AI is forcing a shift in how organizations defend themselves, demanding not only faster responses, but continuous intelligence. As enterprises deploy more agents, connect more cloud services, and automate more workflows, they’re expanding what needs to be secured. Every new API, every autonomous process, every edge deployment is a potential entry point. The attack surface is growing, and it’s also getting harder to see.

Sixty percent of executives say their organizations experienced at least one AI-powered cyberattack in the past year. Yet only 7% report using AI defensively at scale (even though 88% plan to). That gap is an adoption and operating-model problem: many organizations are facing AI-accelerated threats without the intelligence workflows (data, tools, and governance) needed to use AI defensively at scale.


Closing that gap requires security programs that can operate at machine speed, where context remains current, controls can respond automatically when confidence is high, and teams can escalate the calls that require human judgment.


In our trends report on Powering Continuous Intelligence, we explore the challenges of securing an AI-first environment, as well as how security leaders are already shifting from reactive control to continuous, intelligence-driven defense.

Cyber resilience is business resilience now


For a long time, cybersecurity lived in its own lane: a technology function, owned by the CISO, measured in incidents and patches. That framing doesn’t hold anymore.


Cybersecurity today exists on a larger scale. The Comcast Business 2025 Cybersecurity Threat Report analyzed 34.6 billion events for its security customers in a single year. It’s evidence of relentless volume and automation pressure: exactly the conditions where intelligence-driven defense matters.

Meanwhile, IBM puts the global average cost of a breach at $4.4 million. Beyond the dollar figure, there’s something more structural at play: most organizations aren’t governing AI securely. IBM found that significant majorities lacked AI governance policies or experienced AI-related security incidents without the right access controls in place. As AI gets woven into operations, those gaps can become material business risks.


CEOs and boards are accountable for resilience and trust. CFOs now evaluate cyber exposure the same way they evaluate other financial risk. And CIOs and CISOs are increasingly being measured on whether security enables AI adoption, not whether it slows it down. Security has become a business continuity function.

The trust signals you’ve relied on are weakening


Traditional indicators of suspicious activity, like IP reputation, geolocation, and traffic origin, are becoming less reliable. And attackers know it.


Comcast’s own threat research has documented the rise of residential proxy abuse, where malicious traffic is routed through co-opted consumer devices — phones, laptops, IoT equipment — so it appears to originate from legitimate home or small-business connections. Large groupings of these compromised devices operate as coordinated proxy networks, and in many cases, the device owners have no idea their connection is being used.


For defenders, that means that IP-based heuristics don’t provide the level of information they used to. Effective detection now requires layering in behavioral signals, device history, session context, and identity data, correlating multiple dimensions rather than relying on any single indicator.

What intelligence-driven defense actually looks like


Intelligence-driven defense is about turning high-volume telemetry into prioritized action, fast enough to matter.


That requires integrated visibility across network, endpoint, cloud, identity, and applications—not siloed dashboards that force analysts to manually stitch together the picture. It requires context: knowing not just that an event happened, but who was involved, how critical the asset is, and what the business impact could be. And it requires AI-powered correlation that can surface the signal worth acting on and suppress the noise that isn’t.


At this volume and velocity, manual processes simply don’t hold. Leading organizations build security operations where automation handles the high-confidence, repeatable responses—and human judgment handles the calls that require it.


The industry is moving accordingly. Gartner predicts that by 2028, more than half of enterprises will use AI security platforms to protect their AI investments — centralizing visibility and enforcing policies against risks like data leakage and rogue agent behavior. And by 2030, preemptive cybersecurity is expected to account for half of all security spending, reflecting a genuine shift toward acting before attackers strike, not after.


In practice, “continuous intelligence” means security context is always available and always current, so the right control can fire automatically when confidence is high and escalate cleanly when it isn’t.

Identity is the new perimeter, and it’s expanding


Traditional indicators of suspicious activity, like IP reputation, geolocation, and traffic origin, are becoming less reliable. And attackers know it.


As automation grows, so does the number of identities that need to be managed and verified. AI agents, service accounts, and APIs are multiplying, and each can become a point of compromise if access isn’t properly scoped and monitored.


This is why zero trust has moved from framework to operating baseline. A compromised agent can act faster than any human response cycle, which means agent access needs to be treated with the same rigor as privileged human access. That means defined scopes, strong authentication, and continuous verification.

Security has to move at machine speed


The organizations that will come out ahead are the ones that have built security into the operating model itself. Secure-by-design means governance and controls are embedded before deployment, not bolted on after something goes wrong. It means accountability is built into agentic workflows, not assumed. And it means the security function is positioned as an enabler of AI adoption, not an obstacle to it.


Continuous intelligence — across cloud, edge, and network — is what makes that possible. When detection, response, and recovery happen at machine speed, the business can move confidently. When they don’t, every new capability the enterprise deploys also becomes a new liability.


Read the full report, Trends Report: Powering Continuous Intelligence to explore how intelligent security, data fluidity, always-on experience, agent-enabled operations, and CIO leadership are converging into a new enterprise operating model.


Let’s talk more about your business needs

Together, we’ll figure out a solution to suit your size and budget.

Request a consultation

Complete the form, and a sales representative will contact you to discuss your needs and recommend solutions.


Don’t want to wait? You can reach our sales team 24/7 at (877) 337-9303.



Why Comcast Business?


We deliver advanced technology solutions that help drive businesses and organizations forward.

  • Offering a suite of connectivity solutions with an international footprint
  • Helping to protect networks and devices with global secure networking solutions
  • Partnering with enterprises to develop custom solutions tailored to their business needs
  1. Step 1
  2. Step 2

* REQUIRED

By entering your email address and selecting “continue,” you agree to receive marketing and sales emails from Comcast Business. Privacy Policy