AI in the Enterprise: Opportunity, Risk and the New Cyber Reality

The AI Opportunity for Businesses

The conversation around AI is often framed in extremes, either as a transformative force that will redefine industries or as a source of uncontrolled risk. In reality, the impact is more nuanced but no less significant.

AI is already delivering measurable benefits. Teams are becoming more productive, decision-making is being supported by faster and more sophisticated data analysis, and access to organisational knowledge is improving in ways that were previously difficult to achieve at scale. Repetitive and time-consuming tasks are being automated, allowing skilled resources to focus on higher-value activities.

These are not theoretical gains. They are real, and they are already influencing how businesses operate.

AI as a Security Tool

When it comes to security, emerging AI tools certainly present opportunities for ‘white hat’ hackers. Anthropic’s much discussed Project Glasswing has “found thousands of high-severity vulnerabilities, including some in every major operating system and web browser”.

This is hugely significant, but it shouldn’t be lost that these are vulnerabilities that already existed – and the closed working group Anthropic has assembled is working on fixes before hackers can exploit them. Once this type of capability is available more broadly, it should no doubt help cyber defenders shore up their systems – as long as they get there first.

AI as a Threat to Businesses

Now the bad news. AI does not introduce risk in isolation. It amplifies existing vulnerabilities in data management, access control and user behaviour, which are already central to business’ cyber security postures. Introducing proper governance aligned with frameworks like ISO 42001 is essential.

Meanwhile, AI has been lowering the barrier to entry for malicious activity while increasing the sophistication of attacks for some time now. Phishing and social engineering are more convincing and more targeted. Automated attack techniques enable hackers to operate at scale.

Perhaps most significantly, the identification of vulnerabilities is faster and more efficient than ever. Mythos and the equivalent AIs that will follow are going to blow this wide open: Experts anticipate that businesses will begin to feel the impact in the next 12 months.

If you’re serious about your business resilience, now is the time to ensure your actions are proportionate to the risks you face.

What This Means for Businesses – and Why Resilience is Key

The combined effect of AI adoption and an evolving threat landscape is a compression of time.

There is less time to detect issues, less time to respond, and less tolerance for delay or uncertainty. In many cases, this exposes weaknesses that already exist within the business. What this means in practice is that cyber security can no longer sit as a reactive, IT-led function operating at the edges of the business. It must be elevated to a core component of overall business resilience, embedded into decision-making at every level.

AI-powered threats don’t just test your technology; they test your ability to anticipate, adapt, and respond under pressure. Businesses that treat security as a continuous, intelligence-led discipline combining robust governance, real-time visibility, and rapid response capabilities will be far better placed to withstand and recover from disruption.

Those that don’t will find that the speed and scale of AI-driven attacks quickly outpace traditional controls. In this new reality, resilience is not just about defence; it is about maintaining continuity, protecting trust, and enabling the business to move forward with confidence, even as the threat landscape accelerates.

Benchmark Your Cyber and AI Resilience

Six Degrees recently launched the Business Resilience Index – a practical framework designed to help businesses understand their true resilience, benchmark against peers, and identify where to focus investment and action.

There will be another Claude Mythos-like refactoring event. And another. In a world where disruption is constant, resilience can no longer be assumed – it must be measured, owned, and embedded by design. Businesses that do this will not only withstand disruption, but move faster, adapt quicker, and unlock new opportunities with confidence.

To start your journey to aligning your resilience to the risks and opportunities you face, explore the Business Resilience Index today.