Palo Alto Networks CPO: Why Cybersecurity Needs ‘Much More’ AI

In an interview with CRN, Chief Product Officer Lee Klarich also discusses the company’s recent expansion into email security with the debut of XSIAM 3.0.

Even with the rapid adoption of AI-powered cybersecurity capabilities in recent years, the cybersecurity industry and channel would benefit from getting even more aggressive when it comes to using AI for security, Palo Alto Networks Chief Product Officer Lee Klarich told CRN.

The main reason is that the creation of new cyberattacks by threat actors is surging, bolstered by LLMs and other AI functionality—and there’s simply no way for humans to adapt quickly enough to that many new attacks, Klarich said.

“We can tell that AI is being used by attackers in order to build and launch more new attacks every day,” he said in an interview with CRN during RSAC 2025. “At the same time, we have data that shows that the time from the initial attack to breach is getting shorter and shorter.”

In other words, “you have more attacks that are happening faster,” Klarich said. “It’s very clear that the answer to this [is that] we have to leverage AI much, much more than we traditionally have as an industry.”

Cybersecurity giant Palo Alto Networks has continued to expand its portfolio of offerings in this regard, most recently at RSAC 2025 where the company debuted its new AI security platform, Prisma AIRS.

Key capabilities of Prisma AIRS include AI model scanning as well as posture management, AI red teaming and runtime security. Prisma AIRS will also offer security for AI agents, with capabilities to protect against threats to AI agents that include impersonation of identities and manipulation of memory as well as tool misuse, the company said.

Meanwhile, Palo Alto Networks also announced it plans to acquire a well-known AI security startup, Protect AI, as the company looks to accelerate its protection of technologies including GenAI and agents.

Elsewhere on the product front, Palo Alto Networks debuted Cortex XSIAM 3.0 with major updates including the introduction of advanced email security. XSIAM (extended security intelligence and automation management) aims to offer an AI-powered alternative to traditional SIEM (security information and event management) and is “one of the fastest-growing products in cybersecurity,” Palo Alto Networks CEO Nikesh Arora said during a quarterly call in February.

During the interview with CRN, Klarich also discussed the company’s expansion into email security and what the future holds for securing the massive coming adoption of AI agents.

Here is more of CRN’s interview with Klarich.

How much adoption are you seeing for AI-powered cybersecurity capabilities compared with the amount that attackers are using AI?

We have data [showing] how many more new attacks per day we are seeing created year over year. [It’s a] 300 percent increase. So we can tell that AI is being used by attackers in order to build and launch more new attacks every day. At the same time, we have data that shows that the time from the initial attack to breach is getting shorter and shorter. So you have more attacks that are happening faster. It’s very clear that the answer to this [is that] we have to leverage AI much, much more than we traditionally have as an industry. This is one topic where everything we’ve been doing around XSIAM—in terms of turning the SOC [Security Operations Center] into an AI- and automation-driven environment and being able to take customers’ meantime remediation of days down to hours [or] minutes—all of that is massively critical. And so then with the announcements around what we did with cloud earlier this year, and then what we’re doing with exposure management—where we’re bringing the same AI and automation to proactive security—is huge.

What’s the significance of your move into email security as part of XSIAM 3.0?

We’ve been asked for a long time by customers, ‘Hey, when are you going to do email security?’ Email has always been interesting. It’s one of the most prevalent communication applications used in pretty much every enterprise. It hasn’t really diminished over time, even though people have predicted the demise of email multiple times, and it’s still what everyone uses for the most part. But it always felt like a high-volume, relatively low-sophistication attack vehicle. You attach malware to emails; you do phishing over emails. It wasn’t clear that if we were to do it, that we would necessarily take a significantly different approach than the industry would. If we’re going to get into a new space, we generally want to have some insight and something that we’re going to do differently to solve a problem. What we’ve seen recently is that email has become very interesting. The advent of AI has up-leveled attacks to be more sophisticated, and we believe that we have an ability to approach it in a unique way.

One [differentiator] is, how we can bring AI to secure email—and really understand the content of an email to understand intent. And based on understanding intent, then be able to much better detect the more sophisticated attacks. The second is, we think that that needs to be combined with other data sources. So it’s not just taking email as the data feed, analyzing it and deciding with that single data source whether it’s good or bad—but being able to combine it with what we see on the network, what we see on the endpoint, what we see in identity systems. And can we combine that information to better understand what's an attack, and what’s a sophisticated attac—and how to investigate and respond to that attack? And so that combination of using AI to analyze email and multiple data sources stitched together—we think [that] is what is required going forward to really secure email. And so that combination fits perfectly with XSIAM. XSIAM is designed to pull in all these different data feeds, data sources, and analyze them. It’s already built around this idea of using AI to analyze and detect attacks. And so that combination is how we’re approaching email security.

At this stage how are you approaching providing security for agentic? How would you describe your strategy?

The way I see it is it’s way too early to predict what agentic frameworks are going to be the most popular or be the most widely used. In fact, I think what we’re likely to see is that just about every SaaS application is going to have AI agents in the future. Some of them already do. ServiceNow is announcing their AI agents, and Salesforce has their AI agents, and Microsoft. All these big SaaS platforms have AI agents that are now popping up within the application. Then you have companies that are building AI agent platforms—they’re saying, ‘Come build your agent on my platform.’ Some of those are SaaS platforms, and some of those are on-prem platforms, and some people are simply doing it themselves and building it themselves. With our approach, we’re going to build these security AI agents and enable those for customers. I think the way to look at it is most enterprises are going to have all of those. It’s not like one is going to win out. There’s going to be AI agents all over the place. And so, will some be built with serverless functions, no code/low code? Sure. Will some be code-heavy? Yeah. Will some be embedded in other applications? Uh huh. Will some be cloud-based? Yes. Will some be on-prem-based? Yeah, probably. So that’s the landscape when we say, ‘OK, so how do we go secure that?’

And so it becomes important that we don’t too quickly assume that there’s one architecture that’s going to win. It’s more important that we can secure our customers regardless of the architecture or architectures that they choose. For now, we want to be as flexible as we can versus being too narrow in what we focus on.

Since security often isn’t thought about early enough in the process of developing new types of software, how big of a concern is that with agentic?

From what I’ve seen so far, there is a very broad spectrum of how companies in general are approaching AI. Some are approaching it being very open with security being very much in the backseat. The others have swung all the way to the other side. They’re saying, ‘AI is dangerous until proven otherwise.’ As with most things in life, the answer is somewhere in between. I think that’s where the balance ends up. And so I assume the same thing will happen with agentic AI. There are some that will rush into it and put security as an afterthought in order to try to get as much learning as possible, as quickly as possible. There’ll be others that are going to wait for [the early adopters] to figure out all the things that go wrong and all the ways in which you can mess it up. And they’re going to wait and try to learn from that so they don’t have to learn from it on their own, in their own environments. And then everything in between. I think the right answer, though, in a lot of cases is going to be setting up pilots in controlled environments that are secure—where you’re testing out the capabilities and the controls at the same time you’re testing out security. And then all of that is done in concert, in an integrated fashion. That’s the right way to do it. And then we’ll see all the other variations of it as well.

What are some takeaways from your efforts around driving platformization for customers and partners?

I think with platformization, what’s often overlooked is it really matters how you build the platform. Platforms are a technical thing, or at least they should be. They’re not a consolidation of stuff. They’re an integration of capabilities to make them better. In just about everything you see in our announcements, it’s not just, ‘Hey, here's a new thing.’ It's, ‘Here’s a new thing. It’s amazing. And here’s how it integrates into one of our platforms in order to be better.’ We were just talking about email because it’s integrated into XSIAM, it allows us to leverage all this other data that’s already being analyzed that we can now apply toward email. We don’t have to re-ingest it. The exposure management we just announced—[that is] taking all the same data feeds that we’re using for the SOC and now applying it to a proactive security approach. And so when you think about platformization and action in the context of Cortex, we’re leveraging all of this incredibly useful data, and applying it to a new security challenge. That is an element of platformization in action. It’s not just that we added something—it’s that we integrated it. In network security, it’s very similar—the announcement around Prisma Access Browser integrated with AI security is an example where we’re integrating capabilities together to solve a problem that is otherwise really difficult to solve for customers.