As artificial intelligence races into daily business use, cyberattacks are getting faster and harder to spot, Netskope CEO Sanjay Beri warned in an appearance on The Claman Countdown. He said companies now face A.I.-driven threats that adapt in seconds, making speed and visibility the new test for security teams.
Beri spoke about how attackers use A.I. to write convincing phishing messages, automate code exploits, and probe cloud services at scale. He argued that defenses must shift to match the pace of these campaigns and stop threats in the moment, not hours later. The message was clear: protection must happen at the point of use, wherever data lives.
A.I. changes the tempo of attacks
Security leaders have long battled phishing, malware, and insider risks. A.I. tools are changing how those threats look and how fast they move. Attackers can now generate polished emails, fake login pages, and voice clones with little effort. They can also test stolen credentials across many services with automated scripts.
That speed compresses the window for response. An employee can click a link, grant access, and move data to an unapproved app in minutes. Delayed detection leaves little chance to contain the damage. Beri described this shift as a move from slow, manual attacks to quick, automated campaigns that target cloud apps and web traffic.
From the data center to the cloud edge
Past defenses centered on network perimeters. Today, work happens in browsers, software-as-a-service tools, and public clouds. Traffic no longer goes through a single chokepoint. That makes inspection at the “edge” of user activity essential.
Beri stressed that security controls must sit close to the user and the data, inspecting web sessions and app use in real time. He said policies should adapt based on user risk, device health, and the sensitivity of the data. Blocking known bad sites is not enough. Tools must also spot unusual behavior, such as mass downloads or hidden data exfiltration.
‘Real-time protection’ as the operating rule
Beri framed this as the operating rule for modern defense. Real-time means security that evaluates content and intent as it flows, not after logs are stored. It also means using A.I. to counter A.I.—scoring risks on the fly, spotting anomalies, and guiding users away from harm without slowing work.
He noted that training and policy still matter. But the sheer speed of automated attacks makes instant controls central. That includes inspecting encrypted traffic, controlling uploads, and stopping credential misuse as it happens.
What this means for boards and budgets
Boards want to know whether current tools can stand up to A.I.-scale threats. The answer often requires investment in cloud-delivered security and tighter identity controls. It also calls for better telemetry to see what users do across apps, devices, and networks.
Beri’s comments suggest a spending shift from point products to platforms that cover web, cloud, and private apps with one policy model. He also pointed to the need for testing incident response under short timelines. Minutes now matter more than ever.
Balancing enablement and control
Employees rely on generative A.I. tools to draft reports, analyze data, and write code. That creates a dilemma: block these tools and lose productivity, or allow them and risk data leaks. Beri argued for managed access. Let teams use approved tools, but control what data they upload and monitor outputs for sensitive content.
He also raised the problem of model poisoning and prompt injection. If attackers corrupt inputs or trick apps into revealing secrets, companies can lose trust in their workflows. Guardrails around prompts and strict isolation for models handling sensitive tasks can reduce that risk.
Steps organizations can take now
- Inventory A.I. use and set clear policies for approved tools.
- Enable real-time web and cloud app inspection, including encrypted traffic.
- Tighten identity: enforce least privilege and strong multi-factor methods.
- Monitor data movement with content inspection and behavior analytics.
- Run short, frequent incident drills built around A.I.-speed attacks.
The rise of A.I. will keep changing how attackers operate. Beri’s core message is that defenses must be just as fast and adaptive. Real-time controls at the edge, strong identity, and smart data protections can limit damage even when lures look perfect. Companies that test their readiness and tune their controls now will handle the next wave better than those that wait.
Expect more threats that blend social engineering with automated tools, more use of cloud apps as attack paths, and more pressure on response times. The next phase is not only about smarter A.I., but also about tighter guardrails and faster action when something goes wrong.
