T.J. Marlin is the Founder & CEO of Guardrail Technologies, former Global Forensic Technology Leader and expert voice in AI security.gettyOn November 13, 2025, Anthropic disclosed that a state-sponsored group had used an AI coding agent to autonomously run full attack chains across roughly 30 global targets spanning technology firms, financial institutions and government agencies. The AI handled 80% to 90% of the tactical work without human direction. Five months later, the same company released Claude Mythos, a model that found thousands of previously unknown vulnerabilities across major operating systems and browsers, including a now-patched 27-year-old flaw buried in OpenBSD. Mythos' exploit success rate against Firefox's JavaScript engine was 72.4%. A prior model produced two working exploits in the same test. Mythos produced 181.​Most boards haven't been fully briefed on any of this.​For 30 years, the cybersecurity profession operated on a workable assumption: The people trying to break into your network were constrained by the creativity and imagination of the bad actor, as well as the number of human bad actors. There were only so many elite hackers, and they had to choose targets and align with state directives. They had to write their own code. This constraint is now gone. According to the American Security Project's October 2025 "Cloud of War" report, AI-assisted cyber infiltrations have increased 220% year over year since 2022, with cloud intrusions surging 136% from 2024 to 2025. The window between vulnerability discovery and weaponization has consistently decreased, per Mandiant's M-Trends reporting. Against AI-driven attackers, I've found that window often narrows to hours. By the time your patch committee schedules its daily meeting, the exploit is already in the wild.​This is not a hypothetical war. Salt Typhoon, a Chinese state-sponsored group, penetrated at least nine U.S. telecommunications providers. A second group, Volt Typhoon, was found embedded inside U.S. electric grid infrastructure. Then-FBI Director Christopher Wray called it "the defining threat of our generation." Alexei Bulazel, the senior cyber official at the National Security Council, was more direct. He said: "I also think about the technology that’s deployed in critical infrastructure contexts. This is not the best-in-class software or hardware." In light of this, I believe the systems running American water, power, finance and hospitals are running on code that nobody would accept in a consumer smartphone.​The threat from inside the enterprise compounds all of this. Bruce Schneier, writing in April 2026, observed that AI-generated code is "generally filled with vulnerabilities, both because AIs write insecure code and because the people vibe coding don't understand security." Independent researchers at BaxBench found that "62% of the solutions generated even by the best model are either incorrect or contain a security vulnerability, highlighting that LLMs cannot yet generate deployment-ready code."I look at it like this: Every employee with a laptop has become a software supplier to your company. Every one of those suppliers ships unaudited code into production.​The geopolitical backdrop makes all of this harder to manage. At the Munich Security Conference in February 2026, with 60 heads of state in attendance, General Magowan of the U.K. Ministry of Defence told the audience plainly: "If we play by the rules, we will lose." The United States has withdrawn from the Global Forum on Cyber Expertise, the European Hybrid Threat Centre and the Freedom Online Coalition. The multilateral safety net that boards have been quietly assuming exists is being dismantled. We need to start focusing on data integrity, the silent corruption of the information organizations use to make decisions. Trading models, patient records, grid telemetry and audit trails are now attack surfaces in ways they were not a year ago.​For boards, this requires abandoning three assumptions that have governed enterprise risk management for a generation.​1. Cybersecurity is no longer an IT line item. It is a survivability function on the same level as liquidity and physical safety. The right question for a CISO is not whether the company is patched, but rather what the blast radius looks like when a breach occurs this quarter.2. Critical infrastructure is not a designation that applies to someone else. If your organization operates in financial services, energy, healthcare, logistics or telecommunications, you are a target under any current threat model. Adversaries do not consult the Department of Homeland Security's sector classification before choosing an entry point.​3. AI adoption and AI risk are not separate conversations. Every coding agent your engineers deploy, every retrieval system connected to internal data and every autonomous workflow stood up to reduce headcount is also a new attack surface. In his blog post linked above, Schneier calls this "the trusting trust problem" of the AI era. Leaders must adopt with the same governance they would apply to letting a contractor wire your trading floor.Boards should not wait for a digital equivalent of the Cuban Missile Crisis before serious governance gets built. The window in which this can be treated as a technical issue, delegated downward and reviewed annually, has closed.​​Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?