AI has made it easier to attack than to defend
In Berlin, the chief executive of ESET — the world's oldest cybersecurity firm — offered a sobering assessment of a technological imbalance as old as conflict itself: that it is always easier to break than to build, to attack than to defend. Artificial intelligence, he warned, has deepened this asymmetry to a degree that demands not merely new tools, but an entirely new philosophy of protection. His answer is not to borrow power from the dominant platforms, but to cultivate something sovereign — European, specialized, and independent — before dependence itself becomes the vulnerability.
- AI has handed attackers a decisive advantage: malware can now be designed faster, and autonomous systems can test and adapt their own strategies until they find a way through.
- The threat is not only technical but geopolitical — when a powerful AI vulnerability-hunting model was released exclusively to American firms, European cybersecurity companies felt the ground shift beneath them.
- A new form of attack has emerged in plain sight: natural-language instructions that look like ordinary text but can direct AI systems to act as weapons, crossing language barriers that human analysts struggle to follow.
- ESET is responding by building its own AI models trained on cybersecurity-specific data, deliberately severing reliance on Big Tech platforms whose access and allegiances cannot be guaranteed.
- The firm adapted its defenses to intercept these new threats within weeks — a sign that the situation is serious but not yet beyond reach, provided the industry moves with urgency and resources to match.
Richard Marko, chief executive of ESET — the Slovak firm that holds the distinction of being the world's oldest cybersecurity company — arrived at a Berlin conference not with reassurance, but with a structural warning: artificial intelligence has made it fundamentally easier to attack than to defend, and the industry has not yet reckoned with what that means.
The asymmetry he described is not merely a matter of speed. AI systems can now operate autonomously, setting their own objectives and iterating through strategies until they succeed. For defenders, who must anticipate every possible angle of approach, this represents a qualitative shift — what Marko calls a new era defined entirely by AI. The old playbooks, however experienced the hands holding them, may no longer be enough.
His response is deliberate and pointed. Rather than adopting the same general-purpose AI tools available to everyone, ESET is building proprietary models trained specifically on cybersecurity data. The reasoning is as much geopolitical as technical. When Anthropic's vulnerability-hunting model was made available almost exclusively to American companies, Marko read it as a signal: European firms that depend on US-controlled AI infrastructure are exposed in ways that go beyond the technical.
Among the more quietly alarming developments he described are what researchers call AI agent skills — plain-text instructions that direct AI systems to perform tasks. Useful for scheduling and correspondence, they can equally be turned into a new class of malware: invisible in the sense that they look like nothing threatening, yet readable by any system trained to act on them, and writable in any language.
And yet Marko did not leave Berlin in despair. ESET's own defenses adapted to intercept these threats within weeks. The window remains open — but only for those willing to invest in specialized capabilities rather than borrowed ones. His closing thought carried the weight of long experience: the firms that will navigate this era are not those who fear autonomous AI, but those who move quickly enough to meet it on their own terms.
Richard Marko, the chief executive of ESET, arrived at Berlin's cybersecurity conference with a warning that has begun to reshape how the industry thinks about its own future. ESET itself is no small player in this conversation—the company was founded in Slovakia in the 1990s and remains the oldest cybersecurity firm in the world. But age and experience, Marko suggested, may not be enough anymore.
The problem, as he framed it, is fundamentally asymmetrical. Artificial intelligence has made it easier to attack than to defend. Attackers now have tools that can design malware faster and more efficiently than ever before. More unsettling still, AI systems can now operate autonomously—setting themselves an objective, then testing different strategies and adapting on the fly until they succeed. For defenders, this represents a shift so significant that Marko calls it nothing less than a new era in cybersecurity, one defined entirely by AI.
The solution, he argues, cannot simply be to adopt the same AI tools that everyone else is using. ESET is investing heavily in building its own artificial intelligence models, trained specifically on cybersecurity data and optimized for defense rather than generic purposes. The company is deliberately moving away from reliance on the large technology platforms that dominate the AI landscape. This choice is not purely technical—it is also geopolitical. When Anthropic's Mythos model, designed to find unknown vulnerabilities in operating systems and browsers, was made available only to a select group of companies, nearly all of them American, Marko saw a warning sign. For a European firm like ESET, that kind of dependence on American-controlled AI felt like a vulnerability in itself.
One of the more unsettling developments Marko described involves what researchers call AI agent skills—essentially natural language instructions that tell an AI system what to do. "Do this, do that," written out in plain text. These instructions can be useful for mundane tasks: answering emails automatically, organizing a calendar. But they can also be weaponized. Because they are just text, they can be written in any language, making them difficult for human researchers to analyze and intercept. They represent a new form of malware that is simultaneously invisible and readable, dangerous precisely because it looks like nothing at all.
Yet Marko stopped short of despair. ESET's own systems have already begun to recognize and intercept these kinds of threats. The company adapted its existing defenses in a matter of weeks. This suggests the situation, while serious, remains manageable—at least for now, and at least for firms willing to invest in specialized AI capabilities of their own. The real question is whether the industry as a whole will move fast enough, and whether smaller companies without ESET's resources will be left behind.
Marko's final thought was almost philosophical. Rather than viewing autonomous AI as a threat to fear, he suggested, the industry might do better to see it as an opportunity to innovate. The challenge is real. But ESET has navigated paradigm shifts before, and Marko believes it will find a way through this one too. The question now is whether the rest of the world's defenders will move at the same pace.
Notable Quotes
With AI capabilities, it is easier to use them for attack than for defense— Richard Marko, CEO of ESET
We need AI models trained specifically on cybersecurity data, not generic models from large technology companies— Richard Marko, CEO of ESET
The Hearth Conversation Another angle on the story
When you say AI makes attacking easier than defending, what exactly do you mean? Isn't defense just a matter of building better walls?
The asymmetry is deeper than that. An attacker with AI can now generate malware variants automatically, test them, and adapt them in real time. A defender has to anticipate every possible variation. It's like trying to catch water with a net that has holes in it.
So you're building your own AI models instead of using OpenAI or similar platforms. Why not just use what's already out there?
Because those models aren't trained on cybersecurity data. They're general-purpose tools. We need something that understands the specific language and patterns of attacks. And frankly, there's a geopolitical dimension too. We don't want to be dependent on American companies for our core defenses.
You mentioned that AI agent skills are just text instructions. How is that a security problem if anyone can read them?
That's exactly the problem. They look innocent. They're just descriptions in natural language. But they can be written in any language, making them hard to analyze at scale. And they can instruct an AI to do genuinely malicious things—automate attacks, probe systems, steal data. It's malware that doesn't look like malware.
What about Anthropic's Mythos model? That seems like it could be useful for finding vulnerabilities before attackers do.
It could be, if it were widely available. But it was only given to a select group, mostly American companies. That's a problem. It concentrates power and raises questions about who gets to know about vulnerabilities first. For us in Europe, it's another reason to build our own capabilities.
Are you saying the situation is hopeless?
No. We've adapted our systems to recognize these threats in weeks, not months. The situation is manageable if you're willing to invest. But it requires speed, specialization, and independence. That's the real challenge.