From Blade Runner to the boardroom

Discover insights and exclusive interviews from the global Black Hat MEA community – in your inbox every week. 

This week we’re focused on…

Blade Runner. Well, sort of. 

You see, when Ridley Scott released the sci-fi classic Blade Runner in 1982, the idea of machines so humanlike they could fool us was very much science fiction. The ‘replicants’ in the movie were predators who could out-think, out-fight, and out-feel us.

Now in 2025, you don’t need flying cars or neon-lit Los Angeles skylines to see the story playing out. Artificial intelligence is changing how attackers break into businesses – and how defenders try to stop them.

AI has joined both sides of the fight

Attackers have always been quick to weaponise new tech. A new report from risk management firm Dune shows AI-personalised phishing emails generate three times more interaction than traditional ones – and nearly a third of people who click go on to hand over multi-factor authentication credentials. 

And email is only the start. Social engineering now spreads across encrypted apps, voice calls, SMS, and collaboration platforms. Attack groups like Scattered Spider blend AI-assisted phishing with deepfake voices to manipulate helpdesks and contractors. It’s a long way from a fake email from a prince who wants to transfer lots of money into your bank account. 

That’s the Blade Runner side of the current story – today’s AI tech can make the attacker appear more human and trustworthy than ever before. 

Defenders are building their own replicants

But unlike Scott’s dystopia, enterprises don’t have to fight alone. They’re building AI agents to automate threat detection, triage, and response. Google Cloud’s 2025 ROI study found that 74% of organisations see AI deliver ROI within the first year; and among early adopters of AI agents, 88% already report positive returns.

In cybersecurity specifically, nearly half of leaders (49%) say AI has improved their security posture. They cite better threat identification, faster resolution, and fewer security tickets. Forrester’s analysis of Google SecOps quantified it: 240% ROI over three years, driven by a 70% reduction in breach risk and cost.

And this is the other, much more hopeful side of the story – just as AI can be a predator, it can also be a shield. 

The investor’s paradox 

For investors, this creates a paradox worth paying attention to. The same technology that makes attackers more convincing also enables the tools that can blunt their edge. 

The investable question isn’t whether AI will work in security, because that’s already answered by the ROI data. Instead, investors need to figure out which AI-driven firms will scale fastest and deliver measurable impact – and win trust in the boardroom. 

Investors who backed endpoint security a decade ago saw outsized returns as that category matured. The next cycle may belong to the companies that can:

• Run multi-channel simulations that cover WhatsApp, Zoom, and voice, not just email.
• Provide user-level risk scoring and adaptive controls in real time.
• Integrate seamlessly into SIEM and XDR platforms with privacy-aware telemetry.

Those are the differentiators CISOs say they need today. And they’re the ones that will turn ‘replicant-like’ AI from threat into value.

But culture still matters 

Of course, numbers only tell part of the story. As CISOs at Black Hat MEA 2024 reminded us, culture and context change outcomes too. Les Correia (Executive Director - Global Head of Application Security at Estée Lauder Companies) said: “People work differently. You have to think about social engineering, and context.”

If attackers use AI to mimic human warmth or urgency, then defenders will need AI that understands human behaviour as much as data. Anthropology may prove as valuable as machine learning when it comes to training the next generation of AI agents.

In Blade Runner, the replicants question what it means to be human. In cybersecurity, we don’t always have time for philosophy – but we’re watching machines imitate us, deceive us, and protect us.

The future belongs to whoever builds the side that scales faster. And investors will play a critical role in driving the development and scaling of AI that protects. 

Read the blog 

We’ve dug deeper into the Dune and Google Cloud reports on the blog this week – exploring what CISOs are most worried about, and getting clear on the ROI of AI. 

Read: 

What CISOs are most worried about now (and why investors should care)

What’s the ROI of AI in cybersecurity?

We’ll see you back in your inbox next week.