Caroline Wong | The AI Cybersecurity Handbook (2026) [PDF, EPUB] [EN]

About the Author

CAROLINE WONG is a recognized cybersecurity strategist with nearly 20 years of experience in GRC, product security, and executive leadership. She serves as Director at Teradata and Faculty with IANS Research, advising Fortune 500 organizations on governance, risk, and resilience. Caroline is the author of Security Metrics: A Beginner’s Guide―inducted into the Cybersecurity Canon Hall of Fame (2022)―and hosts three industry podcasts: Humans of InfoSec, The AI Security Edge, and Wake Up. Her career spans leadership roles at eBay, Zynga, Symantec, Cigital, and Cobalt.

Table of Contents

Cover
Table of Contents
Title Page
Copyright
Dedication
About the Author
Preface
Acknowledgments
Introduction
Part I: Cyber’s New Player: AI on Both Teams
Chapter 1: The Age of Adaptive Adversaries: AI’s Impact on the
Security Balance of Power
A New Tempo of Conflict: AI on Both Sides of the Cyber
Battlefield
A Shared Language: Basic Terms and Concepts
Core Cybersecurity Principles, Reinterpreted
My Call for Explainability and Transparency
Our Enduring Human Advantage: Curiosity, Courage, and
Change
Chapter 2: Smarter, Faster, Cheaper Recon: What Hackers Know
Before You Even Notice
Reconnaissance in the Cyber Kill Chain
OSINT Now and Then: AI-driven vs. Traditional Approaches
AI-enabled Capabilities in Modern Reconnaissance
The AI Recon Toolkit: Algorithms and Platforms Enabling
Cyber-attackers
Examples of AI-powered Recon The Future of AI-driven Recon
Notes
Chapter 3: Polymorphic to Predictive: How AI Supercharges
Malware at Machine Speed
From Scripts to Self-learning Systems: When Malware Starts
to Think
A Brief History of Malware
Technical Foundations of Autonomous Malware
Polymorphic and Metamorphic Malware: How AI Enables
Shape-shifting Attacks
Blending In to Break In: How AI Helps Malware Avoid
Detection
From Foothold to Full Access: Internal Navigation by AI
Malware
Real-world Examples of AI-driven Malware
No Operator Required: The Future of Self-governing
Malware
Notes
Chapter 4: Breaking the Rules: Novel Attacks and the Limits of
Signature Detection
Evolving Tactics in Bot Engineering
Blurring the Line Between Human and Machine Behavior
Looking Forward
Notes
Chapter 5: Hyper-real, Hyper-targeted: Deepfakes, Phishing, and
AI-powered Deception
Language and Tone in Social Engineering
How Machine Learning Models Make Better Deepfakes
Why Deepfakes Are So Hard to Detect
Conclusion
Notes Part II: Building Resilience with AI
Chapter 6: Patterns of Life: Learning What’s Normal and Spotting
What’s Not
Rethink the Role of Vulnerability Scores: The Problem with
Conventional Wisdom
Embrace the Power of Probabilistic Thinking: Why We Need
to Rethink Certainty in Cybersecurity
From Observation to Action: Operationalizing Primary Data
Adopt Local Models for Contextual Precision
Don’t Trust Just Any Vendor—Demand Evidence
Collaborate, Contribute, and Iterate
The Future Is Data-driven and Built Together
Acknowledge the Pioneers: Jay Jacobs and Michael
Roytman
Chapter 7: From Alert to Containment—AI-augmented Incident
Response
Defining AI-enhanced Incident Response
Phases of Traditional Incident Response
Where the Traditional Model Falls Short
From Reactive to Proactive: AI’s Strategic Edge
The Technology Stack Behind AI-driven IR
Before the Breach: How AI Helps You Get Ready
Enhancing Detection and Analysis with AI
AI in Post-containment Cleanup
AI in Recovery Phase
AI as Historian and Strategist in Post-mortem Activities
Rethinking Incident Response for the AI Era
Chapter 8: The Illusion of Trust: Poisoned Data, Tampered
Models, and AI Supply Chain Risk
Dependencies, Data, and Danger: The Supply Chain Threat
Landscape How Trusted Components Become Attack Vectors
Poison in the Pipeline: How Data Contaminates AI Models
Hijacking the Intelligence: Model Manipulation and
Tampered Weights
The Hidden Supply Chain Behind Pretrained Models
The Human Factor in AI Supply Chains
Managing the Human Element
Chapter 9: Building Secure Model Supply Chains with AI-
augmented Security Teams
Building Smart Intuition and Machine Insight: A Playbook
for Teams
Securing AI Dependencies
Defensive Principles for AI
AI SBOMs: Provenance and Transparency Challenges
Model Drift, Feedback Loops, and Ongoing Learning
Continuous Monitoring for Model Drift and Behavioral
Anomalies
Securing AI Supply Chains Across the Lifecycle
Preprocessing and Feature Engineering
Part III: Staying Grounded: Trust, Risk, and Accountability
Chapter 10: Human Values, Machine Decisions: The Ethics of AI
in Security
The Cost of Speed Without Judgment
Autonomy and Accountability in AI-enabled Security
Why AI Policies Matter (and What Good Looks Like)
Managing Bias, Privacy, and Opacity in AI Systems
Turning Ethical Principles into Practical Safeguards
AI Regulations and Frameworks Taking Shape
Where Speed Meets Trust
Chapter 11: The Human Advantage: Leadership, Learning, and
the Future of AI Security Lessons Across the Chapters
Guiding Principles for the Age of Intelligent Systems
Lessons for Leaders: Turning Insight into Action
A Note of Gratitude
Epilogue: The Work Ahead
Index