20MinuteLeaders

Artificial intelligence (AI) is reshaping cybersecurity—not just for digital threats but also for critical physical infrastructure like railways. My conversation with Miki Shifman, Co-Founder and CTO of Cylus, underscored the urgent need to extend cybersecurity beyond traditional digital domains to protect transportation systems.Railway Cybersecurity: A Growing ConcernShifman, a cybersecurity expert and Israeli intelligence veteran, co-founded Cylus in 2017 to address vulnerabilities in railway systems. Historically, rail safety focused on mechanical redundancy and human oversight. But modern trains—autonomous, high-speed, and digitally connected—face unprecedented cyber risks. As Shifman put it, “The boundaries have been broken.”Recent incidents highlight the severity. London’s railway shutdown last September exposed the economic and societal disruptions cyberattacks can cause. A similar event in New York’s subway system would ripple far beyond transportation, affecting healthcare and public safety.Emerging Threats and AI’s RoleRailway cyber threats fall into two categories: availability threats that halt train operations and safety threats that could lead to collisions or derailments. Many railway systems lack adequate encryption and authentication, making vulnerabilities deeply embedded. AI accelerates these risks—lowering the expertise needed to execute sophisticated attacks. Tools like ChatGPT enable less-experienced hackers to gain insights into specialized rail protocols, expanding the pool of potential attackers.Regulatory Response and AI-Powered DefenseWith railways classified as critical infrastructure, regulatory bodies in the EU and U.S. are mandating stronger cybersecurity measures by 2025. However, these solutions must integrate carefully to avoid interfering with operational safety.AI also strengthens defenses. Cylus uses AI to enhance threat detection, real-time monitoring, and anomaly detection while reducing false positives. AI boosts productivity across railway cybersecurity, from rapid prototyping to regulatory compliance automation. “AI helps turn compliance from a burden into an asset,” Shifman noted.The Future of Railway CybersecurityRail cybersecurity lags behind other critical infrastructure sectors, but AI provides an opportunity to leap forward. Organizations embracing AI-driven security will gain unprecedented protection—while those slow to adapt remain vulnerable to increasingly sophisticated threats.When asked about AI’s future in rail security, Shifman admitted, “We’re still evolving our understanding. But ignoring AI simply isn’t an option. This technology changes the landscape weekly.” That mindset—alert, adaptable, and proactive—is exactly what the railway industry needs today.

5 Mai 27min

Artificial intelligence (AI) is no longer a mere enhancement in cybersecurity—it’s essential. My conversation with Dr. Dorit Dor, Chief Technology Officer at Check Point Software Technologies, reinforced AI’s transformative role in defending against cyber threats. As a pioneer in Israel’s cybersecurity sector, Dorit has been shaping security strategies for nearly three decades.AI’s Expanding Role in CybersecurityFrom Check Point’s early days to its global prominence, Dorit has emphasized the need to shift from reactive threat detection to proactive prevention. “AI empowers attackers to scale their operations dramatically,” she explained. Today, targeted cyberattacks occur at mass scale, making real-time defense a necessity.The Challenge of AI-Driven ThreatsOrganizations now face AI-generated threats daily, including deepfakes and hyper-targeted phishing campaigns. Dorit stressed the urgency of stopping attacks as they happen, not just detecting them afterward. The conversation highlighted a growing vulnerability: supply chain security. Cybercriminals increasingly exploit weak links within supply chains, underscoring the importance of securing every aspect of an organization’s ecosystem. “Supply chain attacks have significantly increased,” she warned, calling for rigorous internal security among providers.AI and the Future of Cybersecurity OperationsBeyond threat prevention, AI is reshaping cybersecurity roles. “The human factor will increasingly shift from direct intervention to supervising AI agents executing defensive tasks,” Dorit noted. Traditional manual security processes are giving way to AI-driven systems, requiring cybersecurity teams to act as strategic managers rather than hands-on defenders.The Urgency to AdaptCybersecurity must evolve at the pace of emerging threats. AI-driven attackers pose a growing risk, and organizations failing to integrate AI into their security frameworks will struggle to keep up. Dorit’s perspective aligns with my own experiences at Clarity, where AI-driven cybersecurity is not a luxury—it’s a necessity. As she put it, “Organizations today need solutions that can respond automatically and intelligently. We must empower our defenses to act decisively when under attack.”Looking AheadAI stands at a crossroads: both a threat multiplier and a defensive enabler. Organizations must act swiftly to integrate AI into their cybersecurity strategies, ensuring they stay ahead of increasingly sophisticated threats. Dorit’s insights serve as both a warning and a roadmap—those that embrace AI will not just survive but thrive in the evolving digital landscape.

5 Mai 52min

Cybersecurity is at a turning point, largely driven by rapid advancements in artificial intelligence (AI). My recent conversation with Barak Schoster—a renowned cybersecurity expert and entrepreneur—highlighted AI’s profound impact on the field. Schoster, who founded Bridgecrew (now part of Palo Alto Networks), has extensive experience in advanced threat protection and innovative security solutions.AI’s Role in CybersecuritySchoster put it simply: “The boundaries have been broken.” Traditional security methods, such as endpoint protection and perimeter-based defenses, are no longer enough in an era dominated by cloud computing and fast-moving data. By 2025, Gartner predicts that 85% of enterprises will primarily operate in cloud environments, demanding proactive and adaptive security models.Emerging ChallengesOrganizations are increasingly using cloud platforms and SaaS applications, introducing new risks. AI-driven productivity tools, while boosting efficiency, also heighten vulnerabilities—through unintended data leaks and unsecured exchanges. Employees frequently use tools outside corporate oversight, raising serious security concerns. Schoster noted that open-source adoption accelerates software distribution but requires strategic monetization. “We moved from single-player mode, where developers benefited individually, to multiplayer mode, which brought real enterprise value,” he explained.AI’s Double-Edged ImpactAI both expands the attack surface and enhances defense capabilities. Schoster pointed out that deepfakes and automated phishing campaigns have significantly lowered the cost and complexity for cybercriminals. However, AI-powered security tools can automate complex tasks, improving efficiency and resilience.The urgency is clear: AI-driven phishing attacks have increased by over 2,000% in the past year alone, according to Team8. This escalation highlights the need for real-time security interventions. Bridgecrew leveraged AI for instant monitoring and security enforcement, shifting cybersecurity from reactive threat detection to proactive prevention.The Future of CybersecurityThis transformation reflects a larger industry shift. AI can dramatically reduce vulnerabilities, minimize false positives, and enhance productivity by automating critical security tasks—allowing experts to focus on strategic objectives. Schoster predicts that static defenses and perimeter-based models will soon be obsolete. “Execution, speed, and adaptability have become more important than traditional moats like IP or patents,” he asserted.Organizations must embrace AI-powered security strategies or risk being replaced by more agile competitors. As Schoster warned, “Those that fail to adapt quickly enough will inevitably be replaced by innovative, AI-driven newcomers.” The future of cybersecurity depends on agility, automation, and a forward-thinking approach.

5 Mai 43min

Cybersecurity today is more dynamic and critical than ever, thanks to the transformative influence of AI. Liran Grinberg, Co-founder of Team8, highlighted this evolution in a recent discussion. Drawing on his experience from Israel's elite Unit 8200 and managing over $1 billion in ventures, he shed light on how AI is reshaping cybersecurity. He emphasized that AI isn't just enhancing existing technologies but enabling previously impossible capabilities, which also broadens the attack surface—creating both new vulnerabilities and opportunities for innovation.Grinberg's perspective resonated with my own observations at Clarity, where AI has expanded the threat landscape while revolutionizing defense capabilities. Traditional reactive models are becoming outdated. Analysts are now evolving into supervisors of AI-driven agents managing operational tasks, which showcases how AI integration can bolster cybersecurity effectiveness. This shift is essential, particularly given the increasing complexity and sophistication of threats, such as AI-driven phishing and deepfakes.Speed and momentum are critical in the competitive world of cybersecurity. Grinberg pointed out the necessity for rapid, responsible decision-making to secure market leadership. This aligns with Clarity's approach, where staying ahead of threats is not optional but a mandate for survival. He also emphasized the enduring need for domain expertise, particularly when integrating complex AI solutions into cybersecurity strategies. Without such expertise, even the most advanced tools risk being ineffective.Grinberg's outlook underscores the need for proactive, predictive, and preventive strategies in cybersecurity. At Team8, their AI Excellence Center exemplifies this by focusing on deep, strategic AI integration rather than surface-level adoption. The accelerated adoption of AI presents unmatched opportunities but also escalates risks for those lagging behind.The message is clear: embracing AI-driven cybersecurity is no longer optional. Organizations must prioritize strategic AI integration to ensure resilience and efficiency in an increasingly complex threat environment. As Grinberg said, the future of cybersecurity is dynamic, proactive, and deeply intelligent. Those who delay risk falling dangerously behind.

5 Mai 54min

After years in finance and a move from New York back to a kibbutz, Sagi Shentag led Tango from startup to $300M revenue before taking the helm at VOY. Now, he’s transforming global connectivity by making travel data seamless, affordable, and stress-free—turning a complex necessity into a simple, empowering experience.#20MinuteLeaders #GlobalConnectivity #TravelTechInnovation #EntrepreneurialJourney

4 Mai 21min

Growing up between Uganda, the UK, and rural Kentucky, Manish Patel’s journey led him from Stanford to Google and then into venture capital. Reflecting on technology’s human impact, Manish shares how today’s AI-driven chaos mirrors past moments of innovation—and why building around human needs, not just features, will define the next generation of companies.#VentureCapital #AIInnovation #StartupMindset

28 Apr 21min

Sumedh Thakar, CEO of Qualys, delves into his journey from software engineer to cybersecurity leader, stressing the critical role of risk quantification in protecting business value. He highlights the dynamic nature of cybersecurity, tackling challenges like AI and quantum security, while offering insights into aligning security efforts with financial impact for long-term resilience.#CyberRiskManagement #CybersecurityLeadership #RiskQuantification #InfoSecStrategy #20MinuteLeaders

24 Apr 23min

The arrival of Generative AI marks perhaps the fastest and most dramatic technological change we've ever experienced, reshaping cybersecurity at a pace most organizations are unprepared for. A recent conversation with Elad Schulman, CEO and Co-Founder of Lasso, reinforced my understanding that organizations must rapidly adapt to this new reality, where threats evolve continuously and at an unprecedented rate.Schulman, a seasoned entrepreneur who founded and sold the cybersecurity company Segasec to Mimecast, emphasized that upon entering the Generative AI world about two years ago, it felt like stepping into a "new Wild West." "You need a new sheriff to catch the bad guys," he noted. This metaphor aptly captures the significant challenge organizations face today as traditional security models, built on static defenses and rigid tools, can no longer handle the dynamic, AI-driven threats.What's particularly striking about this transformation is the aggressive adoption of AI tools by employees themselves, without waiting for formal approvals or clear organizational policies. As Schulman explained, "Employees didn't wait for policy or enforcement; they simply started using these tools because they are extraordinarily effective." Such rapid, unsupervised adoption poses significant security challenges, from sensitive data leaks to exposure to new risks previously nonexistent.Lasso’s approach, under Schulman's leadership, focuses on providing organizations with comprehensive visibility into employees' use of AI tools. Instead of attempting to block the technology, their strategy enables safe and efficient AI adoption. "Security shouldn't prevent usage but enable it," Schulman emphasized. "We must help employees elegantly recover from mistakes rather than just block them."This approach represents a substantial shift from traditional security methods, which typically create user friction, harm productivity, and ultimately lead employees to circumvent policies. Organizations restricting AI usage risk undermining their competitive edge. Conversely, adopting this technology without adequate security exposes them to significant new vulnerabilities.Beyond security challenges, AI also opens new defensive opportunities. At Lasso, AI is employed to provide organizations immediate and active visibility into internal data flows, quickly identify threats, and neutralize them. "We are not just creating another security tool but an entire platform enabling organizations to adopt AI safely," Schulman said.From my perspective, we stand at a critical juncture. AI adoption is no longer optional—it’s already here, fundamentally changing the nature of work and security. Organizations strategically integrating AI within their security frameworks will secure a considerable competitive advantage. Those hesitant to do so will find themselves increasingly vulnerable to attacks leveraging precisely these technologies.As Schulman candidly summarized, "We are still learning as we go. Ignoring these changes simply isn't an option. The technology evolves nearly every week." In my view, this agile, adaptive, and proactive approach is precisely what cybersecurity leaders must adopt immediately.About Michael MatiasMichael Matias is the CEO and Co-Founder of Clarity, an AI-powered cybersecurity startup backed by venture capital firms including Bessemer Venture Partners and Walden Catalyst. Clarity develops advanced AI technologies protecting organizations from sophisticated phishing attacks and AI-generated social engineering threats, including deepfakes. Before founding Clarity, Matias studied Computer Science with a specialization in AI at Stanford University and led cybersecurity teams in Unit 8200 of the Israel Defense Forces. Forbes Israel recognized him early on, naming him to the exclusive 18Under18 list in 2013 and the Forbes 30Under30 list thereafter. Matias authored the book Age is Only an Int and hosts the podcast 20MinuteLeaders.

24 Apr 36min