The Cyber Deterrence Dilemma Navigating The AI Arms Race, Machine Speed Conflict, And The Imperative For Autonomous Defense

The Cyber Deterrence Dilemma: Navigating the AI Arms Race, Machine Speed Conflict, and the Imperative for Autonomous Defense Section 1: The AI Arms Race: A New Cold War Paradigm 1.1. Strategic Framework: The AI Arms Race and the Cold War Paradigm The development and weaponization of Artificial Intelligence (AI) for military and cyber applications have catalyzed a competitive geopolitical landscape widely described as the "Artificial Intelligence Cold War".1 This contemporary rivalry primarily involves the United States, China, and Russia, mirroring the historical dynamics of the Cold War where nations engaged in an arms race focused on technological superiority to establish deterrence.1 The critical parallel lies in the high stakes involved. The current environment involves nations leveraging advanced AI for potentially massive-scale cyberattacks, sophisticated disinformation campaigns, and the systemic disruption of critical infrastructure.1 The competitive pressure is palpable, exemplified by the establishment of the National Security Commission on Artificial Intelligence ($\text{NSCAI}$) in the U.S., which was prompted by concerns about being unprepared for competition, particularly with China.1 China, driven by national strategies to achieve global leadership in AI by 2030, continues its aggressive investment, raising alarms regarding its accelerating influence and control over critical technology. Russia, while facing challenges in broad technological development, maintains an asymmetric advantage, notably excelling in sophisticated cyber warfare and disinformation tactics.1 The implications of this new technological cold war extend far beyond kinetic conflict, touching global alliances, data privacy, and the fundamental ethical considerations inherent in widespread AI deployment.1 1.2. The Weaponization of Autonomous Cyber Systems and Strategic Stability The escalating integration of AI into military systems signifies that autonomous weapons systems ($\text{AWS}$) are becoming a key focus of strategic competition.2 While the analogy of "killer robots" often refers to unmanned aircraft, the immediate threat is the increasing incorporation of AI into all facets of conflict, creating a profound danger of decisions being made without meaningful human control.2 This possibility introduces significant moral ambiguity, as conflict outcomes could be determined by machines incapable of ethical decision-making.2 A key concern for strategic stability involves the inherent speed of AI.3 AI systems operating at machine velocity have the capacity to accelerate the pace of combat to such an extent that machine actions exceed the "cognitive and physical ability of human decision-makers to control or even comprehend events".3 This convergence of machine speed and strategic decision-making highlights a crucial structural risk: Escalation risk is instantaneous. The integration of AI into strategic systems, coupled with its inherent operational velocity in the cyber domain, fundamentally undermines classical deterrence theory.3 Classical deterrence relies on time—a slow, deliberate political and military signaling process—to prevent immediate, uncontrolled conflict escalation.3 If an autonomous defensive AI response is triggered by a highly effective, machine-speed offensive cyber maneuver, that response could initiate rapid and uncontrollable escalation, bypassing the necessary human-political elements required for de-escalation and intentional signaling. The window for political maneuver and negotiation is compressed to zero in a machine-speed conflict environment. Furthermore, the strategic approach of major powers demonstrates a significant internal contradiction. The U.S. government is increasingly reliant on commercial-off-the-shelf ($\text{COTS}$) "frontier AI" capabilities from leading technology labs, having awarded contracts totaling hundreds of millions of dollars to firms like Anthropic and OpenAI for national security use cases.4 Simultaneously, there is an urgent and widespread international demand for establishing binding treaties and regulations for autonomous weapon systems.7 However, powerful military actors, including the United States, have historically abstained from multilateral proposals for regulation or a complete ban on lethal autonomous weapons systems ($\text{LAWS}$).7 This strategic contradiction prioritizes maintaining technological superiority and speed of adoption over establishing long-term stability norms. By refusing to engage in international regulation while aggressively commercializing advanced AI for military applications, the U.S. effectively accelerates global proliferation and asymmetric AI warfare, cementing technological speed as the dominant, unregulated factor in the geopolitical balance. Section 2: Machine Speed Conflict: The Velocity of Attack vs. The Lag of Defense 2.1. Defining the Digital Fault Line: The End of Human-Paced Defense The fundamental nature of cybersecurity conflict has shifted from a contest between human adversaries to a race between autonomous software agents operating at machine speed.9 This profound rupture has invalidated the underlying assumptions of decades of digital defense.9 A historical analysis of major attacks illustrates this accelerating tempo: 1. 2003: Blaster. This attack represented human-paced chaos. Defenders were able to contain the crisis through coordinated human effort involving patching and anti-virus updates, with the tempo measured in weeks. Defense had the upper hand because the remediation process was clear and the worm was predictable.9 2. 2010: Stuxnet. This attack marked the rise of precision, utilizing zero-days and stealthy payloads for surgical sabotage. While faster and more sophisticated, its deployment and mission design were still reliant on human operators, keeping the tempo bounded by a human cadence.9 3. 2017: WannaCry. This combined ransomware with worm-like propagation, repurposing leaked nation-state exploits. It demonstrated automation at scale, crippling global institutions in days—the first major glimpse of automation outpacing human response globally.9 4. 2025: Autonomy Arrives (e.g., LameHug). Contemporary malware, such as LameHug (attributed to $\text{APT28}$), uses Large Language Models ($\text{LLMs}$) to operate autonomously. These agents generate commands, adapt their strategy in real time, escalate privileges, and evade defense systems without direct, step-by-step human intervention.9 2.2. Autonomous Penetration and Lateral Movement at Machine Speed The speed differential is most starkly realized in two crucial stages of the cyber kill chain: initial penetration testing and subsequent lateral movement. Lateral movement refers to the techniques attackers use to navigate an internal network after gaining initial access, expanding their foothold, escalating privileges, and locating high-value targets like servers and privileged accounts.10 Successfully mitigating lateral movement is essential for cyber resilience.10 The longer an adversary is allowed to engage in this lateral movement—the protracted "dwell time"—the higher the probability of mission success.11 Autonomous AI tools fundamentally compress this critical window. Autonomous penetration testing, often utilizing platforms like NodeZero 12, dynamically traverses complex networks to identify exploitable vulnerabilities.12 This capability is far more efficient than manual testing, whose cost and speed cannot scale to modern networks.12 Comprehensive cost-benefit analyses of autonomous penetration testing demonstrate compelling metrics: testing cycles are reduced from weeks to hours, coverage across digital assets can increase by up to 200%, and compliance reporting time can be reduced by 90%.13 This dramatic reduction in testing time is a direct indicator of the speed advantage an autonomous offensive agent possesses in exploiting vulnerabilities and moving laterally across a target network. The automation of this process also results in an average cost reduction of 70–80% compared to traditional methods.13 This economic efficiency democratizes high-speed offensive capability, making sophisticated, high-coverage attacks accessible to a much broader range of threat actors. 2.3. The Defender’s Deficit: A Metric-Based Analysis Against the background of autonomous offensive speed, conventional human-led defense mechanisms suffer from a crippling latency deficit. The current average dwell time for attackers—the period between initial breach and detection—remains alarmingly high, typically ranging from 100 to 140 days.14 Against an adversary capable of achieving full penetration and lateral movement in mere hours 13, this latency guarantees success for the attacker.14 To effectively contain an intrusion, security operations centers ($\text{SOCs}$) must adhere to the "1-10-60 rule": detecting an intrusion within 1 minute, investigating within 10 minutes, and containing or remediating the problem within 60 minutes (the "breakout time").11 Human analysts are fundamentally incapable of consistently meeting the 1-10-60 rule against adaptive, autonomous AI agents. Human error and lack of awareness are significant factors in security breaches.15 AI, conversely, is transforming incident response by detecting anomalies in near real-time, flagging threats faster than human analysts, automating triage for prioritization, and finding trends in threat behavior.14 AI dramatically lowers the Mean Time to Detect ($\text{MTTD}$) and Mean Time to Respond ($\text{MTTR}$).14 If an attacker’s autonomous AI agent can dynamically adapt its commands and evade detection faster than a human analyst can complete the 10-minute investigation required for the containment process 11, then the human response is functionally negated. The strategic metric has thus become the rate of adaptation—the ability of defensive systems to match the velocity of the threat's continuous, automated adjustment. Defense must transition to "agentic" and autonomous response mechanisms to achieve real-time threat hunting and triage.14 The table below illustrates the scale of the speed disparity: The Velocity of Conflict: Autonomous AI Attack vs. Human SOC Response Metrics Metric Human/Conventional Baseline Autonomous AI Offense Capability Strategic Implication Attacker Dwell Time (Average) 100–140 Days 14 Minutes/Hours (Adaptive Evasion) 9 Complete failure of containment; data exfiltration guaranteed. Time to Penetrate/Exploit Weeks (Manual Pen Testing) 13 Hours (Autonomous Testing) 13 Defense systems cannot identify vulnerabilities fast enough to patch before mass exploitation. Required Response Time (Breakout) Max 60 Minutes (Containment) 11 Near Real-Time (Seconds) 14 Human cognitive and physical decision latency is intolerable in machine-speed conflict. 2.4. The Tipping Point: The Offense-Defense Balance Disruption Historically, AI capabilities have benefited defenders, enabling the rapid scaling of solutions necessary to counter new threats.16 However, analysis suggests that future frontier AI capabilities will disrupt this historical balance, potentially tipping the scales "dramatically and potentially dangerously toward attackers".16 This disruption stems from the unprecedented scale and speed of autonomous attack agents. Without immediate and significant strategic intervention and resource allocation, increasingly advanced AI systems are projected to grant attackers a decisive and dangerous advantage.16 The urgency of anticipating and preparing for this impact is critically heightened by the intensifying strategic competition between the United States and China.16 The defense sector must recognize that investing in AI defense is now an economic necessity, not merely a technology upgrade. The dramatic reduction in cost and time for sophisticated offensive operations means that the threat surface expands exponentially, as advanced tools become accessible to lower-tier adversaries.13 Corporations and critical infrastructure operators must view AI defense investment as a fundamental hedge against the rapidly increasing volume and sophistication of threats. Section 3: The Commercial and Corporate Response Imperative 3.1. The AI Defense Imperative and Risk of Lagging The strategic risk of governmental and corporate entities lagging in the development and deployment of AI-assisted defensive tools is simply too high.16 Expert forecasts indicate that AI will almost certainly increase both the volume and the heightened impact of cyber attacks over the next two years (2025-2027).17 This surge is driven by the commodification of AI, which lowers the barrier to entry for novice cyber criminals, hackers-for-hire, and hacktivists.17 These actors gain significant capability uplift in reconnaissance and social engineering, enhancing access and likely contributing to the global ransomware threat.17 To address this deficit, security professionals must double down on policies to shore up cybersecurity and invest in AI research and development specifically structured to differentially promote cyber defense.16 Organizations must prioritize specific functional areas where AI can deliver immediate impact, such as analyzing vast datasets for threat detection and automating response protocols faster than traditional methods.18 This rapid response capability is necessary for businesses to achieve quick wins and set the stage for broader AI integration across the enterprise.18 3.2. Market Overview and Vendor Offerings The commercial market for AI in cybersecurity is responding to this strategic imperative with explosive growth. The global market size was estimated at $25.35 billion in 2024 and is projected to skyrocket to **$93.75 billion by 2030**, representing a Compound Annual Growth Rate ($\text{CAGR}$) of 24.4%.[19] Vendors are primarily leveraging AI technologies, including Natural Language Processing ($\text{NLP}$) and Machine Learning ($\text{ML}$), to enhance core cybersecurity measures.19 Leading vendors are emphasizing autonomous capabilities across the cyber lifecycle: * Autonomous Defense and Monitoring: Products like Honeywell Cyber Proactive Defense utilize AI and $\text{ML}$ to provide continuous monitoring, advanced threat hunting, and expert analysis, seeking to reduce MTTD.20 * Real-Time Intelligence: Dataminr Pulse for Corporate Security and Cyber Risk leverages AI to provide real-time event, threat, and risk intelligence, supporting use cases from digital risk management and vulnerability prioritization to physical security and operational resilience.21 Dataminr recently announced an "Agentic AI Roadmap," signaling a transition toward more autonomous information discovery and risk management solutions.21 * Automated Validation: Horizon3.ai and others promote autonomous penetration testing to scale vulnerability identification, shifting testing cycles from weeks to hours.12 Despite this aggressive market development, industry materials, such as those from the SANS Institute 22, underscore the necessity of navigating the opportunities and challenges of "AI for Security and Security for AI." Some reports caution that the reality often falls short of ambitious vendor promises; many teams report disillusionment, struggling with AI tools that are reactive rather than proactively capable of autonomously countering sophisticated attacks.23 3.3. Challenges and Trust in Defensive AI The reliance on AI for defense introduces significant vulnerabilities, notably through what is termed Adversarial AI. The same cognitive capabilities that enhance defense can be strategically weaponized by malicious actors.24 This creates a high-stakes arms race where security professionals must understand and address inherent new attack vectors.24 Two primary risks threaten the integrity of AI-driven security tools: 1. Model Poisoning: Attackers can inject malicious data during the training phase of an AI model. This causes the trained model to fail to detect actual threats or, worse, to misclassify legitimate activity as malicious, thereby undermining the model's reliability.24 2. Adversarial Attacks: These involve crafting specific inputs designed to cause a deployed, trained model to misclassify data, leading to detection failure.24 The complex development of AI security tools, which requires significant data for training and operation 25, introduces a further structural vulnerability: the vulnerability of the defensive AI stack itself. As threat actors become aware that defense relies on complex, data-driven modeling, their strategy shifts toward undermining the integrity of these models through adversarial attacks and poisoning.24 This structural attack on the security stack necessitates robust governance frameworks that guarantee transparency, explainability, and rigorous testing against adversarial manipulation.26 A related concern involves the data supply chain. Training large language models requires vast amounts of high-quality data.27 The reliance on synthetic data or third-party data providers introduces data supply chain risks, creating an "Achilles heel" where the poisoning of one dataset could have massive, cascading trickle-down impacts across multiple dependent defense systems.27 Data security and vetting are therefore paramount to ensure the efficacy of defensive AI.27 Without sufficient validation, the accelerated adoption driven by the strategic imperative risks fostering a false sense of security, where organizations believe they are protected by advanced AI when, in reality, their reactive, first-generation systems will be easily exploited by truly autonomous, adaptive offensive agents. Section 4: National Strategy: US Government Offense, Defense, and Acquisition 4.1. The US Cyber Strategy Framework The U.S. government, recognizing the strategic criticality of AI, has implemented a multi-agency strategy to both leverage and secure AI capabilities. The Cybersecurity and Infrastructure Security Agency ($\text{CISA}$) has articulated a Roadmap for AI that aligns with the national strategy.28 $\text{CISA}$'s plan rests on three pillars: promoting AI's beneficial uses to enhance cybersecurity, ensuring AI systems are protected from cyber threats, and deterring the malicious use of AI against critical infrastructure.28 This includes a mandate for technology to be "Secure by Design," ensuring security is built into the design and manufacture of technology products from the outset.29 $\text{CISA}$ has published extensive guidance, including best practices for securing data used to train AI systems and playbooks for cybersecurity collaboration.29 The National Institute of Standards and Technology ($\text{NIST}$) plays a crucial role in establishing governance and standards. $\text{NIST}$ focuses on measurement science, advancing a risk-based approach to maximize AI benefits while minimizing negative consequences.30 Its work is anchored in the AI Risk Management Framework ($\text{AI RMF}$), which provides a nonregulatory guide for managing AI risk and advancing use-inspired AI that bolsters innovations across government agencies.30 $\text{NIST}$ is actively working to accelerate the development of $\text{AI}$ standards through initiatives like the $\text{AI}$ Standards "Zero Drafts" Pilot Project.30 4.2. Leveraging Frontier AI for National Security The Department of Defense ($\text{DoD}$) is aggressively pivoting toward commercial technology through its Chief Digital and Artificial Intelligence Office ($\text{CDAO}$), executing a "commercial-first" approach to accelerate the adoption of advanced AI.4 This strategy represents a significant move away from sole reliance on bespoke, long-cycle defense Research and Development ($\text{R\&D}$) programs. The $\text{CDAO}$ has channeled substantial investment into cutting-edge commercial models, awarding multiple contracts totaling up to $800 million to leading U.S. frontier AI companies, including OpenAI, Anthropic, Google, and xAI.4 These awards are designed to leverage the technology and talent of U.S. industry.4 The primary focus of these contracts is the development of "agentic AI workflows" for various mission areas, including warfighting, intelligence, business, and enterprise information systems.4 Specific use cases cited for the technology developed by firms like OpenAI and Anthropic include health care for soldiers, administrative operations, and, critically, cyber operations.32 Anthropic, for example, is developing working prototypes fine-tuned on $\text{DOD}$ data and collaborating with defense experts on adversarial AI mitigation.33 4.3. Autonomous Capabilities in Offensive and Defensive Operations The strategic imperative to adopt autonomous capabilities is explicitly stated by U.S. defense leadership. United States Cyber Command ($\text{USCYBERCOM}$) has stated that it is actively leveraging AI to enhance core operational capabilities across the cyber domain: "collection, detection, exploitation, maneuver, and command and control".34 The goal of this adoption is clearly stated as generating "greater speed and scale".34 A key driver of this aggressive stance is the realization that this technological edge is not exclusive. $\text{USCYBERCOM}$ acknowledges that "There is no inherent obstacle to our adversaries using AI for similar purposes – or even more".34 This acceptance of adversary parity in autonomous technology dictates the urgent need for competitive acceleration in both offensive and defensive $\text{AI}$ tools. Policy recommendations stemming from bodies like the Center for a New American Security ($\text{CNAS}$) advocate for the U.S. government to invest in $\text{AI}$ research and development to differentially promote cyber defense.16 This decision reflects a sophisticated strategy: recognizing the short-term advantage of AI for attackers, the U.S. must prioritize technological superiority in defense (e.g., proactive pattern recognition and data analysis) to stabilize the offense-defense balance and counteract the low-cost democratization of offense. 4.4. Key Government Contractors and Ecosystem The execution of the national cyber strategy relies on a robust ecosystem of government contractors and technology providers. This includes traditional defense integrators and specialized cybersecurity vendors.35 Companies like General Dynamics and Leidos are crucial in providing tailored cyber defense solutions to federal agencies, including protecting classified information systems and ensuring network safety through threat intelligence sharing and incident response.35 Meanwhile, major commercial cybersecurity firms—such as CrowdStrike, Fortinet, and Palo Alto Networks—partner with agencies like $\text{CISA}$ and the Department of Justice ($\text{DoJ}$) to secure critical infrastructure and digital assets.35 CrowdStrike, for instance, provides cloud-based antivirus software for response to cyber spying.35 The rapid acquisition of frontier $\text{AI}$ capabilities through contracts with Anthropic, OpenAI, and Google 31 solidifies the role of commercial tech giants in the national security mission. The strategic convergence of these actors is summarized below: Strategic Convergence: The US Government’s AI Cyber Defense Ecosystem Agency/Office Strategic Focus Area (AI) Key Initiative/Policy Relevant Contractors/Partners DoD/CDAO Accelerate Frontier AI Adoption/Agentic Workflows $800M Frontier AI Contracts 31 Anthropic, Google, OpenAI, xAI 4 ## USCYBERCOM Enhance Offensive and Defensive Scale Leveraging AI for Exploitation and Maneuver 34 General Dynamics, CrowdStrike, Leidos, Microsoft 35 CISA Promote Secure AI Adoption/Resilience AI Roadmap, Secure by Design, AI Red Teaming 29 Palo Alto Networks, Fortinet, Cloudflare 35 NIST Governance and Risk Management AI Risk Management Framework (AI RMF), AI Standards 30 N/A (Standards & Research Body) A notable point of governance friction arises in the deployment phase. While the $\text{CDAO}$ aims to deploy these advanced $\text{AI}$ systems for mission essential tasks in the warfighting domain 4, many leading commercial AI labs, including OpenAI, maintain public usage policies that explicitly ban their services from being used to "develop or use weapons".32 This dichotomy forces the Department of Defense to navigate the legal and ethical restrictions imposed by its private-sector partners, potentially limiting the scope of autonomous offensive cyber capabilities derived from the most advanced $\text{COTS}$ AI. Resolution requires clear, binding agreements that define "weapons use" in the cyber context to avoid operational impediments. Section 5: The Near-Term Future and Policy Recommendations (2025-2027) 5.1. Threat Forecast: The AI-Enabled Cyber Deluge (2025-2027) The trajectory for the near term is clear: AI will continue to increase the effectiveness and efficiency of cyber intrusion operations, leading to a rise in the frequency and intensity of threats through 2027.17 The immediate threat (2025) primarily involves the evolution and enhancement of existing tactics, techniques, and procedures ($\text{TTPs}$), with both state and non-state actors already using AI to varying degrees.17 The proliferation of Generative $\text{AI}$ ($\text{GenAI}$) and $\text{LLMs}$ accelerates the general understanding of security processes and technologies, which, in turn, spurs elaborate, automated attacks.37 Key advancements in offensive $\text{AI}$ include: * Hyper-Realistic Social Engineering: $\text{GenAI}$ creates highly convincing deepfakes—realistic but fake images, audio, or video—used in advanced social engineering and phishing campaigns, making human discernment nearly impossible and significantly increasing attack success rates.24 AI offers a "significant uplift" in social engineering capability.17 * Automated Zero-Day Discovery: $\text{GenAI}$ possesses robust search and analyze capabilities that threat actors will exploit to rapidly surface unknown zero-days and unpatched vulnerabilities ($\text{CVEs}$).37 * Enhanced Precision and Impact: $\text{AI}$'s ability to summarize massive amounts of data at pace will enable threat actors to quickly identify high-value assets for examination and exfiltration, enhancing the overall impact of ransomware and targeted attacks.17 The implication of this accelerated offensive capability is that data exfiltration is weaponizing data scarcity. The operational barriers for automated reconnaissance, social engineering, and malware are primarily related to data quality.17 As successful exfiltrations occur globally, the data feeding the adversary's $\text{AI}$ models improves, enabling faster, more precise future cyber operations.17 Therefore, preventing data loss is no longer just about protecting proprietary information; it is a critical defense mechanism aimed at disrupting the enemy's $\text{AI}$ training pipeline. 5.2. The Emerging Digital Divide and Systemic Risk Looking toward 2027, experts predict the emergence of a stark digital divide.36 On one side will be systems that manage to keep pace with AI-enabled threats through continuous technological investment and innovation; on the other will be a large proportion of systems and organizations that are left vulnerable.36 The inability to keep pace with frontier $\text{AI}$ cyber developments will be critical to cyber resilience for the coming decade.36 Assuming a lag in defense mitigations, there is a realistic possibility that critical systems will become fundamentally more vulnerable to advanced threat actors by 2027.36 By that time, skilled cyber actors will highly likely be using $\text{AI}$-enabled automation to aid evasion and maximize scalability.36 The challenge is not just technological; the increases in the volume, complexity, and impact of cyber operations will intensify resilience challenges for both government and the private sector.17 5.3. Policy and Governance Frameworks In the face of autonomous cyber conflict, the lack of realistic accountability and enforcement mechanisms for autonomous systems is a critical gap.7 Autonomous systems, though fast, remain highly prone to error and adversarial vulnerability.7 While major military powers continue to abstain from comprehensive treaty proposals, international coordination efforts are building momentum to regulate these technologies.7 The Council of Europe has adopted an international treaty calling for signatories to implement measures ensuring transparency, accountability, reliability, and rigorous risk and impact management frameworks for $\text{AI}$ systems.8 Furthermore, the UN Cybercrime Convention provides the first globally negotiated framework in over 20 years for combating crimes committed through $\text{ICT}$ systems, prioritizing collaboration and capacity-building.38 The ultimate necessity for deterrence in an autonomous cyber conflict is clarifying liability. If an AI weapon, operating autonomously at machine speed, commits a harmful action, establishing clear norms around liability for cyber harms is paramount.16 When human judgment is embedded throughout the system’s lifecycle, responsibility must be clearly allocated—to the developer, the operator, or the sponsoring state.39 If liability remains ambiguous, it removes a critical legal and ethical constraint on the reckless development and deployment of autonomous capabilities, thereby making conflict more likely and fundamentally less manageable. Clarifying liability norms must be a primary focus of policymakers.16 Section 6: Autonomous Cyber Operations: The Human-in-the-Loop Debate ($\text{HITL}$) The core debate surrounding autonomous weapon systems ($\text{AWS}$) centers on the necessity of maintaining "meaningful human control" and judgment, a discussion primarily focused on ethical responsibility and compliance in kinetic conflict.2 The same critical debate regarding the presence of a human-in-the-loop ($\text{HITL}$) must be applied with equal urgency to autonomous cyber weapons and defensive systems, which operate in a domain defined by machine speed. The Imperative for Autonomous Response In the cyber realm, the requirement for an autonomous response is driven not by ethical philosophy but by operational necessity. As discussed, human decision-makers cannot meet the crucial 1-10-60 defense rule against an adversary capable of autonomous lateral movement in minutes or hours.11 United States Cyber Command ($\text{USCYBERCOM}$) explicitly states its focus on leveraging AI to generate "greater speed and scale" across cyber operations, including detection, exploitation, and maneuver.34 This goal implicitly accepts that human latency must be minimized or removed for a defensive system to effectively counteract machine-speed threats. Ethical Friction and Liability As the $\text{DoD}$ accelerates its "commercial-first" approach, awarding hundreds of millions of dollars to frontier $\text{AI}$ firms for cyber operations use cases 4, a significant governance friction point emerges. Leading commercial $\text{AI}$ developers, such as OpenAI, maintain public policies explicitly prohibiting the use of their services to "develop or use weapons".32 While this policy is often framed around kinetic weapons, its application to advanced offensive cyber capabilities—which the $\text{DoD}$ seeks to enhance—must be clarified to avoid operational gridlock. The fundamental policy gap lies in establishing liability when an autonomous cyber system commits a harmful action, especially without $\text{HITL}$.16 Unlike conventional warfare where liability is clear, an AI-driven, high-speed intrusion or defensive countermeasure can result in massive collateral damage or unintended escalation. To maintain responsible autonomy, policymakers must clarify federal regulation around liability for cyber harms from frontier $\text{AI}$.16 Embedding Judgment Beyond the Override Rather than viewing the $\text{HITL}$ debate as a simple final "override" switch, the consensus for responsible autonomy shifts toward embedding human judgment throughout the system's entire lifecycle.39 This means that the core policy challenge is not just deciding when to pull the human out, but ensuring that human and ethical constraints are "woven throughout an $\text{AWS}$'s lifecycle," starting with the code.39 This critical requirement must apply to the development of autonomous cyber defense and offense systems, encompassing: 1. Design and Data Selection: Ensuring the training data, machine learning techniques, and testing regimes align with legal and ethical parameters.39 2. Mission Planning: Establishing clear rules of engagement and mission parameters that govern the autonomous system's performance.39 Ultimately, the lack of realistic accountability and enforcement mechanisms for autonomous systems must be addressed.7 If liability remains ambiguous, it removes a critical ethical constraint, thereby making uncontrolled, autonomous cyber conflict more likely.16 Works cited 1. Artificial Intelligence Cold War | Research Starters - EBSCO, accessed October 19, 2025, https://www.ebsco.com/research-starters/diplomacy-and-international-relations/artificial-intelligence-cold-war 2. War, Artificial Intelligence, and the Future of Conflict - Georgetown Journal of International Affairs, accessed October 19, 2025, https://gjia.georgetown.edu/2024/07/12/war-artificial-intelligence-and-the-future-of-conflict/ 3. Artificial Intelligence: A Threat to Strategic Stability - Air University, accessed October 19, 2025, https://www.airuniversity.af.edu/Portals/10/SSQ/documents/Volume-14_Issue-1/Johnson.pdf 4. CDAO Announces Partnerships with Frontier AI Companies to Address National Security Mission Areas - Chief Digital and Artificial Intelligence Office, accessed October 19, 2025, https://www.ai.mil/latest/news-press/pr-view/article/4242822/cdao-announces-partnerships-with-frontier-ai-companies-to-address-national-secu/ 5. Pentagon awards multiple companies $200M contracts for AI tools - Nextgov/FCW, accessed October 19, 2025, https://www.nextgov.com/acquisition/2025/07/pentagon-awards-multiple-companies-200m-contracts-ai-tools/406698/ 6. Anthropic, Google, OpenAI, xAI just scored the DoD's Biggest AI Deal Yet - Maginative, accessed October 19, 2025, https://www.maginative.com/article/anthropic-google-openai-xai-just-scored-the-dods-biggest-ai-deal-yet/ 7. Lethal autonomous weapons systems & artificial intelligence: Trends, challenges, and policies, accessed October 19, 2025, https://sciencepolicyreview.org/wp-content/uploads/securepdfs/2022/10/v3_AI_Defense-1.pdf 8. Council of Europe Adopts International Treaty on Artificial Intelligence - Inside Privacy, accessed October 19, 2025, https://www.insideprivacy.com/artificial-intelligence/council-of-europe-adopts-international-treaty-on-artificial-intelligence/ 9. The age of AI warfare (Analyst Angle) - RCR Wireless News, accessed October 19, 2025, https://www.rcrwireless.com/20250904/analyst-angle/the-age-of-ai-warfare 10. Cybersecurity 101: What is Lateral Movement? A Complete Breakdown | Illumio, accessed October 19, 2025, https://www.illumio.com/cybersecurity-101/lateral-movement 11. What is Lateral Movement? - CrowdStrike.com, accessed October 19, 2025, https://www.crowdstrike.com/en-us/cybersecurity-101/cyberattacks/lateral-movement/ 12. Horizon3.ai: Only Pentesting Platform Proven in Production, accessed October 19, 2025, https://horizon3.ai/ 13. Autonomous AI Pen Testing: When Your Security Tools Start Thinking for Themselves, accessed October 19, 2025, https://www.networkintelligence.ai/blog/autonomous-ai-pen-testing-when-your-security-tools-start-thinking-for-themselves/ 14. Understanding incident metrics: MTTD and MTTR - The Missing Link, accessed October 19, 2025, https://www.themissinglink.com.au/news/understanding-incident-metrics-mttd-and-mttr 15. What is Cybersecurity Metrics? - Vectra AI, accessed October 19, 2025, https://www.vectra.ai/topics/cybersecurity-metrics 16. New CNAS Report Examines the Threat of Emerging AI Capabilities ..., accessed October 19, 2025, https://www.cnas.org/press/press-release/new-cnas-report-examines-how-emerging-ai-capabilities-could-disrupt-the-cyber-offense-defense-balance 17. The near-term impact of AI on the cyber threat - NCSC.GOV.UK, accessed October 19, 2025, https://www.ncsc.gov.uk/report/impact-of-ai-on-cyber-threat 18. What Are the Steps to Successful AI Adoption in Cybersecurity? - Palo Alto Networks, accessed October 19, 2025, https://www.paloaltonetworks.com/cyberpedia/steps-to-successful-ai-adoption-in-cybersecurity 19. AI In Cybersecurity Market Size, Share | Industry Report, 2030 - Grand View Research, accessed October 19, 2025, https://www.grandviewresearch.com/industry-analysis/artificial-intelligence-cybersecurity-market-report 20. AI Threat Detection - Cyber Proactive Defense - Honeywell, accessed October 19, 2025, https://www.honeywell.com/us/en/campaigns/ai-threat-detection 21. Dataminr: AI-Powered Real-Time Event, Threat & Risk Intelligence, accessed October 19, 2025, https://www.dataminr.com/ 22. SANS Cyber Security White Papers, accessed October 19, 2025, https://www.sans.org/white-papers 23. The False Promises of AI in Cybersecurity - Whitepaper - MixMode, accessed October 19, 2025, https://mixmode.ai/whitepapers-reports/the-false-promises-of-ai-in-cybersecurity/ 24. What Are the Risks and Benefits of Artificial Intelligence (AI) in Cybersecurity? - Palo Alto Networks, accessed October 19, 2025, https://www.paloaltonetworks.com/cyberpedia/ai-risks-and-benefits-in-cybersecurity 25. What is AI Adoption and Why Does It Matter? - Fortinet, accessed October 19, 2025, https://www.fortinet.com/resources/cyberglossary/ai-adoption 26. What Is AI Governance? - Palo Alto Networks, accessed October 19, 2025, https://www.paloaltonetworks.com/cyberpedia/ai-governance 27. AI and Cybersecurity: Predictions for 2025 - Darktrace, accessed October 19, 2025, https://www.darktrace.com/blog/ai-and-cybersecurity-predictions-for-2025 28. Roadmap for AI - CISA, accessed October 19, 2025, https://www.cisa.gov/resources-tools/resources/roadmap-ai 29. Artificial Intelligence - CISA, accessed October 19, 2025, https://www.cisa.gov/ai 30. Artificial intelligence | NIST, accessed October 19, 2025, https://www.nist.gov/artificial-intelligence 31. Anthropic, Google and xAI win $200M each from Pentagon AI chief for 'agentic AI', accessed October 19, 2025, https://breakingdefense.com/2025/07/anthropic-google-and-xai-win-200m-each-from-pentagon-ai-chief-for-agentic-ai/ 32. OpenAI awarded $200M DOD prototype contract - Nextgov/FCW, accessed October 19, 2025, https://www.nextgov.com/artificial-intelligence/2025/06/openai-awarded-200m-dod-prototype-contract/406128/ 33. Anthropic awarded $200M DOD agreement for AI capabilities, accessed October 19, 2025, https://www.anthropic.com/news/anthropic-and-the-department-of-defense-to-advance-responsible-ai-in-defense-operations 34. UNCLASSIFIED UNCLASSIFIED POSTURE STATEMENT OF LIEUTENANT GENERAL WILLIAM J. HARTMAN, USA ACTING COMMANDER, UNITED STATES CYBER, accessed October 19, 2025, https://www.armed-services.senate.gov/united-states-cyber-command-posture-statement-ltg-william-j-hartman 35. 10 Remarkable Government Cybersecurity Company Contractors in 2024 - ExecutiveGov, accessed October 19, 2025, https://executivegov.com/articles/10-cybersecurity-company-contractors 36. Impact of AI on cyber threat from now to 2027 - NCSC.GOV.UK, accessed October 19, 2025, https://www.ncsc.gov.uk/report/impact-ai-cyber-threat-now-2027 37. 2025 Forecast: AI to supercharge attacks, quantum threats grow, SaaS security woes, accessed October 19, 2025, https://www.scworld.com/feature/cybersecurity-threats-continue-to-evolve-in-2025-driven-by-ai 38. Basic facts about the global cybercrime treaty - the United Nations, accessed October 19, 2025, https://www.un.org/en/peace-and-security/basic-facts-about-global-cybercrime-treaty 39. Embedded Human Judgment in the Age of Autonomous Weapons - Just Security, accessed October 19, 2025, https://www.justsecurity.org/121345/embedded-human-judgment-autonomous-weapons/