Cybersecurity crises are inevitable. Despite significant advancements in prevention and detection technologies, organizations today must accept that breaches will occur. This reality demands a shift from a solely preventive approach to one rooted deeply in resilience—how quickly and effectively a business responds and recovers. My recent conversation with Nimrod Kozlovski, co-founder of Cytactic, underscored this crucial transition and highlighted AI’s transformative potential in crisis management.
Kozlovski, a seasoned cybersecurity expert with deep roots in venture capital and crisis response, has firsthand experience guiding Fortune 500 companies through complex cyber incidents, from ransomware attacks on hospitals to breaches at major cryptocurrency exchanges. What struck Kozlovski repeatedly was the surprising chaos during such crises, despite the involvement of numerous expert advisors.
“Companies rely heavily on external experts like forensic analysts, negotiators, legal advisors, and communication specialists,” Kozlovski explained. “Each brings their own perspective and processes, often creating confusion and operational chaos precisely when clarity and coherence are most critical.”
In my view, this fragmented, manual approach to crisis management is not only inefficient—it exacerbates the very damage it seeks to mitigate. According to Kozlovski, insurance firms confirm that most cyber incident damages result not from the initial attack, but from the chaotic response. Businesses frequently shut down unnecessarily or continue operations unaware of ongoing risks, leading to significant reputational, legal, and financial harm.
The core issue, Kozlovski noted, is a lack of appropriate technological support during crises. In an era where virtually every business function—from sales operations with CRM platforms to software development with DevOps—has embraced digital transformation, cyber crisis management remains stuck in analog processes. Organizations typically manage crises with outdated, static playbooks or spreadsheets, often untested and rarely reflective of the dynamic threats they face.
Artificial intelligence presents a powerful solution. AI-driven tools, like those developed by Cytactic, can simulate potential crises tailored specifically to an organization’s unique vulnerabilities, industry, and operating environment. “AI excels at dynamically adjusting crisis response processes,” Kozlovski pointed out. “Traditional playbooks fail to adapt during evolving crises, whereas AI continuously recalibrates strategies based on real-time data.”
Furthermore, AI streamlines communication and task prioritization—critical pain points in crisis scenarios. Kozlovski emphasized how AI can rapidly synthesize complex, unstructured data—technical analyses, legal implications, communication needs—into coherent, actionable insights, enabling faster decision-making and clearer stakeholder communication.
One particularly impressive innovation Kozlovski mentioned involves automating threat detection and response. Israeli startups leveraging AI, including Cytactic, have developed systems that immediately initiate targeted response actions upon detecting anomalies, significantly reducing incident severity and duration. This automatic bridge between detection and response represents a critical evolution in cybersecurity strategy, effectively reducing human error and inefficiencies during high-stakes situations.
Reflecting on our conversation, it’s clear to me that organizations must shift their cybersecurity posture toward resilience and real-time responsiveness. Crisis preparation, now enhanced dramatically by AI, isn’t just prudent—it’s imperative. Companies that embrace these advanced solutions will experience fewer disruptions, quicker recoveries, and ultimately, more robust business continuity.
“AI’s role is enormous,” Kozlovski affirmed. “It enhances human capabilities dramatically, offering clarity, confidence, and consistency precisely when human teams need them most.”
In short, the future of cybersecurity crisis management lies not in simply anticipating every attack but in effectively and intelligently managing them when they inevitably occur. Organizations must move quickly to integrate AI-driven crisis management solutions, transforming their security frameworks from reactive chaos to proactive, data-driven resilience.
Michael Matias is the CEO and Co-Founder of Clarity, an AI-powered cybersecurity startup backed by venture capital firms including Bessemer Venture Partners and Walden Catalyst. Clarity develops advanced AI technologies protecting organizations from sophisticated phishing attacks and AI-generated social engineering threats, including deepfakes. Before founding Clarity, Matias studied Computer Science with a specialization in AI at Stanford University and led cybersecurity teams in Unit 8200 of the Israel Defense Forces. Forbes Israel recognized him early on, naming him to the exclusive 18Under18 list in 2013 and the Forbes 30Under30 list thereafter. Matias authored the book Age is Only an Int and hosts the podcast 20MinuteLeaders.
