Analysis

AI will compress the attacker learning curve and materially lower cost-per-attempt, which implies a much higher volume of tailored phishing and social-engineering campaigns over the next 6–24 months. Enterprises that can ingest large-scale telemetry and apply real-time behavioral baselining will see win rates improve; vendors with proprietary, cross-customer signal graphs (endpoint + cloud + network) are best positioned to monetize this shift via higher ARR and attach rates. Second-order winners include identity and zero-trust providers, cloud telemetry/observability plays, and GPU/cloud infra vendors that rent cycles for model fine-tuning; losers include single-product legacy AV vendors, cyber insurers with stale pricing models, and consumer platforms that monetize social flows without strong identity proofing. Regulatory and litigation risk rises: mandatory breach disclosure, tighter privacy controls, or carrier-driven underwriting changes could crystallize losses for exposed platforms within 12–36 months and re-rate related insurers. Tail risks: a high-scale, AI-driven campaign that successfully mimics executive voices at dozens of large corporates could trigger large financial losses and force immediate capital/contracting disruption in targeted sectors (days–weeks). Near-term catalysts that would reverse the trend are rapid passkey adoption, wide deployment of network-level AI defenders, or insurer-imposed mandatory MFA/zero-trust clauses that materially raise attacker cost again. The market reaction will be heterogeneous; growth-tier cyber names that already trade on data moat will likely outperform commodity security vendors during the repricing cycle.