Skip to content
Longterm Wiki
Back

Anticipating AI's Impact

web
CSET Georgetown·cset.georgetown.edu/publication/anticipating-ais-impact-o...

Credibility Rating

4/5
High(4)

High quality. Established institution or organization with editorial oversight and accountability.

Rating inherited from publication venue: CSET Georgetown

A 2025 CSET policy-analytical report relevant to AI safety practitioners concerned with dual-use AI capabilities, cyber threat landscapes, and governance of AI in national security contexts.

Metadata

Importance: 62/100organizational reportanalysis

Summary

This CSET report by Andrew Lohn (May 2025) analyzes how AI will reshape the cybersecurity offense-defense balance across five domains: digital ecosystem changes, environment hardening, tactical engagements, incentives, and strategic effects. It finds no single winner—AI aids both attackers and defenders—but identifies concrete steps defenders can take to tilt the balance in their favor. The report warns that several missteps could push the balance toward offense.

Key Points

  • AI will expand the scope of defensive tasks by enlarging the digital ecosystem, but may also reduce monitoring burdens in other ways.
  • AI can replace known human vulnerabilities but introduces new attack surfaces; AI components can aggregate high-risk targets.
  • Defenders may gain more from AI than attackers if they can reliably automate hardening tasks and keep pace with faster vulnerability discovery.
  • Defensive advantage is not guaranteed—poor design decisions by system architects and acquisition officials could favor offense.
  • Strategic risks include AI enabling new threat actors and giving aggressors benefits from increased speed and scale of operations.

Cited by 1 page

PageTypeQuality
Cyberweapons RiskRisk91.0

Cached Content Preview

HTTP 200Fetched Mar 20, 20266 KB
[Skip to main content](https://cset.georgetown.edu/publication/anticipating-ais-impact-on-the-cyber-offense-defense-balance/#main)

![](https://cset.georgetown.edu/wp-content/uploads/Anticipating-AIs-Impact-on-the-Cyber-Offense-Defense-Balance_Report-Cover-Image.png)

### Reports

# Anticipating AI’s Impact on the Cyber Offense-Defense Balance

Andrew Lohn

May 2025

Artificial intelligence (AI) is beginning to change cybersecurity. This report takes a comprehensive look across cybersecurity to anticipate whether those changes will help cyber defense or offense. Rather than a single answer, there are many ways that AI will help both cyber attackers and defenders. The report finds that there are also several actions that defenders can take to tilt the odds to their favor.

[Download Full Report](https://cset.georgetown.edu/wp-content/uploads/CSET-Anticipating-AIs-Impact-on-the-Cyber-Offense-Defense-Balance.pdf)

### Executive Summary

The cyber domain touches nearly all systems and aspects of society, so any changes to the relative offense-defense balance in cyber could be very impactful. As a digital technology, AI can be expected to have a more direct effect on those balances than in other domains.

To assess how AI may affect the offense-defense balance within cyber, we collected arguments for an offensive or defensive bias in various aspects of cyber operations as well as arguments for what gives cyber its unique character. We then considered how varying levels of AI advancement might strengthen, weaken, or alter those arguments. The results of that analysis are grouped into five categories: Changes to the Digital Ecosystem, Hardening Digital Environments, Tactical Aspects of Digital Engagements, Incentives and Opportunities, and Strategic Effects on Conflict and Crisis.

There is no single answer to the question of whether AI will make cyber offense or defense dominant. Cyber attackers and defenders have too many different goals that can be achieved in multiple ways, but AI is likely to change the cyber landscape in ways that can be predicted and perhaps controlled to some extent.

Although AI will increase the scope of defensive tasks by making the digital ecosystem larger and more complex, it may also reduce the scope of defensive tasks in other ways, such as by decreasing the number of network connections to monitor. AI systems could replace known human weaknesses, but AI components are often vulnerable. AI components could also aggregate too much information or control into high-risk digital targets, and eliminating manual controls could reduce resilience during attacks. As system designers, acquisition officials, and users incorporate or implement AI, they will decide how much risk to accept along each of these lines.

AI also promises to further harden digital environments by performing tasks that currently overwhelm defenders. If these tasks can be done reliably by AI and if defenders can keep up with faster discoveries of new vulnerab

... (truncated, 6 KB total)
Resource ID: ced517a1cfe84c8b | Stable ID: Nzk3ODEzNj