institute's thread highlighted that GPT-5.5's ability to complete multi-step cyber-attack simulations end-to-end marks a significant milestone in AI capability. While the development has raised concerns about potential misuse, Sacks argued that the net effect could be positive if defensive use of AI outpaces offensive use.

His comments reflect a growing consensus in the tech and policy community that AI will accelerate both the discovery and patching of software vulnerabilities. The coming months are expected to see rapid adoption of AI tools by cybersecurity teams, even as governments work on frameworks to prevent misuse by malicious actors.

- ANI

Share this article:

Reader Comments

S
Sarah B
"Not a doomsday device" — that's reassuring but I'm still cautious. Cyber attacks are becoming more sophisticated every day, and giving AI the ability to automate them is a double-edged sword. Hope the defensive applications really do win out.
P
Priya S
This is fascinating! As someone working in fintech in Bangalore, I can see how AI-powered defense could protect our digital payment systems. But the gap between offense and defense needs to be managed carefully. India should invest heavily in this area given our digital infrastructure growth 🇮🇳
M
Michael C
Respectfully, I think there's too much hype around AI in cybersecurity. Bugs still need human judgment to prioritize and patch properly. Let's not forget the basics while chasing shiny new tools.
R
Rohit P
Sacks makes a valid point about defenders needing access before attackers. But with Chinese models catching up in 6 months, it's a race against time. India needs its own indigenous AI cybersecurity solutions — relying only on US models won't be wise for our strategic interests.
K
Kavya N
It's good that AI can find existing bugs rather than creating new ones. This could really help Indian government websites and Aadhaar-linked systems become more secure. Hope our cybersecurity agencies are already working with these models! 🤞
E

We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.

Leave a Comment

Minimum 50 characters 0/50