Enterprise AI Team

Navigating the Speed of AI Security Evolution

February 12, 2026
Share this blog post

Lynton Oelofsen doesn’t describe cybersecurity as a static discipline. He sees it as a constantly evolving race with adversaries and technology moving at ever-greater speed. For the Chief Information Security Officer at Associated British Foods (ABF), artificial intelligence and automation aren’t buzzwords or distant possibilities. Instead, they are catalysts that will both elevate attacks and radically reshape how defenders operate across sprawling global environments.

Oelofsen frames security operations not just in terms of tools and alerts, but through a lens of organizational change, tactical adaptation, and the need for thoughtful governance, especially as generative AI becomes accessible to both attackers and defenders alike.

Legacy Security Models Can’t Keep Up with Scale

Associated British Foods is no small enterprise. Oelofsen explained that he’s responsible for cybersecurity across 70+ entities, 53 countries, and 130,000 people, a scope that introduces complexity most CISOs never encounter.

He described how security transformed over the course of his career: early on, cybersecurity was a matter of access controls and antivirus on a few machines. Fast forward, and organizations now contend with remote access, SaaS platforms like Salesforce and Workday, and cloud providers that control systems you once managed locally.

“That control and that security component that you would have had on-premise…is now broadened out to…somebody else’s control.”

This shift creates two paradoxes for security leaders: you lose control of infrastructure by adopting cloud services while simultaneously increasing attack surface and dependency on external vendors. According to Oelofsen, this is one reason traditional models, which focus on perimeter defenses or isolated vulnerability patching, simply don’t scale.

“It’s like the Golden Gate Bridge…you paint from one side and you get to the end and you pretty much have to start again. That’s what vulnerability chasing around felt like.” This constant chase reflects an evolutionary gap between how enterprises deploy technology and how security teams historically responded.

Targeted Investments Deliver Disproportionate Value

To close that gap, Oelofsen described how ABF prioritized security efforts where they would have the greatest operational impact:

  • Email protection against business email compromise because inbound and outbound email never goes away.
  • Vulnerability management capability adopted early and expanded over time to shift from reactive patching to proactive risk reduction.
  • Brand and reputational protection by registering domains, email addresses, and other digital assets that attackers often spoof.
  • Modern endpoint protection (EDR/XDR) was crucial for detecting behavioral anomalies at scale, far beyond what a human eye can handle.

These priorities reflect an understanding that security spend must amplify risk reduction where threat vectors are most aggressive — not just check boxes on a compliance spreadsheet.

The Double-Edged Sword of Generative AI

When asked about the future, Oelofsen didn’t shy away from the implications of generative AI for attackers.

“There is a skill augmentation in terms of the attack vector…your ability to leverage generative AI to write crafted, well-positioned emails that are specific to what someone’s doing…starts to become a real concern.”

He described how AI could accelerate multiple attack stages: the rapid generation of highly convincing phishing emails, narrative fabrication that appears indistinguishable from truth, and automated scaling of social engineering.

Oelofsen shared a real-world observation from peers: adversaries are producing phishing emails of a quality that would have been unlikely without AI assistance: not because of obvious markers, but because they are now harder to distinguish from human-crafted content.

Beyond communication vectors, Oelofsen also cautioned about data misuse once information has been exfiltrated: “You can shove a whole bunch of information into a ChatGPT-type tool…you could probably weaponize the information…much faster than you would have done in the past.”

This insight shifts the conversation: defense must not only guard against initial intrusion but also anticipate how AI will magnify the impact of a breach once it occurs.

AI-Powered Defense

Despite the bleak portrayal of AI misuse, Oelofsen also emphasized the positive side of AI for defenders. He envisions a future where AI augments detection, investigation, and prioritization to reduce human cognitive load: “You could set up…AI modelling that allows you to always assume breach and follow a process…dropping the gritty stuff into an analyst’s inbox so they can go after it.”

In his view, AI can transform SOC workflows by consuming alerts, reducing noise, and highlighting anomalies that matter, allowing human analysts to focus on investigation and response rather than rote triage. He framed this as “game changing,” particularly for organizations overwhelmed with alerts and constrained by finite security headcount.

Rethinking Security Talent for an AI-Augmented Future

AI not only influences tools; it also reshapes expectations for security professionals.

While Oelofsen noted that ABF has not yet formally changed hiring criteria based on AI, he acknowledged that future talent profiles may shift:

“You probably start to look for slightly different qualities…more challenging and investigative around what’s coming out.” This underscores a broader shift: as AI handles repetitive tasks, security teams will need stronger analytical and investigative skills: the human qualities that machines can’t replicate.

Staying Ahead Through Collaboration and Learning

Oelofsen offered practical advice for staying current in a landscape where threat intelligence, tooling, and attacker behavior evolve rapidly. He stressed the value of leveraging internal expertise and external communities:

  • Rely on security engineers and analysts who love the technical details and can brief leadership on emerging threats.
  • Participate in peer groups, chat forums, and boards where CISOs share strategies and response experiences, akin to having a “LLM built on actual people.”

Lessons Learned

Across the episode, Oelofsen conveyed several strategic lessons for modern security leaders:

  • Security is evolutionary, not static. Constant vigilance and adaptation are necessary as environments and threats evolve
  • AI accelerates both attack and defense. Defenders must invest early to harness AI for investigation and noise reduction.
  • Finite resources demand prioritization. Disproportionate value comes from targeted investments like email defense, vulnerability management, and endpoint analytics.
  • Human expertise and community remain essential. Networks of trusted peers and specialists can provide context no tool alone can replicate.

For CISOs navigating global scale and technological acceleration, Lynton’s perspective is both a call to arms and a roadmap for aligning security strategy with the realities and opportunities of an AI-augmented world.