Opinion
The giant models threaten to wipe out classic cybersecurity companies. Who will survive the revolution?
The cybersecurity-model announcements from OpenAI and Anthropic are not merely a threat to existing startups. They are the opening shot of a critical shift, from a world of vulnerability detection to one of autonomous remediation and prevention.
Over the past few weeks, the global cybersecurity industry has been hit by an upheaval that goes well beyond the usual response to a technology announcement. The drop in market value of publicly traded cyber companies, following the unveiling of dedicated cybersecurity models from the AI giants, among them Claude Mythos and GPT-5.4-Cyber, signals the opening shot of a deep paradigm shift in the industry. For the Israeli cybersecurity sector, which spent the past decade establishing itself as a global power, this represents an inflection point that forces a rethinking of where its competitive advantage lies in light of these tools. The question echoing through the market is whether generative AI is rendering the cybersecurity industry, as we have known it, irrelevant.
The Erosion of the Traditional Cybersecurity Model
For years, the cybersecurity industry was built around the detection problem. Most of the technological innovation and the capital poured into the field went toward one thing: the ability to find “the needle in the haystack”, to spot anomalies and weaknesses inside mountains of data, whether in code, in the cloud, or in identities. The new models from the AI giants moved exactly into this territory. Their ability to run analytics and detect vulnerabilities at broad scale turns a sizable share of today’s detection products into a commodity. Companies and startups that built their entire differentiation on training a dedicated detection model now find themselves challenged by generic models that deliver comparable performance, and the resources they invested into training a proprietary model become a dead weight rather than an asset.
This shift also creates a dangerous asymmetry between attacker and defender. The ability to detect weaknesses cuts both ways. Artificial intelligence is a powerful working tool for defense, but it is just as much of a force multiplier for attack. The capacity to locate breaches in next to no time hands the advantage to the offensive side. The immediate result is that organizations are running into a new bottleneck. They are forced to contend with the thousands of AI-generated alerts every second, and the ability to fix those vulnerabilities turns into a critical point of failure in their defenses.
The New Window of Opportunity
This is precisely where the real opportunity for the next generation of the cybersecurity industry opens up. If the central challenge of the past decade was finding the breach, the center of gravity in the coming decade moves to prevention and rapid remediation.
That said, the move to full reliance on such giant models will not happen overnight. Questions of privacy, regulation, and trust remain the most significant barriers to entry in the market. Organizations will be in no rush to grant an AI the permissions to make autonomous code changes in their core systems without close oversight, and for good reason: patching a vulnerability is complex, it can affect production continuity, and it can carry consequences that reach well beyond the boundaries of cyber defense. These conditions create an operational vacuum at the edge of capability of those large models, which sharpens the need for layered mechanisms of oversight, transparency, and management of remediation processes. This is exactly where the next leading solutions will rise, the ones that let organizations adopt AI cyber capabilities safely and transparently.
Part of the new thinking that will come to dominate the market will also rest on the move away from using a single generic model for every problem, toward the use of micro-models, or small language models. These are focused models, cheaper to run and more accurate, which are designed to solve specific vertical cybersecurity issues. The real advantage for founders lies in embedding these models inside a multi-model architecture, meaning a flexible infrastructure that allows the language model at the base of the system to be swapped out at any time as the market changes. That flexibility will let startups hold on to their unique value and to their relationship with the customer, without becoming dependent on the constant shifts the AI giants impose on the market.
The cybersecurity industry is in the middle of an adaptation process. The existing detection companies have to accelerate their automation if they want to stay relevant, while new founders need to bring fresh and meaningful value at the interface layer and in solving the operational failures the AI models create. Alongside that, the answer to the new cyber challenges is not purely technological. It additionally requires the organizations themselves to build agility into their IT infrastructure and internal processes, so that they can support rapid response and remediation. Artificial intelligence won’t replace the need for cyber defense. It will simply force the cybersecurity industry to run a great deal faster.
Yair Snir is the managing director at Dell Technologies Capital and Barrel Kfir is a partner.
