Rethinking Cybersecurity for AI Speed in the Mythos Era #AI

See Also: AI Security Risks Rise With Agentic Systems

Legacy approaches to IT services fail under these conditions, with some companies typically taking at least two months to patch vulnerabilities, while attackers can exploit flaws within hours. Farshchi, who previously served as CISO at Equifax, said teams need to move beyond patch reliance and adopt prioritized risk models that anticipate real controls, attack paths and business impact – rather than static scoring systems.

“That old model just doesn’t work anymore. It just doesn’t, and so I think the organizations that are relying on it are already on their heels, and I think it’s just going to continually get worse as these new models arrive,” Farshchi said.

AI-based cybersecurity tools should support security operations through automation, analysis and workflow optimization, though “deterministic” cyber defense controls will still play a critical role in enterprise security, Farshchi said.

In this video interview with ISMG, Farshchi discussed:

• Why patch-based security models fail against AI-speed threats;
• How to prioritize risk beyond CVSS scoring systems;
• The role of AI, automation and countermeasures in defense.

Farshchi serves as CTO at Equifax. Previous as CISO, he led an unprecedented $1.5 billion transformation and built one of the most advanced, effective and transparent cybersecurity and privacy programs in business today. Prior to Equifax, he held leadership roles at The Home Depot, Time Warner, Visa, Los Alamos National Laboratory and NASA.