Up to 80% of cybersecurity tasks could be handled by artificial intelligence (AI) in the future, Steve Ledzian, chief technology officer, Google Cloud Security, JAPAC at Mandiant told FE.
Mandiant is a cybersecurity firm, now part of Google Cloud, with expertise in incident response and threat intelligence.
The automated tasks could include threat summarisation, automated workflows, and initial investigations, which AI can execute with greater efficiency. Human expertise will still be vital for governance, decision-making, and responding to complex scenarios, Ledzian pointed out.
Importantly, he does not view the increasing integration of AI into workflows as a threat to cybersecurity jobs. On the contrary, AI is helping alleviate a shortage of cybersecurity talent, allowing existing professionals to operate at a higher level and with greater focus.
“I think it would reduce jobs if we had all the jobs filled today; but we don’t. We have a talent gap. AI enables the people we do have to be more efficient,” Ledzian noted.
He said that the firm’s workforce stays up to date by engaging directly in incident response work. These frontline experiences provide deep insights into evolving attacker tactics and techniques, which are often unavailable through open-source intelligence. This exposure enhances the team’s skill sets and contributes to continuous learning across both technical and strategic cybersecurity functions.
While it has teams it different markets, these teams usually collaborate at a global scale to tackle incidents, he added.
Ledzian said Mandiant is already using AI in its cybersecurity operations, though he did not elaborate on specific deployments.
In India, where cyberattacks—particularly ransomware—have grown significantly in scale and sophistication, the firm has observed boardrooms evolving in their approach to cybersecurity.
“Boards have come to realise the value of digital transformation to their business. But (also that) with digital transformation comes a much larger attack surface,” said Ledzian.
To address the growing cybersecurity concerns, the firm conducts tabletop exercises with executive teams to simulate breach scenarios and test decision-making under pressure. It also carries out exercises simulating real-world attacks on technical systems, helping identify hidden vulnerabilities and gaps in defences without causing actual disruption.
“We role play a breach scenario and step it forward so executives can see whether or not they’re on the same page as a team,” Ledzian explained. Often, he added as an example, the response to a breach by a firm’s legal team will vary significantly from its PR team, and these exercises are helping various teams come reach common ground.
While both cybersecurity professionals and attackers are using generative AI tools, Ledzian said the scales are currently tipped in favour of the defenders.
He explained that while attackers use AI to make phishing messages more convincing or create deepfakes, defenders benefit in far more varied ways – like speeding up investigations and decision-making across security operations centres.
As India’s data protection rules mature, Mandiant expects to play a growing role – ensuring compliance while enabling proactive defence through AI and cyber readiness.