Cisco and OpenAI outline AI's growing role in cyber defence

Cisco and OpenAI have outlined how AI agents are changing enterprise cyber security, with both companies arguing that automated systems can strengthen defence by identifying vulnerabilities, proposing fixes and responding to attacks at machine speed.

Executives from the two companies said AI is moving security teams beyond traditional monitoring and governance towards automated remediation, while stressing that human oversight, layered controls and trusted guardrails remain central to safe deployment.

Trusted guardrails

Drew Hintz, Product Security Lead, OpenAI, said trusted guardrails enable organisations to give AI agents greater responsibility without increasing unnecessary risk.

"I think guardrails are super important. In fact, I think that they actually accelerate and they increase the velocity of what we can actually do with these agentic systems. Because if we can have guardrails that we really trust, guardrails that implement the things that we want, then we can trust the agents to actually take more actions," said Hintz.

Hintz said OpenAI combines two categories of controls. One consists of non-deterministic guardrails embedded within AI models to align behaviour with company policies and user intent. The other uses established security techniques including sandboxing and network controls to limit the impact of mistakes or misuse.

He said organisations need both approaches because deterministic controls reduce the potential consequences when AI systems make incorrect decisions.

Anthony Grieco, Senior Vice President and Chief Security & Trust Officer, Cisco, said organisations also assess how external AI providers handle enterprise data before approving models for internal use.

He said Cisco evaluates how information is stored, who can access it and whether customer data is used for model training before deciding which models employees can use. The company also matches different AI models to specific business functions rather than giving universal access across the workforce.

Automated defence

Cisco has shifted its security organisation beyond identifying vulnerabilities towards automatically fixing them.

Grieco described how AI now supports Cisco's internal security teams by identifying software vulnerabilities, generating patches and running automated regression testing to prevent issues returning in future software releases.

The company has also built AI systems that automate red team testing across large software portfolios.

"We announced yesterday in a blog post I put out, we've scanned 1.8 billion lines of code in eight weeks, finding through that fully automated system. That's what the future looks like with AI when you really embrace it," said Grieco.

Hintz said AI allows defenders to prepare systems before attackers strike by continuously strengthening software, tightening security policies and monitoring infrastructure.

He also argued that AI providers have an advantage because they can identify malicious users of frontier models and remove their access before further attacks occur.

Agent oversight

Both executives said organisations will increasingly rely on AI systems supervising other AI systems.

Hintz explained that OpenAI introduced an automated review process after observing that developers frequently approved routine AI actions manually or enabled unrestricted operating modes that reduced oversight.

The review system uses another AI model to assess whether proposed actions should proceed, based on previous engineering decisions and internal security policies.

Hintz said this enables AI agents to perform more work without requiring people to approve every action individually.

Grieco said Cisco applies similar principles by encouraging AI systems to question the outputs produced by other agents instead of assuming they are correct.

He said that scepticism becomes another security control as organisations deploy increasingly complex multi-agent workflows.

The executives also said AI lowers the cost of developing customised security controls, allowing organisations to replace broad policies with more specific protections tailored to individual users, systems and applications.

Three years

Both companies expect AI-driven cyber defence to become significantly more common over the next three years, although they acknowledged uneven adoption could leave some organisations exposed.

Hintz said widespread deployment of AI security agents could make advanced cyber protection available to smaller organisations that currently lack specialist security teams.

He also warned that institutions delaying adoption may face greater exposure if attackers embrace AI more quickly.

"Most people today might not be using agents because they don't trust them. But the reality is, if you don't get dexterous with the use of agents, you will inherently be less secure," said Hintz.

Grieco said AI has the potential to embed security into software development and operational systems more consistently than traditional manual processes.

"I think the broader that we get the adoption, I think the better we're going to have a shot at ending up in a happier place. I do think that that space where we see this uneven distribution of this technology is the thing that we've got to collectively focus on. How do we get folks across that chasm so that we're in three years, we're in a better spot?" said Grieco.