Cybersecurity stands at a pivotal crossroads, driven by the rapid advancement and widespread adoption of artificial intelligence (AI). Recently, I sat down with Dotan Bar Noy, a serial cybersecurity entrepreneur whose companies—including ReSec Technologies, ForceNock (acquired by Checkpoint), and Authomize—have been at the forefront of industry innovation. Dotan’s journey from a combat engineering unit to leading multiple successful cybersecurity startups uniquely qualifies him to assess AI’s profound impact on the cybersecurity landscape.
The integration of AI into cybersecurity represents a double-edged sword—dramatically enhancing our defensive capabilities while simultaneously empowering adversaries. Dotan articulated this tension clearly: “AI exists both in attack and defense—it’s a battle of who has the strongest AI and the most resources.” His insights underscore an uncomfortable reality: AI-driven cyberattacks have become sophisticated and highly targeted, transforming what once were basic brute-force attempts into precision-engineered spear-phishing campaigns. “With AI tools, every brute-force attempt turns into spear-phishing—what used to be spray-and-pray can now be intelligently targeted,” Dotan explained.
From my perspective, this shift requires us to rethink traditional cybersecurity frameworks fundamentally. Historically, cybersecurity solutions focused heavily on creating barriers—”fences,” as Dotan describes—to protect large enterprises. However, the widespread availability of AI tools has significantly reduced the cost and complexity of launching sophisticated cyberattacks, putting smaller organizations at an unprecedented risk. Dotan warned that “those without strong fences are in trouble,” highlighting a stark digital divide between well-funded entities and small-to-medium businesses (SMBs).
This vulnerability of smaller organizations is deeply troubling. Large institutions like banks have long possessed the resources and capabilities to erect robust cybersecurity defenses. But Dotan emphasized that the real crisis lies in the lack of affordable, scalable defenses for SMBs, who face a dramatically increased risk profile due to AI-driven threats. “We’ll see a world collapsing into itself,” Dotan said, sharing a notably pessimistic view on cybersecurity’s near-term future. “I think we’ll go through a very dark phase before we see the light.”
These insights align closely with my experiences at Clarity, where we regularly witness the heightened sophistication of AI-enabled threats, including deepfake social engineering and advanced phishing campaigns. It’s increasingly clear that static, perimeter-based defenses are obsolete in this new era. Cybersecurity must become proactive, dynamic, and adaptive—capable of real-time responses informed by AI itself.
Despite the evident challenges, Dotan remains optimistic about entrepreneurial opportunities. He pointed specifically to the rising importance of identity and access management (IAM), an area he addressed directly through Authomize. Historically overlooked by security teams, identity management has become crucial as remote work and cloud environments blur organizational boundaries. Dotan’s company was among the first to highlight the concept of Identity Threat Detection and Response (ITDR), focusing explicitly on threats linked to permissions and entitlements. “AI-driven automation and dynamic, real-time permission management present many opportunities,” Dotan emphasized, identifying an exciting growth area for cybersecurity entrepreneurs.
Reflecting on our conversation, I’m convinced that cybersecurity in the age of AI demands more than just technological adaptation—it requires a philosophical shift. Organizations must embrace AI-driven strategies to predict, detect, and proactively counter threats before they materialize. This evolution is not optional; it is essential.
Looking back on his entrepreneurial journey, Dotan offered a critical piece of advice applicable to all cybersecurity founders: “Focus on truly understanding your customers—how they see value, use products, and build internal business cases.” This emphasis on customer-centric innovation resonates strongly with me. At Clarity, we’ve seen firsthand how deeply understanding our customers’ challenges enables us to develop more effective, proactive cybersecurity solutions.
In closing, our conversation reinforced a crucial message: Organizations that swiftly adapt to this new cybersecurity paradigm, leveraging AI proactively and strategically, will not only survive but thrive. Those that fail to do so risk falling into the “dark phase” Dotan predicted—a stark but necessary warning.
Organizations must adapt now or face unprecedented risks—AI demands proactive cybersecurity, and the time to act is now.
Michael Matias is the CEO and Co-Founder of Clarity, an AI-powered cybersecurity startup backed by venture capital firms including Bessemer Venture Partners and Walden Catalyst. Clarity develops advanced AI technologies protecting organizations from sophisticated phishing attacks and AI-generated social engineering threats, including deepfakes. Before founding Clarity, Matias studied Computer Science with a specialization in AI at Stanford University and led cybersecurity teams in Unit 8200 of the Israel Defense Forces. Forbes Israel recognized him early on, naming him to the exclusive 18Under18 list in 2013 and the Forbes 30Under30 list thereafter. Matias authored the book Age is Only an Int and hosts the podcast 20MinuteLeaders.
