Stop Catching Up: What Agentic AI Can Fix in Cybersecurity
Secure Like You Mean It... Would we let our AI Agents do it?
Cybersecurity is often perceived as being at a breaking point. The speed of business outpaces the tools and workflows meant to protect it. I explore how agentic AI can build security that's faster, smarter, and truly scalable.
Hello Cyber Builders 🖖
This week, I wanted to share another angle on Agentic AI and Security. Moving away from marketing claims, but anchored in the daily life of many security professionals. This is indeed a recurring theme in this newsletter, but I believe it represents a significant shift, and we need to build a future where more cybersecurity is done collectively.
Doing more cybersecurity will require more AI. I am working on the capabilities of current models, and every week, we are seeing new models emerge. I plan to post more on this topic soon.
In this post, I aim to focus on the harsh reality of security professionals and where AI can have an impact.
If you’re feeling like you're constantly behind, like every week brings a new business application to manage, a new policy to review, or a new threat to triage, you're not alone. You're not falling short. You're operating in a system unsuitable to the pace of what cybersecurity demands today.
What makes it more challenging is that much of our time gets swallowed by repetitive, low-impact tasks. Manual reviews. Paper-heavy compliance workflows. Tools that look powerful on paper but require weeks of integration and constant babysitting to function at half-capacity.
I believe this is where we need to think about the role of AI in cybersecurity — not as another silver bullet, but as a practical and immediate enhancement.
In this piece, I want to walk you through the real friction points. I want to show you how AI can — and should — be stepping in to relieve that pressure, starting right now.
If you agree with my thoughts in this post, I would be delighted to discuss them with you. Let’s brainstorm together and envision the future of cybersecurity. Please send me a message.
📌 In this post
Why today’s cybersecurity workflows are broken — and how AI can help
How compliance automation is the perfect starting point for agentic AI
Why Shadow IT is the new black — and what AI should do about it
The end of monolithic security stacks, and the rise of modular, AI-powered agents
How to think like a security engineer and build agility, not just alerts
Compliance is Not Security - Let AI Automate It
“Compliance is not Security”. Yet we waste hours, days, or even months on compliance tasks- checking controls, completing audit papers, and scheduling reviews. For many Cyber Builders, these don't enhance security; they deplete your energy and distract you from impactful work.
I recently spoke with a CISO from a large bank. They had just ramped up for DORA compliance. To tackle it, they hired over 100 security consultants — 100!
And what did they get? A mountain of new documents, some more governance frameworks, and a whole lot of new process overhead.But when you take a peek under the hood, you'll find that there are no new controls, no fresh detection capabilities, and no additional defenses. It's not that they were safer; they became more compliant.
Here's the shift: Compliance operations should be automated! Once a policy is established with clear rules, designated ownership, metrics to monitor it, and a specified timeframe for action, let automation take over and handle the rest.
You shouldn't have to manually chase non-compliance cases.
You shouldn't have to run reviews manually.
You shouldn't have to prepare for every audit manually.
AI is finally mature enough to handle it. I believe that multiple use cases in compliance-driven cybersecurity satisfy the rules for building an agent.
I discussed this in a previous post.
Cybersecurity & AI Agents: Not Every Task Deserves One
A breakdown of Barry Zhang’s agent checklist—adapted for real-world cybersecurity use cases
How coding and customer support nailed agent design (and why they work)
A reality check for SOC alert triage agents: where they shine and where they still fall short
A clear conclusion: building agents in 2025 is all about reliability and UX, not about building AI
Applying the checklist to compliance monitoring and enforcement cases:
1️⃣ Is the task complex enough? ✅ Yes. It requires checking multiple documents, collecting data from various sources, and understanding the relevant policy to ensure its application.
2️⃣ Is the task valuable enough? ✅ Yes. How many people are paid to perform manual reviews and consolidate security dashboards?
3️⃣ Are all parts of the task doable? ✅ Yes. APIs, MCP Servers, LLM, Long Context Windows. All building blocks are there.
4️⃣ What’s the cost of error? 🤔❓ Ideally Low. As most of the time is spent collecting, consolidating, and verifying with other humans, we would suppose that any errors will be detected early. Still, a misinterpretation of a control requirement by an AI could be more insidious, potentially leading to different outcomes.
I am still hopeful that, with better models, compliance checking will become automated within a few years, or possibly even months.
Shadow IT Is Now Merely... IT - Let AI Automate It
No one’s waiting for security approval to adopt a new app anymore. People are experimenting, testing, and deploying tools that help them move faster and do better work. That’s innovation. That’s business acceleration.
Whether you’re in a startup or a global enterprise, it’s the same story.
The perimeter isn’t just expanding — it’s disappearing.
Mobile, cloud, IoT... and now AI.
The new stack no longer sits neatly within your controlled environment. It lives on personal devices, across SaaS platforms, and runs through public networks you don’t manage.
The traditional security model — block, filter, gatekeep — doesn’t scale in this world.
You can’t sit in the middle of a mobile user’s connection to a cloud app running on a public 5G network. There’s no gateway to monitor. No appliance to configure. No central choke point to control.
This is where AI has to step in. We need AI agents that act like digital assistants for security teams. They should help review new apps automatically. They should flag risky behavior without requiring complex rule-building. They should learn from how your organization works and adapt to new patterns fast, not weeks or months later.
Let me take an example: your marketing department introduces a new SaaS application to facilitate promotional campaigns and enhance your e-commerce web sales. The business need is solid. Still, it raises several questions: who will gain access to the app? Who is authorized to download the user list containing personally identifiable information (PII) data? The marketing manager is unaware and has already begun deployment.
AI Agent steps in to assist by automating health checks. The CISO and his team requested the enforcement of multifactor authentication (MFA) for all SaaS applications, initially focusing on administrators but ultimately extending to all corporate users. AI Agent will handle the initial setup, ongoing monitoring of the application, and enforce compliance.
In this regard, context plays a crucial role: how does this agent effectively grasp the underlying business needs rather than simply identifying patterns? It must discern between a precarious configuration and a deliberate, risk-tolerant approach tailored for a specific, short-term initiative.
Achieving this level of context demands a profound integration and comprehension, but it would be faster, more pragmatic, and more agile.
Monoliths Can’t Save You - Let AI Make Cybersecurity More Agile
Security teams are being asked to protect more than ever, with tools that were never designed for this scale.
They’re buried in alerts. They’re swamped with compliance checks. And the perimeter they’re supposed to defend? It morphs daily, faster than configuring controls in existing tools. These same tools aren’t built to move fast. They’re not modular. They’re not adaptive.
Security stacks today are dominated by monolithic platforms — massive systems that attempt to do everything but struggle to evolve.
If you want to handle a new threat? → 💥 New vendor.
If you want to handle a new use case? → 💥 New point solution.
If you compare that to how modern IT and DevOps operate.
Cloud engineers use microservices.
They script workflows.
They reuse lightweight tools, just as a craftsman uses their toolkit — agile, modular, and designed for change.
And that’s where AI should flip the game. AI-powered cybersecurity tools should start to look like Lego blocks. Composable, reusable, and instantly available. That’s the agility we need. That’s how we stop adding more tools every time something changes.
This view is close to a discipline called Security Engineering. In a nutshell, it means opting for building security over time, as in software engineering, civil engineering, or any other engineering domain. It involves planning, documentation, peer reviews, and continuous improvement. It requires a coherent set of tools that are interconnected, with each component realizing key specific functions.
In 2023 and 2024, Ross Haleliuk from Venture in Security released two detailed articles on this subject ([1] and [2]). However, it's clear that this vision remains unachieved: security departments struggle to keep pace, and security professionals aren't typically software engineers.
This is why I believe AI can introduce greater agility and dismantle the monolithic structure. But this requires transforming how security teams operate, their integration within IT and business processes, and their connection to the daily experiences of users.
Conclusion
The fundamental shift isn’t just about adding AI to cybersecurity.
It’s about changing how we work: increasing cybersecurity, enhancing controls, becoming more embedded in operations, adapting faster, learning better, and acting quicker.
Security must evolve from rigid, reactive systems to dynamic, agile processes — and AI will catalyze this change.
Would AI ultimately free us from the slow and repetitive practices that hinder our progress, and help us build a more resilient and responsive future for cybersecurity?
If you’re passionate about building the future of cybersecurity, let’s connect.
👉 Message me, comment, or share your thoughts
Where do you see the most significant opportunity for AI in security today?
What blockers are you facing?
What ideas are you exploring?
Cybersecurity won't reinvent itself — we have to build it. Let’s continue the conversation.
Laurent 💚
Great read, and by the end of the year I know there will be more agents woven into our current systems!