AI vs. AI: Inside the $20 Billion Race to Secure Cybersecurity’s Next Frontier

Written By Mike May

The AI wave has crashed full-force into cybersecurity. Global security spend will jump another 12 percent in 2025, much of it earmarked for AI-driven defenses (Worldwide Security Spending to Increase by 12.2% in 2025 as ... - IDC), while venture investors poured $20 billion into new startups even as broader tech funding fell (Worldwide Security Spending to Increase by 12.2% in 2025 as ... - IDC, HiddenLayer's 2024 AI Threat Landscape Report). Boards want faster detection, regulators want provable trust, and attackers are weaponizing the same models defenders hope to rely on. Below is where the market truly stands—and how Mountain Theory plans to push the frontier again.

Why spending and urgency are soaring

Generative-AI phishing kits and automated exploit discovery top ENISA’s 2024 threat chart (ENISA Threat Landscape 2024 - European Union). IBM pegs the average breach at $4.88 million, with organizations that embed security AI trimming that bill by about $2.2 million (Cost of a data breach 2024 - IBM). Yet ISC² still counts a 4-million-person talent gap in the global cyber workforce. The math is simple: automate or fall behind.

Defenders lean on AI, but frameworks lag

What works today

Where gaps remain

Attackers are scaling, too

HiddenLayer’s 2024 threat report shows red-teamers automating exploit research with the same LLMs used for code review (HiddenLayer's 2024 AI Threat Landscape Report). McAfee warns deep-fake phishing and AI-written malware will “materialize at consumer scale” in 2024–25 (6 Cybersecurity Predictions for 2024 – Staying Ahead of the Latest ...). Google Cloud CISO Phil Venables calls it “a machine-speed arms race” (Cloud CISO Perspectives: From gen AI to threat intelligence).

Mountain Theory’s next innovation cycle

  • Live trust-kernel telemetry—capturing every prompt, gradient, and weight shift for real-time anomaly detection.

  • Model-layer containment—policy engines that throttle or sandbox suspect behaviors in milliseconds, mirroring Google’s Secure-AI Framework guardrails (Cloud CISO Perspectives: From gen AI to threat intelligence).

  • Cryptographic lineage—signing every dataset and checkpoint; aligns with ISO 42001 and forthcoming EU AI-Act attestations.

  • Open-source integrations—bridging output to MITRE Caldera so SOC teams can replay blocked exploits in their testbeds.

  • AI-SPM dashboard—continuous posture metrics mapped to NIST AI RMF pillars, filling the governance-gap Gartner flags (Tackling Trust, Risk and Security in AI Models - Gartner).

What to watch through 2026

  • Google’s $32 billion bid for Wiz signals cloud giants will buy rather than build advanced AI-SPM (Why Google made a $32 billion bet on Wiz | The Verge).

  • CISA is expected to release conformance criteria for its AI Roadmap, likely turning voluntary best practices into procurement baselines.

  • ENISA’s next threat update will add model-supply-chain metrics, raising the bar for provenance logging.

AI will not replace analysts, but analysts who wield AI—securely and transparently—will replace those who don’t. Mountain Theory’s roadmap aims to make that edge durable: autonomous trust at model speed, verified by cryptography, and visible in dashboards that auditors can respect.

Mike May steers model-layer security R&D at Mountain Theory. Opinions are his own.

Mike May https://mountaintheory.ai
Previous

When a Prompt Becomes a Weapon—The Real-World Risks of Jailbreaking LLM-Driven Robots
Next

White Paper - Emerging Threats to Artificial Intelligence Systems and Gaps in Current Security Measures