ThreatLocker CEO: ‘Fighting AI With AI’ Is Not A Winning Security Strategy
The notion that LLM-powered tools will be able to fend off attacks powered by the same technology is ‘complete garbage,’ ThreatLocker CEO Danny Jenkins tells CRN in the inaugural episode of Security or Else!
It’s a ubiquitous slogan around the cybersecurity industry, but the idea of “fighting AI with AI” is fundamentally the wrong approach for protecting against intensifying LLM-powered attacks, according to ThreatLocker co-founder and CEO Danny Jenkins.
In an interview for the inaugural episode of Security or Else!—a new CRN video series hosted by senior editor Kyle Alspach—Jenkins discussed the risk to the industry from over-reliance on AI-driven security tools. The real answer, he argued, is to double down on controls such as zero trust security and deny-by-default policies for protecting users and data.
[Related: How MSPs Need To Prepare For AI-Accelerated Cyberattacks: Experts]
“This whole [notion of] ‘we’re fighting AI with AI’ is complete garbage,” Jenkins said during the Security or Else! interview. “It’s just nonsense, and we should really stop thinking that.”
That doesn’t mean AI has no place in cybersecurity, he noted. The technology can certainly help security teams with investigating unusual activity and identifying potential causes far more quickly than humans can themselves, Jenkins said.
However, AI has serious limitations that are not discussed often enough, he said. First and foremost, AI is not reliable when it comes to distinguishing between malicious behavior and legitimate activity, according to Jenkins.
“AI cannot determine intent. It can only determine behavior,” he said. “The difference between backup software and data exfiltration software is intent. Behaviorally, they’re [both] exactly the same.”
For MSPs, there is a clear risk of being pressured to spend more money on tools that purport to leverage AI in new ways, but in reality do not deliver major improvements over their existing products, Jenkins said.
The key is for MSPs to “check the tangible result” from new AI-powered tools before committing too heavily, he said.
“Does it actually work? Let me test it with unknown malware,” Jenkins said. “Let me try some phishing campaigns and see if the AI is able to detect it any better than the non-AI. And I think most of the time, the answer is no.”
Ultimately, the better approach is to focus on “basic security controls” such as zero trust for addressing the large majority of AI-powered threats in 2026 and beyond, he said.
Still, the increased attention around the AI-driven threat environment is also handing MSPs new conversation opportunities with customers, Jenkins said.
Many MSPs have struggled in the past to persuade customers to invest in cybersecurity at the level that is actually warranted, he said.
“We’ve been able to go to the customer and say, ‘What’s changed is we now have an AI-driven bad guy.’ We’re fighting a new war,” Jenkins said. “We need to make sure we even the playing field here.”