AI is changing cyber offense and defense, says US' Council of Advisers on Science & Technology member, David Sacks

New Delhi [India], May 1 : Former White House Crypto and AI Czar and US' Council of Advisers on Science & Technology member David Sacks has weighed in on the growing role of artificial intelligence in cybersecurity, arguing that AI models are not a "doomsday device" but tools that will reshape both cyber offense and defense.

Sacks made the remarks on X while reposting a thread by the AI Security Institute, which announced that OpenAI's GPT-5.5 is the second model to successfully complete one of its multi-step cyber-attack simulations end-to-end.

"It's time to demystify Mythos," Sacks wrote, referring to an earlier AI cyber model. "Mythos is not magic. It's not a doomsday device. It's the first of many models that can automate cyber tasks (just like coding)." He added that OpenAI's GPT-5.5-cyber can now do the same, and that "all the frontier models (including those from China) will be there within approximately 6 months."

Sacks emphasized that these models do not create vulnerabilities but discover them. "The bugs are already in the code. Using AI to discover and patch them will actually harden these systems," he said. He predicted that the shift from pre-AI to post-AI cybersecurity would trigger a "big upgrade cycle," after which the market is likely to settle into a new equilibrium between AI-powered cyber-offense and AI-powered cyber-defense.

He stressed the importance of ensuring that cyber defenders get access to these models before attackers, noting that the process is already underway but needs to move quickly given the pace of development in China and elsewhere. Unlike Mythos, Sacks said, GPT-5.5-cyber "appears not to be token constrained so it may be the first cyber model that defenders actually get to use."

Sacks is a Silicon Valley entrepreneur and investor and is a co-founder of PayPal and was previously the founding COO of the company. He also founded Yammer, which was acquired by Microsoft for $1.2 billion in 2012. In his current role, he advises on policy around artificial intelligence, cryptocurrency and digital assets.

The AI Security Institute's thread highlighted that GPT-5.5's ability to complete multi-step cyber-attack simulations end-to-end marks a significant milestone in AI capability. While the development has raised concerns about potential misuse, Sacks argued that the net effect could be positive if defensive use of AI outpaces offensive use.

His comments reflect a growing consensus in the tech and policy community that AI will accelerate both the discovery and patching of software vulnerabilities. The coming months are expected to see rapid adoption of AI tools by cybersecurity teams, even as governments work on frameworks to prevent misuse by malicious actors.

Disclaimer: This post has been auto-published from an agency feed without any modifications to the text and has not been reviewed by an editor