As AI rapidly transforms the global digital ecosystem, it is simultaneously redefining the dynamics of cyber threats. From AI-driven attack automation and data poisoning to autonomous threat detection and blockchain security vulnerabilities, organizations now face a far more complex and unpredictable threat landscape. In this emerging era of “AI versus AI,” enterprises must strengthen cyber resilience through robust governance, human oversight, autonomous defence capabilities, and integrated security frameworks. As offensive and defensive intelligent systems continuously evolve, the ability to secure critical digital infrastructure will depend on how effectively organizations balance advanced automation with responsible human control and strategic cybersecurity resilience.
In an exclusive conversation with The Interview World at CyberComm 2026, organized by Federation of Indian Chambers of Commerce & Industry, Gourav Kumar, Regional Sales Manager at Trellix, examines how the cyber threat landscape is rapidly evolving in the age of AI. He further explains how Trellix is helping organizations mitigate emerging cyber risks across the digital ecosystem. In addition, he shares his perspective on building a fully AI-driven, automated cyber defence framework capable of countering increasingly sophisticated attacks. Moreover, he highlights how AI, blockchain, and other advanced technologies can reinforce cybersecurity resilience while significantly reducing exposure to evolving threats. Here are the key insights from this compelling conversation.
Q: How has the cyber threat landscape evolved with the emergence of AI, particularly in scenarios where malicious AI systems are being deployed against defensive AI systems, potentially creating large-scale disruption across the digital ecosystem?
A: When we discuss attack surface management, the adoption of AI has significantly expanded the threat landscape. Earlier, organizations primarily focused on attack surfaces within the traditional digital IT ecosystem. However, AI introduces an entirely new category of vulnerabilities and risks that enterprises must now address proactively.
For example, AI models themselves can become direct targets of cyberattacks. One of the most critical threats is data poisoning, where adversaries manipulate training data to compromise the integrity and behaviour of AI systems. Consider an organization that has developed and trained its own AI model. If cybercriminals target that model to poison its data or exfiltrate sensitive information, the organization must ask a fundamental question: how effectively can the AI system detect, respond to, and withstand such attacks?
This is precisely why I often refer to the concept of “AI versus AI.” While AI can strengthen cyber defence capabilities, it cannot operate in isolation. Human oversight remains indispensable. Organizations cannot rely on AI systems with blind trust or assume complete automation will eliminate cyber risks.
Ultimately, humans must govern these systems, train them responsibly, and continuously monitor their behaviour. They must establish the necessary visibility, control mechanisms, and governance frameworks to detect malicious attempts, prevent data exfiltration, and secure the AI models powering citizen services, enterprise operations, and employee ecosystems. Without strong human-led governance, even the most advanced AI-driven security architecture will remain vulnerable.
Q: As a global cybersecurity organization, what key initiatives is Trellix undertaking to help curb evolving cyber threats across the digital ecosystem?
A: Trellix is a global cybersecurity organization trusted by more than 50,000 customers worldwide. Organizations rely on us not merely as a technology provider, but as a strategic cybersecurity partner navigating an increasingly complex threat landscape.
Today, almost every customer conversation centers on AI. Enterprises have already invested heavily in securing their digital infrastructure. However, with the rapid rise of AI-driven ecosystems, they are now asking a more critical question: what additional measures are necessary to remain protected against AI-powered threats?
The answer is clear. Cyber resilience in the AI era is not a one-time deployment; it is a continuous journey. Protecting an enterprise environment from AI-based attacks requires far more than implementing a standalone security tool. Organizations need a comprehensive security framework.
That framework must integrate people, processes, and technology. Technology alone cannot solve the problem. Security tools represent only one layer of defence. Organizations must also ensure that the tools they deploy can effectively understand and adapt to the evolving AI threat landscape.
For example, modern security platforms must possess advanced threat intelligence capabilities. They should continuously analyse global threat activity, identify emerging attack patterns, and detect attempts targeting AI models themselves. When such malicious activity occurs, intelligent security systems should immediately generate alerts, prioritize incidents through effective triage, and enable Security Operations Centers (SOCs) or remediation teams to respond rapidly and decisively.
In some cases, those responses can be fully autonomous. In others, human intervention remains essential. Ultimately, the effectiveness of that response depends on the strength of the governance framework the organization has established.
This is where we support our customers. We help them design and operationalize robust cybersecurity frameworks not only from a technology perspective, but also through the alignment of people and processes. Our objective is to ensure they remain resilient, adaptive, and fully prepared for the rapidly evolving AI-driven threat landscape.
Q: What is your perspective on building a fully AI-powered automated cyber defence ecosystem to counter the increasingly sophisticated cyber threats businesses face today?
A: When we discuss autonomy in cybersecurity today, we are fundamentally talking about agentic AI. AI itself is evolving through multiple stages of maturity, and autonomous decision-making represents one of the most advanced phases of that evolution.
At first glance, autonomous security response appears highly promising. Imagine a cyberattack being detected, analysed, and neutralized automatically in real time. Naturally, that sounds efficient and effective. However, the critical question is this: how accurate was the analysis before the system executed that action?
Accuracy remains the defining challenge. The effectiveness of any autonomous response depends entirely on the maturity of the AI model, the quality of its training, and the depth of the intelligence it has been exposed to. In the cybersecurity domain, that level of reliability is still evolving. As a result, organizations cannot rely blindly on AI-generated analysis or assume that every autonomous action will always be correct.
This is precisely where human expertise becomes indispensable. Security analysts must validate AI-driven insights, apply contextual judgment, and add a layer of human intelligence before converting those recommendations into autonomous actions. Human oversight ensures that security decisions remain measured, accurate, and aligned with organizational risk tolerance.
Equally important, every autonomous action must operate within a framework of governance and accountability. Accountability cannot rest with AI systems alone. AI can execute actions, but it cannot assume responsibility for the consequences of those actions. Only humans and organizations can provide that level of governance.
For example, as a cybersecurity vendor, even if we provide customers with tools capable of autonomous response, we cannot assume accountability for every incorrect or unintended action the system may take. That responsibility ultimately resides within the governance structure established by the organization using the technology.
Therefore, we consistently advise our customers to approach autonomy with balance and discipline. Autonomous capabilities are powerful and transformative, but they must operate within clearly defined governance models, validation mechanisms, and human oversight frameworks. Organizations cannot depend on automation alone. They must ensure that every autonomous system functions under responsible control, continuous monitoring, and informed human supervision.
Q: How can organizations effectively leverage AI, blockchain, and other advanced technologies to strengthen cybersecurity resilience and minimize exposure to evolving cyber threats?
A: Blockchain has fundamentally disrupted the traditional cybersecurity landscape. The moment blockchain technologies began gaining global adoption, they introduced an entirely new set of security, governance, and operational challenges. Even today, cybersecurity within blockchain ecosystems remains one of the industry’s most complex and unresolved questions. Organizations worldwide are still evaluating how to effectively enforce robust cybersecurity frameworks in decentralized environments.
The challenge exists because blockchain architectures differ significantly from conventional enterprise systems. Traditional security controls were designed for centralized infrastructures, whereas blockchain operates on distributed trust models. As a result, many existing cybersecurity approaches cannot be directly applied without significant adaptation.
However, the emergence of AI is beginning to create new opportunities for improving security controls within blockchain ecosystems. AI-driven security frameworks can help organizations monitor decentralized environments more intelligently, identify anomalous behaviours faster, and automate portions of threat analysis and response.
At the same time, organizations are increasingly adopting unified security frameworks that integrate multiple point technologies into a centralized control architecture. This approach improves visibility, streamlines triage processes, reduces alert fatigue, and enables more coordinated incident response capabilities across complex digital environments, including blockchain-based systems.
That said, blockchain cybersecurity is still evolving. It is a vast and highly dynamic domain, and the industry is only beginning to establish mature governance and security models around it. While meaningful progress is being made, organizations continue to evaluate the most effective strategies, frameworks, and technologies to secure their customers, data, and digital ecosystems against emerging blockchain-related threats.
