Cyber resilience has been a core focus in cybersecurity for years.
During my recent conversation with Brandon Willitts, Director of Product Management for Cyber Resilience at Everpure, it became clear that artificial intelligence (AI) is rapidly changing how organizations approach resilience strategies.
According to Willitts, AI is not creating entirely new security problems as much as it is accelerating existing ones.
Organizations that still struggle with identity management, vulnerability remediation, and configuration management may find those weaknesses exploited much faster in the AI era.
One point that stood out during our discussion was Willitts’ description of AI as “machine identity with escalated privileges.”
He explained that organizations failing to establish foundational controls around identity, access management, and infrastructure security are likely to see AI-driven threats amplify operational risk.
While AI introduces major opportunities around automation, contextual analysis, and operational efficiency, it also compresses the time defenders have to respond to threats.
Willitts noted that some modern AI-assisted attacks can move from exploitation to impact in as little as 15 to 30 minutes.
- Key Takeaways from the Cyber Resilience Conversation
- Why cyber resilience is becoming a business priority
- What malwareless attacks reveal about recovery readiness
- Why cybersecurity fundamentals still matter
- Complexity is becoming a security risk
- AI is reshaping software supply chain security
- Cybersecurity is moving toward machine-speed defense
- Cyber resilience is the new security priority
Key Takeaways from the Cyber Resilience Conversation
- AI is accelerating cyber threats and compressing response times, with some attacks reaching impact in as little as 15 to 30 minutes.
- Cyber resilience is evolving beyond just security operations and becoming a critical component of business continuity and operational availability.
- Malwareless attacks using legitimate credentials are making backup validation, immutable recovery, and recovery testing increasingly important.
- Security complexity and disconnected tools are creating operational gaps that attackers can exploit across enterprise environments.
Why cyber resilience is becoming a business priority
The conversation also explored how cyber resilience is evolving beyond traditional security operations and becoming tightly connected to business continuity and service availability.
Willitts emphasized that downtime is increasingly becoming an existential risk for organizations, especially in industries like healthcare, finance, and e-commerce where digital service delivery directly impacts revenue and customer trust.
He explained that many organizations historically treated cybersecurity, disaster recovery, and business continuity as separate functions with different teams and budgets.
Today, however, those silos are becoming operational liabilities.
Willitts mentioned that every security incident is ultimately an availability incident, meaning organizations must align security, site reliability engineering (SRE), and recovery operations much more closely.
What malwareless attacks reveal about recovery readiness
One example discussed during our conversation involved a malwareless attack against a Fortune 100 company that resulted in the destruction of a large portion of its compute environment.
Rather than deploying ransomware traditionally, the attackers leveraged legitimate credentials and existing access to wipe critical systems and data.
According to Willitts, the absence of malware made traditional defensive controls less effective because the attackers were essentially operating as authenticated users inside the environment.
The organization was able to recover because it maintained multiple isolated copies of its data alongside immutable recovery capabilities.
Willitts stressed that recoverability validation is becoming one of the most important aspects of cyber resilience.
He warned that organizations often assume backups will work during a crisis without regularly testing recovery procedures under real-world conditions.
Why cybersecurity fundamentals still matter
Throughout the discussion, Willitts repeatedly returned to the importance of “nailing the basics.”
He highlighted several foundational best practices organizations should prioritize, including MFA, zero trust, immutable backups, offsite replication, strong IAM, and reducing unnecessary complexity within security environments.
His point reminded me of a conversation I had years ago with a friend who played in the NFL and won a Super Bowl.
I asked him what the key to winning was, and his response was simple: “We did the fundamentals really well.”
That same mindset applies directly to cybersecurity.
Organizations often focus on the newest tools, while overlooking the foundational controls that prevent many incidents from escalating in the first place.
Complexity is becoming a security risk
Willitts also emphasized that complexity itself often becomes a major security risk.
Organizations operating too many disconnected security tools, cloud environments, or overlapping platforms create gaps attackers can exploit.
According to Willitts, the seams between technologies frequently become the weakest points in enterprise security architectures.
AI is reshaping software supply chain security
AI’s impact on software supply chain security was another major topic during the conversation.
Willitts described software supply chain security as one of the most difficult cybersecurity problems organizations currently face, especially as AI-powered coding assistants and vibe coding accelerate software development at massive scale.
While AI helps developers write code faster, it also increases the volume of potentially insecure code entering enterprise environments.
He cautioned that organizations cannot rely on a single security tool to solve software supply chain risks.
Instead, they need layered visibility into CI/CD pipelines, open-source dependencies, developer workflows, and application security practices.
Organizations should continue focusing on making secure development practices easier and more accessible for developers while reducing opportunities for insecure behaviors and risky workarounds.
Cybersecurity is moving toward machine-speed defense
Looking ahead, Willitts believes AI will continue transforming both offensive and defensive cybersecurity operations.
Security teams may become more efficient through automation and AI-driven workflows, but organizations must also rethink traditional human-driven response processes.
He noted that modern threats increasingly require machine-speed detection and response capabilities rather than relying solely on manual escalation chains and reactive investigations.
Cyber resilience is the new security priority
As AI-driven cyberattacks become faster and more automated, organizations are increasingly prioritizing operational resilience alongside breach prevention.
Modern cyber resilience strategies emphasize rapid recovery, operational continuity, backup validation, and maintaining customer trust when disruptions occur.
For many security teams, effective response and recovery capabilities are now just as critical as threat detection and prevention.