Attitudes toward enterprise AI deployments are shifting as concerns diminish due to increased awareness and negative examples in the international community, as per Mandiant CTO Charles Carmakal. Speaking to ITPro at the Google Cloud Next 2025 event, Carmakal observed a rapid change in the mindset of organizations that were previously hesitant to adopt AI technology.
The introduction of foreign AI models from countries deemed risky by Western organizations has actually increased trust in US-based companies, according to Carmakal. This shift in perception has been accelerated by the use of AI on a global scale, especially in regions viewed with suspicion by US leaders. The recent incidents involving Chinese AI models like DeepSeek and Qwen have raised security concerns, with experts flagging vulnerabilities that could be exploited for malicious activities.
Carmakal highlighted the ongoing issue of shadow IT within organizations, where employees use unauthorized tools or services without the knowledge of IT departments. This challenge of identifying improper AI use has prompted some companies to enforce bans on AI usage, but Carmakal dismissed this approach as ineffective in preventing employees from utilizing AI covertly on personal devices.
Google Unified Security, a new security suite introduced by Google Cloud, leverages AI agents to detect potential threats posed by employee interactions with certain tools and files. Carmakal emphasized that AI technology continues to empower defenders more than attackers in the current threat landscape, downplaying concerns about the emergence of ‘super malware’ developed using AI.
State-backed threats, particularly from Chinese and North Korean actors, remain a pressing issue for US businesses, with Carmakal highlighting the surge in intrusions by Chinese government-backed threat actors. The use of AI technology, such as deepfakes and voice clones, by North Korean actors to conceal their identities poses a significant challenge for cybersecurity efforts. Carmakal also mentioned the case of KnowBe4 inadvertently hiring a North Korean threat actor who proceeded to install malware on their work device.
Despite the decrease in ransomware payouts, the frequency of ransomware attacks remains high, requiring organizations to enhance their cybersecurity defenses. Carmakal stressed the importance of a proactive approach to cybersecurity, focusing on the specific threats facing each organization and utilizing AI tools for enhanced security measures. Google Cloud, with its comprehensive understanding of cybersecurity threats, can assist organizations in identifying and mitigating potential risks.
Overall, Carmakal’s insights shed light on the evolving landscape of AI technology in enterprise settings and the ongoing challenges posed by state-sponsored threat actors. By staying vigilant and leveraging advanced security measures, organizations can navigate the complex cybersecurity environment and safeguard their data from potential breaches and cyber threats.