f in x
AI Attacks in 27 Seconds: Rubrik Redefines Cyber Resilience with Small Language Models
> cd .. / HUB_EDITORIALE
News

AI Attacks in 27 Seconds: Rubrik Redefines Cyber Resilience with Small Language Models

[2026-07-09] Author: Ing. Pietro Maiorana
Zenithby Meteora Web The operating system for your business. Social, clients, bookings and invoices in one platform. Gyms, barbers, professionals. Discover Zenith Free demo · no card

Enterprise cybersecurity faces a fundamental speed problem. Frontier AI models now enable autonomous attacks that can move from initial access to full system breakout in as little as 27 seconds. This is faster than any human-operated security workflow can detect, escalate, and respond. As a result, security operations can no longer assume there is time for humans to intervene between breach and damage.

The response window has collapsed

Dev Rishi, GM of AI at Rubrik, explains that everything relying on process or human-in-the-loop intervention is no longer able to execute at the speed of attacks. If attacks happen in 27 seconds, recovery must happen just as quickly. The security posture enterprises need for the AI era centers on cyber resilience: continuously identifying clean recovery states, mapping critical data and identity dependencies, and automating restoration so operations can recover in hours, not days.

Traditional detection fails against AI-driven attacks

Rules-based logic that has defined enterprise security for decades, such as static access controls and known signature detection, was engineered for deterministic software. AI agents are non-deterministic; they can pursue the same objective through many different paths and circumvent static guardrails. Conventional security checks whether each individual access is permitted, but cannot evaluate whether a sequence of permitted actions across multiple applications constitutes a data leak or an attack. A system that understands context is needed, using AI to look at what an agent is doing and assess the risk of leaking sensitive data externally.

Sponsored Protocol

AI agents blur the line between internal and external threats

Enterprise security historically distinguished between external threats, which are multidimensional and fast, and internal threats, bounded by what a single human could accomplish. That distinction is falling apart as AI agents operate inside enterprise environments. They have access to multiple systems simultaneously and move at speeds no human can match. When an agent makes a mistake, such as a hallucination or unintended data transfer, the resulting damage can look identical to a malicious insider attack. When an external attacker compromises an internal agent, they inherit its full access profile. Runtime guardrails that enforce organizational policies consistently across agents are needed, including an AI-native guardian layer that monitors agent behavior semantically and can block or terminate a misbehaving agent at machine speed, then trigger immediate recovery.

Sponsored Protocol

Preparing for a world of inevitable compromise

Frontier AI models, capable of discovering and operationalizing zero-day vulnerabilities autonomously, are changing the economics of attacks. Interest in Mythos readiness is growing. Enterprises increasingly operate under two assumptions: attacks are inevitable, not exceptional, and investment in resilience and rapid recovery must be treated as strategically as investment in prevention. Recovery shifts from a post-incident activity to a capability that is deliberately designed, tested, and continuously validated. Rishi calls it the insurance policy that organizations now have to treat as a first-class citizen.

Sponsored Protocol

AI-powered cyber resilience depends on small models

True cyber resilience demands real-time intelligent enforcement to intercept threats in motion and automated recovery to restore operations immediately. Applying AI to enforcement creates a fundamental challenge: relying on massive frontier models to monitor every agent action introduces crippling latency overhead and exorbitant computing costs. A guardian AI system that slows operations or costs as much as the systems it monitors is not viable. A fast, small, and cheap AI model is essential. Small language models (SLMs) are critical for real-time enforcement. Rubrik's approach, anchored by its acquisition of Predibase, builds this frontline defense layer on small models optimized for speed and efficiency. Unlike heavy frontier models, SLMs can semantically evaluate agent behavior at machine speed and at a fraction of the cost, acting as a real-time checkpoint.

Sponsored Protocol

This hyper-efficient enforcement layer enables a tighter, seamless connection to recovery. When the system observes an agent taking a destructive action, such as deleting a database or exfiltrating sensitive data, the small model detects it immediately, halts the damage, identifies the most recent clean snapshot from before the incident, and initiates recovery in a single automated workflow.

From incident response to architectural resilience

The broader implication of Mythos and similar frontier AI systems is a shift in how organizations think about security. As AI compresses the gap between attack and impact, resilience and recovery become architectural requirements rather than operational considerations. Rubrik's view is that security systems can no longer stop at detection. As AI agents gain greater autonomy, observability, identity context, and recovery must operate as a coordinated resilience layer. The goal is not simply to identify when something has gone wrong, but to shorten the gap between detection and restoration. Rishi notes that the same frontier capabilities introducing threats can also help combat them, as exemplified by OpenAI's launch of GPT-Live for advanced voice interactions. Positioning for the AI era means closing the gap between detecting a problem and restoring affected systems, before the cost of that gap compounds.

Sponsored Protocol

Source: https://venturebeat.com/security/ai-has-collapsed-the-cyber-response-window-resilience-now-starts-before-the-attack

Ing. Pietro Maiorana

> AUTHOR_EXTRACTED

Ing. Pietro Maiorana

Ingegnere informatico e co-fondatore di Meteora Web, CMO dell'agenzia. Esperto di marketing digitale, social media, advertising, copywriting e SEO.
[ Read Full Dossier ]

> METEORA_WEB // DIGITAL AGENCY

We build the digital presence your business deserves.

Websites, social media, online advertising, e-commerce and high-performance hosting, engineered with method by computer engineers in Sciacca, for all of Italy.

> MW_JOURNAL

> READ_ALL()