Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AI used to be something security vendors built into their own products. Now OpenAI is going direct, positioning itself as the layer that security runs on. Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I'm Jim and in this episode, I'm joined again by Jon Care, Head of the AI Practice at KuppingerCole, to unpack OpenAI's launch of Daybreak.

AI built exploits and AI driven defence are now colliding in the same battlefield, which changes cyber conflict at machine speed. The new argument is simple, if attackers already use AI offensively, defenders need AI native defence to keep up.

This episode explores Daybreak, OpenAI’s new cyber capability, and the wider AI arms race it signals across the security market. It covers AI attacking AI, access control, vendor dependency, missing oversight and why the future of cyber power may be decided by whoever controls the models.

Data on its own is only raw material. It becomes information when it is structured, and it becomes intelligence when you add business context, which is what turns cyber facts into decisions leaders can act on.

Third party risk used to focus mainly on legal and financial checks. Now organisations have to think about a much wider set of issues, from cyber posture and resilience to operational dependency and concentration risk across a growing supplier web.

Three issues stand out right now, shadow AI hidden across the ecosystem, defenders struggling to manage new exposures, and attackers accelerating faster than security teams can respond. Those three together are reshaping what cyber risk looks like for every business.

One simple prompt change, asking an AI to respond like a caveman with shorter sentences and fewer words, reportedly cut token spend by 75 percent. It is a funny example, but it points to a bigger issue, AI efficiency and cost control will matter far more as usage spreads.

Many AI companies are still running at a loss while businesses rush to build critical services on top of them. If compute costs rise and margins collapse, some of those vendors may disappear without warning, taking business critical processes down with them.

Anyone claiming they have fully solved AI governance is getting ahead of reality. AI is moving so fast that by the time many organisations write the rules, the technology, risks and use cases have already changed again.

AI is hitting security teams from three directions at once. Vendors are already using it, other vendors are selling it as the answer to everything, and attackers are using it to move faster than defenders can keep up.