In an interview with BW Businessworld, CrowdStrike Chief Business Officer [color=hsl(0,75%,60%)]Daniel Bernard, during his recent visit to India, spoke on how artificial intelligence (AI) is fundamentally reshaping the cybersecurity landscape, accelerating attacks, transforming vulnerability management and rendering the decades-old concept of “Patch Tuesday” obsolete as organisations move towards continuous, real-time patching in the age of AI. Edited excerpts:
How has the cybersecurity industry changed since late 2022, when generative AI really entered the picture? What was AI in cybersecurity before that?
If I go back to 2022, AI was buzz. There was a lot of noise and curiosity around it, but it wasn’t clear how it would directly impact cybersecurity. We talked about AI in the hands of adversaries being bad, but for enterprises, AI was more like the next generation of a search engine.
You would ask ChatGPT a question and get a more thorough answer than Google, but if you asked the same question twice, you got two different answers. That was basically it at the time.
Things really changed in the last six months. Version one of AI was web-based chatbots. Version two was when agents started to become real, not just Claude Code, but also Codex and others. Instead of asking a question and getting a Google-like response, you could create an end-to-end workflow and have the agent actually produce something. That’s when things started to get real from a productivity standpoint.
How does this change the cybersecurity demand story?
AI is absolutely a demand driver for cybersecurity. AI in the hands of adversaries is bad because they’re able to attack faster, create better attacks, and now uncover vulnerabilities and turn them into exploits.
From the defender’s perspective, AI also changes which cybersecurity companies are relevant. Some categories will get helped by AI, others will get hurt. It so happens that CrowdStrike and the Falcon platform are firmly on the side of AI being a demand driver, and in fact necessitating more of Falcon in customer environments.
Just like GPUs are the building blocks of large language models, cybersecurity is the building block of secure AI adoption.
You’ve said that AI has fundamentally changed cyber risk for enterprises. How so?
What chapter two of AI brought to light for boards, CEOs, CIOs and CISOs is that AI can be transformational for the business. It can change hiring curves and cost curves. But it also fundamentally changes cyber risk. Before enterprises let their workforce go wild with AI tools. Today, they need guardrails. They need to know what tools are being used and have the cybersecurity technology in place to keep it secure.
That brings us to vulnerability management. You made a strong statement that “Patch Tuesday is dead.”
For the last 20 years, vulnerability management worked like this: you ran a scanner once a quarter, maybe once a month, it never really finished, and you got a snapshot of vulnerabilities. Then you’d have Patch Tuesday once a month, where Microsoft would release patches, and that was the vulnerability market.
“In the new world, Patch Tuesday is gone. It’s dead. The new world is Patch Every Day.”
Instead of taking a balance-sheet approach to vulnerabilities — snapshots four times a year — we now take a cash-flow approach. It’s continuous, dynamic and real time. You’re constantly seeing your exposure, both internally and externally.
What’s driving this shift to continuous patching?
Frontier AI can now understand and find vulnerabilities in code at a depth humans could achieve before, but only very slowly. Now it happens in real time. These models can also link vulnerabilities together and show how they can be weaponised in a chain. That’s what makes them really lethal. Before, we saw cracks in the wall only when they were big. Now we can see the hairline cracks before the structure is even questioned.
The challenge is prioritisation. When you can see hairline cracks everywhere, you need to decide what actually matters and what to fix first.
Does this mean we’ll see fewer vulnerabilities over time?
In code, yes. Software development has moved from a manual, artisan process to what I’d call an agentic process. That means we should produce more secure code with fewer vulnerabilities in the future. But now with the code and hardware that the world is using, AI is providing a fresh set of eyes that are finding vulnerabilities we couldn't really see before.
That brings us to Project QuiltWorks. What was the thinking behind it?
In the hysteria and fascination around frontier AI models, people asked, “what do I do?” What we heard from our customers and partners was: help us make sure we're ready. Sort of a Y2K moment. So we said, okay, take a breath, have a strategy. Let’s be prescriptive. Use the Falcon platform, flip on our exposure management solution and Falcon for IT. Exposure management turns the light on all these vulnerabilities and directly links into Falcon for IT, which handles remediation. Start closing the gap. Start doing the patching.
"We’re going to patch more in the next two years than we've patched in the last 30"
Then use your favourite LLM such as Anthropic, Claude Code, ChatGPT, whatever you want really, and leverage open source tools to get the frontier AI approach to what additional vulnerabilities are out there. Then start working on remediation and patching.
IT firms such as TCS, Infosys, Wipro, HCL, Cognizant have joined QuiltWorks. Why does this matter specifically for them?
They’re hearing it from their customers, and they’re in the right place at the right time to make a huge difference. They predominantly serve the Global 2000, large organisations with significant budgets doing critical things: logistics, manufacturing, healthcare, food and beverage, retail, transportation. All these companies need to solve the vulnerability problem and patch. And they don’t have the teams. Their teams are the teams of these Indian GSIs. QuiltWorks is a methodology, a program that IGSIs can point to and say, “we’re part of this.” Because the customer knows CrowdStrike, and the customer wants a CrowdStrike-approved plan on how to solve this problem.
How does India fit into the evolving cybersecurity picture?
Five to ten years ago, India was slower than the West and more price-conscious. Today, Indian CISOs are leading from the front. They want the same cybersecurity platforms that Fortune 500 companies use, and they’re willing to pay for them. India is also incredibly important for cybersecurity talent. Many global SOCs operate here, and people want to be trained on platforms like CrowdStrike's because those skills are transferable globally.
Does agentic AI reduce the need for cybersecurity professionals?
The work will change, but the need for people won’t. This is like autopilot in aviation. We didn’t stop needing pilots, we in fact flew more planes. New problems will create new jobs. Cybersecurity remains one of the strongest career paths in technology, and that’s especially true in India. |
