---
id: "claim-ai-revolutionizes-threats"
type: "claim"
source_timestamps: ["§ AI is Both an Opportunity and a Risk"]
tags: ["ai", "threat-landscape"]
related: ["concept-ai-weaponization", "concept-technological-sirens-song"]
confidence: "high"
testable: true
speakers: ["Jeffrey Proudfoot", "Stuart Madnick"]
sources: ["governance"]
sourceVaultSlug: "hbr-seg-governance"
originDay: 7
articleStem: "hbr-cl-83-boards-cybersecurity"
sourceUrl: "https://hbr.org/2026/04/boards-are-falling-short-on-cybersecurity"
sourceTitle: "Boards Are Falling Short on Cybersecurity"
---
# AI Is Revolutionizing Cyber Threats as Much as Business Operations

## Claim

The revolutionary impact of AI is **symmetrical**: while boards focus on how AI will disrupt industries and improve efficiency, malicious actors use the exact same technological leaps to automate attacks, generate malware at scale, and craft customized, believable phishing and deepfake campaigns. Threat acceleration matches business acceleration.

**Confidence:** high · **Testable:** yes

## Detail

This is the empirical backbone of [[concept-ai-weaponization]] and the reason the authors warn against the one-sided enthusiasm they call the [[concept-technological-sirens-song]]. The board is asked to hold both truths at once.

## Enrichment validation & nuance

**Strongly supported.** AI is demonstrably used to enhance phishing/BEC, social engineering, and some aspects of malware development; deepfake-enabled executive-impersonation scams have already caused multi-million-dollar losses.

**Nuance:** Some researchers argue AI today *amplifies existing* attack types (scale, personalization, speed) more than it invents wholly new ones, and that defensive AI may narrow the offense-defense gap over time. The directional claim is high-confidence; the precise "revolution" framing carries the caveats in [[concept-ai-weaponization]].


## Related across articles
- [[concept-ai-fueled-threat-escalation]]
- [[claim-ai-increases-attack-ferocity]]
- [[claim-ai-vulnerable-to-hacking]]
