Join Today

Cyber Pulse: Gerasimos Marketos, Hack The Box

Our Cyber Pulse blogs highlight member voices on cyber security. Join this conversation with Gerasimos Marketos, Chief Product Officer, Hack The Box.

How did you get started in cyber security and what has kept you in the field?

I didn’t take a traditional path into cybersecurity. I started in data architecture and analytics. My early career was focused on designing infrastructure capable of structuring, processing, and extracting value from massive, complex datasets. That foundation was critical; it taught me how large-scale digital systems live, breathe, and ultimately break.

Everything shifted when I began applying machine learning to fraud and financial crime for major global banks. That was my first exposure to a truly adversarial environment.

In fraud prevention, data isn’t just messy – it is actively manipulated by intelligent, adaptive threat actors explicitly trying to bypass your controls. I quickly realized this wasn’t static analytics; it was a high-stakes arms race. When I moved into leading AI-driven fraud prevention products, the strategic reality became clear: we weren’t just building software, we were engineering countermeasures against live opponents. To defend at scale, we had to think like the attacker.

My progression into cybersecurity was a natural evolution. The discipline sits at the absolute intersection of data, AI, systems design, and human behavior, but under constant adversarial pressure that forces continuous mutation. AI has only amplified that dynamic, increasing both the speed of attack and the complexity of defense.

What keeps me in this field is its sheer dynamism. Cybersecurity is never a solved problem. It requires continuous learning, rapid experimentation, and extreme resilience under uncertainty.

At Hack The Box, that philosophy drives our entire product strategy. We don’t deal in static theory. We build hyper-realistic environments where defenders and attackers alike can be battle-tested against modern adversarial vectors.

The Current Landscape

What is one cyber security challenge or trend you are currently seeing in your sector?

I would say it’s the shift into the agentic AI era. We see adversaries actively weaponizing AI to execute automated reconnaissance, scale tailored phishing campaigns, and exploit vulnerabilities at machine speed. Consequently, defenders face a double burden. First, they must protect an expanded, input-driven attack surface fueled by the rise of AI-powered systems exposed to end users. Second, they must navigate the uncharted territory of integrating AI into their own operations – a transition that requires immense training and practice. Defenders aren’t just securing a new environment; they are simultaneously rewriting their entire operational playbook.

How is this issue showing up in practice for your organisation or clients?

We are seeing a clear disconnect between the speed of AI adoption and the level of defensive readiness inside many organisations. As businesses accelerate their use of AI, a critical capability gap is emerging: too few security professionals have the skills needed to secure AI systems, understand how they can be attacked, and manage the risks they introduce.

Many traditional security teams are not yet prepared for this shift. Organisations are openly acknowledging that they are not fully equipped to defend against AI-augmented cyberattacks, while 65% still lack a formal strategy or training programme for integrating AI into security operations.

Workforce intelligence from Hack The Box, based on more than 700,000 cybersecurity professionals across 251 countries, shows how quickly the market is responding. AI penetration testing now ranks as the fourth-highest global cybersecurity training interest. That level of demand suggests practitioners recognise that AI security skills are becoming essential, even if many organisations are still in the early stages of building the structures, training and readiness needed to support them.

Response & Lessons Learned

How are you or your team responding to this challenge?

We have always taken a proactive approach to emerging threats. Long before AI red teaming and Securing AI became industry imperatives, we foresaw the shift and partnered with Google to design the definitive AI Red Teamer career pathway.

This collaboration resulted in an exclusive upskilling program aligned with Google’s Secure AI Framework (SAIF), engineered specifically to teach professionals how to think like an attacker to protect enterprise systems. To codify this dual mastery of offense and defense, we launched the Certified Offensive AI Expert (COAE) credential in April 2026. This professional-grade certification is validated through a rigorous, seven-day practical examination within a simulated corporate network, requiring candidates to actively launch and defend against complex adversarial machine learning attacks, data poisoning, and system-layer exploits. Furthermore, we launched the HTB AI Range in December 2026, the first controlled AI cyber range in the world. This platform allows organizations to stress-test, evaluate, and benchmark autonomous AI security agents alongside human operators in realistic enterprise networks.

What is one insight or lesson you have learned that others could benefit from?

One lesson we have learned is that AI will not remove the need for skilled cybersecurity professionals. It will make those skills more important, and in some cases more urgent.

We are seeing a critical strategic risk that we call the hollowing out of the talent pipeline. Among the findings from HTB’s AI-Augmented vs. Human-Only Cybersecurity Performance Benchmark Report, which includes data from our Neurogrid CTF competition, the largest side-by-side benchmark of agentic AI and human performance on cybersecurity tasks to date, AI-augmented operations achieved their greatest productivity advantage on medium-difficulty tasks, completing them 3.89 times faster than human-only operations.

However, medium-tier tasks are precisely where junior and mid-level security analysts traditionally develop critical judgment, pattern recognition, and analytical skills. If organizations aggressively automate this operational layer without structured upskilling and deliberate, hands-on exposure to increasingly complex scenarios, they will trade long-term cyber resilience for short-term cost efficiency. They will eventually find themselves with a shortage of highly skilled senior experts to manage complex, novel emergencies.

The takeaway for security leaders is clear: AI should not be treated as a replacement for human capability, but as a reason to invest in it more intentionally. As AI reshapes attack techniques and accelerates parts of the security workflow, teams will need stronger fundamentals, better judgment and more hands-on exposure to complex scenarios. The organisations best positioned for the future will be those that use AI to augment their people while continuously developing the skills needed to challenge, validate and guide it.

What is a common mistake or misconception organisations have when dealing with this issue?

Organizations seem to overestimate the autonomous reliability of AI security agents. They fail to realize that models frequently suffer from overfitting and predictable failure loops when exposed to unseen operational data. Continuous, telemetry-rich testing against dynamic, high-stakes scenarios is the only objective way to validate agent safety guardrails before production deployment.

Leadership Perspective

From a leadership standpoint, what should executives and technical teams be aligned on when it comes to cyber security?

Executives and technical teams must establish absolute alignment on a model of hybrid defense. Leadership must recognize that AI is a powerful productivity accelerator, but it does not expand the baseline skill limits of the human workforce.

To build genuine resilience, organizations must align on three core principles. First, the security posture of any AI agent is non-deterministic and must be continuously verified. Second, high-volume automated operations must maintain structured human-on-the-loop validation mechanisms. Finally, workforce planning must transition from passive tool adoption to proactive, organization-led learning programs, ensuring that cybersecurity professionals possess the skills to effectively orchestrate, validate, and govern autonomous workflows.

What is one small but meaningful action organisations can take today to improve their security posture?

To make a meaningful and immediate impact on your security posture, stop treating cyber training as an HR administrative task. Treat it like the mission-critical operational readiness drill that it is. In 2026, threat actors aren’t waiting for quarterly budget approvals. With the hyper-acceleration of AI-driven social engineering and automated vulnerability exploitation, the gap between a patch releasing and a weaponized exploit hitting your network has shrunk to hours, sometimes minutes.

Looking Ahead

What emerging threat, technology or trend should organisations be paying attention
to over the next 6–12 months?

Over the next 6 to 12 months, the most critical trend organizations must prepare for is the transition of security operations into the agentic AI era, where both offensive and defensive workflows are heavily augmented by autonomous artificial intelligence agents. This ensures that the human workforce retains the cognitive mastery required to validate, orchestrate, and govern automated operations safely.

Is there something in cyber security you think is currently under- or overestimated?

The cybersecurity sector is currently overestimating the standalone, autonomous capability of AI agents in complex security operations. While autonomous agents achieve high success rates on simple, single-step challenges, our testing reveals that they fail repeatedly when confronted with complex, multi-step scenarios requiring adaptive human logic.

Conversely, the industry is severely underestimating the strategic threat posed by the hollowing out of the talent pipeline. Organizations that rely solely on automated agents to handle intermediate security analysis without supporting hands-on human upskilling will face a critical shortage of senior incident response talent in the immediate future.

Quick Fire

Favourite cyber tool right now: The AI Security tool collection included in Parrot OS

One resource you recommend (book, podcast, report): I have been following The MLSecOps Podcast, but it’s been inactive lately.

Someone in the industry to follow: Nicole Perlroth – for her sharp insights on cyber warfare and the global threat landscape.

Final Thought

What is one thing you wish every organisation understood about cyber security?

You cannot purchase cyber readiness, and you cannot secure your organization through the illusion of compliance and security tooling. True cybersecurity readiness is a dynamic capability that is continuously earned through hands-on mastery and exposure to realistic friction.

Scroll to top
X