The cybersecurity landscape is undergoing one of its most significant transformations, fueled by the rapid evolution and adoption of artificial intelligence (AI) and the pervasive shift toward cloud computing. In my recent conversation with Ofer Maor, CTO at MITIGA, a leader at the intersection of cybersecurity innovation and cloud expertise, I gained profound insights into how enterprises must adapt their security strategies in the AI-driven era.
Ofer brings a wealth of experience to this topic, drawing from over three decades of cybersecurity expertise, from pioneering penetration testing techniques to now spearheading strategic technological advances at MITIGA. Early in his career, Ofer made waves by developing the “Blind SQL Injection” method, showcasing his longstanding commitment to innovation and deep understanding of cybersecurity threats.
“Cybersecurity today isn’t just about protecting endpoints or managing traditional IT infrastructure—it’s fundamentally about securing identities in cloud environments,” Ofer explained. He emphasized that identities have become the primary attack vector as businesses shift toward cloud-based services and SaaS platforms, fundamentally reshaping the traditional security perimeter.
This evolution has massive implications. Gartner predicts that by 2025, 85% of enterprises will primarily operate in cloud environments, underscoring the urgent need for sophisticated, identity-centric cybersecurity strategies. Ofer illustrated the critical nature of this shift clearly: “If your identity management fails, everything else in your infrastructure can fall like dominos.”
Our conversation made it clear to me that traditional security approaches are quickly becoming obsolete. Enterprises can no longer rely on static, perimeter-based defenses. Instead, as Ofer puts it, organizations need to adopt a model of “continuous verification and proactive identity security,” aligning closely with Zero Trust principles but specifically adapted to cloud environments.
However, the journey to adopting cloud-centric cybersecurity isn’t without challenges. One major obstacle highlighted by Ofer is the skills gap. “SOC analysts today are overwhelmed with cloud alerts they often don’t fully understand. They’re expected to respond to incidents involving complex cloud architectures like Kubernetes or AWS, but they often lack specialized expertise,” he noted.
AI, according to Ofer, is a double-edged sword. It amplifies threats by enabling attackers to execute more sophisticated, automated, and scalable attacks, yet it also empowers defenders. At MITIGA, AI serves as the backbone for incident detection and response, providing contextualized insights to analysts and significantly enhancing the speed and accuracy of threat mitigation.
“AI’s strength lies in its ability to contextualize incidents, automate mundane security tasks, and dramatically improve analysts’ decision-making,” Ofer emphasized. However, he cautioned against over-relying on AI for critical decisions without human oversight, particularly in sensitive contexts, such as disabling access during critical business moments.
Reflecting on our conversation, it’s evident to me that the future of cybersecurity is intrinsically tied to AI-driven, proactive, and identity-focused strategies. Organizations that recognize this early will build resilience against increasingly sophisticated cyber threats, while those clinging to legacy systems risk severe vulnerabilities and breaches.
As Ofer succinctly summarized: “The cybersecurity industry has always been reactive. We have a chance to change that with AI and cloud-centric security. Companies that adopt proactive security strategies now will lead in the future.”
For enterprises today, the choice is clear: embrace the AI and cloud-driven cybersecurity revolution, or fall dangerously behind.
The time for cloud and AI-driven cybersecurity isn’t tomorrow—it’s today. Enterprises must act swiftly or risk falling behind in an ever-evolving threat landscape.
Michael Matias is the CEO and Co-Founder of Clarity, an AI-powered cybersecurity startup backed by venture capital firms including Bessemer Venture Partners and Walden Catalyst. Clarity develops advanced AI technologies protecting organizations from sophisticated phishing attacks and AI-generated social engineering threats, including deepfakes. Before founding Clarity, Matias studied Computer Science with a specialization in AI at Stanford University and led cybersecurity teams in Unit 8200 of the Israel Defense Forces. Forbes Israel recognized him early on, naming him to the exclusive 18Under18 list in 2013 and the Forbes 30Under30 list thereafter. Matias authored the book Age is Only an Int and hosts the podcast 20MinuteLeaders.
