ChannelLife Australia - Industry insider news for technology resellers
Australia

Guides

#
cloud services
#
cybersecurity
#
distributors
#
microsoft
#
partner programmes

Search

#
Endpoint Protection
#
MFA
#
Cloud Security

Exclusive: Rapid7's Craig Adams discusses AI’s new role in defending cyberspace

Wed, 5th Nov 2025
Author image
By Melania Watson, Interview Editor

Artificial intelligence is changing absolutely everything, even the way we defend against cyber threats.

Craig Adams, Chief Product Officer at Rapid7, says the industry is witnessing what he described as a "fundamental shift" in how organisations use AI - moving from simply containing it to using it as a front-line defence tool.

"In the beginning, it was all about how do we defend the organisation from inappropriate AI use, how do you constrain it, limit it, have the appropriate guardrails," Adams said during a recent interview. "Now we're seeing people go full force into how they defend with AI."

As AI enables adversaries to move faster, he said, defenders must evolve too.

"The status quo just doesn't work anymore," Adams explained. "AI is playing a significant role in helping security teams make decisions and move faster."

Seeing the whole attack surface

For Adams, visibility remains one of cybersecurity's greatest challenges.

"At the end of the day, one of the biggest challenges of cybersecurity is we struggle from a source of truth," he said. "What is my attack surface? What are my identities? What are my cloud assets?"

He cited Gartner research showing that only 17% of organisations can identify 95% of their attack surface. "The thing you can't see, touch, count or measure is, of course, the weakest spot in your organisation," he added.

Rapid7's role, he explained, is to help companies "get an accurate view of their environment" by pulling telemetry from all their different tools. "Once you see across your attack surface, you need to have data from all of your different security tools connect and correlate," he said. "You have to be able to see threat patterns happening across your environment."

Building the right foundation

Every security strategy starts with clear objectives, Adams noted. "At the end, this could be defending the organisation or meeting compliance obligations," he said. But increasingly, companies are adopting a "continuous threat exposure management" model - or CTEM - instead of relying on a checklist of products.

"They're asking, how do I constantly scope my biggest priorities, assess my environment, and measure for misconfigured cloud accounts or exposure?" he said.

"We're seeing it go from a checkbox exercise to a continuous threat exposure programme."

The transparent use of AI

In modern security operations centres, Adams called AI a "gift - when done correctly".

Most analysts, he said, spend too much time on false alarms. "A secret inside the industry is most people spend their time on non-malicious things," he said. "AI allows defenders to see what isn't malicious quickly and move with confidence."

But transparency, he emphasised, is non-negotiable. "Every customer I speak to is rejecting what they call black box AI," Adams said. "It's not acceptable to just give a verdict of malicious or not. They want to see the work product, audit it, and have confidence."

"The winners in AI will be the ones that embrace transparency," he added.

Australia's AI awakening

Adams, who was in Sydney meeting CISOs when he spoke to TechDay, said Australian organisations are now far more open to machine-driven defence than they were just a few years ago.

"When I asked a room of CISOs if they cared whether a threat was managed by a human or a machine, years ago the answer would have been human," he said. "Today it's very different. They want it to be AI-driven - but it has to be transparent."

He described a hybrid model: "If an employee clicks on something and downloads a file, AI can detect it quickly, but a human still needs to step in for remediation. We're not quite ready for Clippy to start removing files from everyone's computers just yet."

Speed and resilience

The growing speed of attacks is driving this change. "It used to be that most attacks were targeted - to industries or countries," Adams said. "Now we're seeing broad-based exploitation and scanning, which drives up alert volumes. Organisations simply can't keep up."

Meanwhile, the "time to exploit" has dropped sharply. "Adversaries are penetrating and locking down environments rapidly," he said. "Your time window to resolve has become so much more significant."

This makes managed services essential, Adams argued. "For most mid-size organisations, building a 24/7 defence team just isn't affordable," he said. "So they look for companies like Rapid7 to become their perimeter layer of defence."

He added that Rapid7's managed detection and response (MDR) service allows teams to focus on strategic work instead of being "buried under a deluge of alerts".

"The most common attack times are over the weekend," he said. "An alert that comes in Friday night and isn't addressed until Monday morning can cause huge reputational and financial damage."

Doing more with less

Adams meets regularly with Australian CISOs to help them "do more with less".

He said Rapid7's tools help security leaders progress through a maturity curve - prevention, detection and response - while prioritising what matters most.

"There's always a list of exposures and a list of alerts," he said. "Having a prioritised list of what matters most to your organisation is how you win or lose in security."

He said transparency about risk priorities is key: "No two organisations are the same. They don't want to prioritise based on Gartner acronyms - they want to see what's most relevant for them and act fast."

Looking ahead

Asked what 2026 will bring, Adams said the biggest shift will be how security teams spend their time.

"This will be the year when the role of security teams changes," he said. "We'll move from constantly responding to threats to proactively preventing them."

Breaking down data silos will be crucial, he added. "The best defence is running the organisation the right way. 2026 will be the year when companies focus on prevention more than anything - and that's exactly what Rapid7 is helping them do," he said.

And for Adams, it all starts with one simple idea: "All defence begins with being able to see your full environment."

Related stories
DE-CIX predicts AI revolution in finance, healthcare & industry by 2026
Australia targets up to AUD $73.3 billion boost for AI by 2028
CrowdStrike & CoreWeave unite to secure advanced AI cloud workloads
CrowdStrike expands Falcon with mission-ready agents for AI security
Cyber risks, regulation & talent shortages top 2025 concerns

Top stories

Why culture and collaboration matter more than ever in IT partnerships
Check Point scores 99.59% in top firewall security report by NSS
Geraldton Fishermen's taps Microlise for AI-driven supply chain
Call for national action as digital divide persists in Australia
Middle managers cost frontline sectors AUD $15.5 billion yearly