Why AI disrupts cybersecurity business models?

Two events in the last six months make this question worth answering with specifics instead of speculation.

Event 1: The First AI Orchestrated Cyber Espionage Campaign

In mid September 2025, Anthropic detected a campaign by a Chinese state sponsored group (designated GTG-1002) that used Claude Code as an autonomous penetration testing agent. This was not a case of AI generating phishing emails or writing small snippets of malware. The AI agent researched target environments, wrote its own exploit code, identified vulnerabilities, created network backdoors, and exfiltrated data across roughly 30 organizations including technology companies, financial institutions, and government bodies.

The human operators handled about 4 to 6 critical decision points per attack. The AI performed an estimated 80 to 90 percent of the campaign's tactical operations. The attackers jailbroke the model by breaking tasks into small, seemingly innocent requests and claiming it was a legitimate cybersecurity firm running defensive tests.

Event 2: 500 Zero Days Found by a Single Model

In February 2026, Anthropic's Frontier Red Team published research showing that Claude Opus 4.6 discovered and validated over 500 high severity, previously unknown vulnerabilities in popular open source software libraries. Some of these vulnerabilities had gone undetected for decades in codebases that had fuzzers running against them for years, accumulating millions of hours of CPU time.

The model was not using specialized tooling. It read and reasoned about code the way a human security researcher would, studying past fixes to find similar unaddressed bugs, spotting patterns that tend to cause problems, and understanding logic well enough to know exactly what input would break it.

Why These Two Events Together Tell the Story

These events represent two sides of the same disruption.

The first shows that existing defensive systems cannot keep pace with AI powered attacks. Before this moment, discovering a possible exploit required specific knowledge, research, and custom scripts to take advantage of it. That gap between discovery and exploitation gave defenders time. That gap is closing. When discovery leads directly to exploit generation, with the ability to iterate if the first attempt fails, speed becomes the only variable. If generating and running an exploit takes seconds, an attacker can produce and test dozens of different approaches against a network within a minute.

The second shows that AI based security review finds what human review misses. Projects that had undergone years of testing and fuzzing still contained critical vulnerabilities that a single model identified. This is not a failure of the people who reviewed the code. It is a signal that the volume and complexity of modern codebases exceeds what manual review and traditional automated tools can cover.

The Defensive Problem Nobody Wants to Talk About

For any system to respond to the type of attack in Event 1, it needs another system that can move just as fast and understand the nature of the attack in real time. That defensive system also needs the kind of access usually reserved for network and infrastructure administrators. It will need visibility into all security and network information on every device at least at the network edge.

The technology for this exists. The harder question is organizational. How much authority will you grant an autonomous system to defend your network? Will you allow it to isolate parts of your infrastructure during an active attack? Will you allow it to sacrifice availability of certain services if that is what containment requires? These are not engineering decisions. They are governance decisions that most organizations have not started making.

What This Means for Cybersecurity Business Models

AI security review is no longer optional. It belongs in the development pipeline and in penetration testing. This changes what solutions and systems organizations need in place, and it changes what cybersecurity firms need to offer.

The deeper disruption is about access to capability. The effectiveness of security products is increasingly tied to access to frontier AI models. That access is not guaranteed. If Anthropic, OpenAI, Google, or other model providers decide to compete directly in the security space, it becomes very difficult for existing cybersecurity firms to offer products with comparable capability. The companies building the models have a structural advantage that traditional security vendors cannot replicate through engineering alone.

This does not mean cybersecurity firms disappear. It means their value proposition shifts. Domain expertise, compliance knowledge, integration with existing infrastructure, and trust relationships still matter. But the core technical capability that differentiates one security product from another is moving upstream to the model providers. That is a business model problem that the industry is not ready to address.