Phil Venables on AI and security lessons from 2025 – and what’s ahead

As the year wraps, we sat down with our Venture Partner Phil Venables to get his perspective on the biggest shifts in cybersecurity and what’s coming next. Here are the key themes that stood out.

Big Lessons from 2025

1. Targets of opportunity are rising

More organizations, across every size and sector, are being targeted by attacks. Hand in hand with that, more targets of opportunity are being compromised. Phil’s takeaway? Baseline security has to improve everywhere. Stronger authentication, more relentless but targeted and prioritized patching, network segmentation for blast radius reduction, and better configuration hygiene are no longer optional. 

Phil emphasized that economics matters for all organizations. That’s why we’ve backed companies focused on accessible, high-impact protection, including Mimic as a last line of defense against ransomware; Reach to help teams get full value from the tools they already have; Root Evidence to pinpoint and fix the most important vulnerabilities; and Zip Security to bring security fundamentals to small businesses, given there are a vast number of small to medium sized businesses that need better defense. 

This also extends to application and data-layer risk, where companies like ArmorCode help organizations manage and prioritize application security risk, Oligo reduces the attack surface created by unnecessary and vulnerable open-source components, Gomboc enforces least-privilege cloud configurations by default, and Concentric AI helps teams understand and protect their most sensitive data wherever it lives.

2. Securing AI is becoming a core discipline

Organizations adopted AI at breakneck speed this year. As a result, security teams have been racing to ensure that deployment is secure and in compliance with appropriate rules and regulations. We’re seeing strong momentum across areas like agent identity, posture management, and AI governance, driven by companies such as Aembit, Noma, Nudge Security, and WitnessAI.

3. AI for security is accelerating fast

At the same time, organizations are taking advantage of AI to improve their security outcomes and maximize efficiency. This is where we’ve seen growing demand for solutions from companies that are driving automation in intelligence, software security, operations and real-time prevention, ranging from Hypernative’s protection of decentralized systems to Perygee’s approach to securing AI-driven workflows.

4. Incident detection, response, and recovery are now board-level concerns

As attacks scale and automation benefits both defenders and adversaries, the ability to rapidly detect, contain, and respond to incidents has become just as critical as prevention.

Phil emphasized that security teams need better signals, faster decision-making, and clearer coordination during incidents. This is where companies like AuthMind help detect identity-based threats in real time, SpecterOps brings deep adversary insight to expose hidden attack paths, and BreachRx helps organizations operationalize incident response, connecting technical actions with legal, communications, and regulatory requirements when it matters most.

Looking ahead: What to expect next year

Phil highlighted two major shifts on the horizon:

1. More AI for security – speed is key

While more AI is expected, Phil suggested we should look for even more AI for security around vulnerability identification and remediation, as well as making previously expensive and specialized services (like red teaming) available for more organizations through AI-driven automation. Using AI to increase the verifiability and predictability of our defenses, at scale and speed, will become table stakes. 

2. More security for AI – security and safety by design 

While expecting rapid growth in AI-powered security capabilities, Phil noted we should also look for a coalescence of security for AI, particularly with compliance, reliability, validation, testing, and agentic control planes. The CISO will continue their steady transformation to become Chief Digital Risk Officer. 

Two macro trends that will shape everything

Finally, Phil pointed to two forces that he says we will all have to deal with:

1. A wall of vulnerabilities
More software. More density of flaws. More discovered vulnerabilities. Phil says that this coupled with attacker use of AI industrializing their means of exploiting and monetizing this means security teams will start to feel that pressure even more. 

2. A global search for authenticity
As synthetic content and identities proliferate, verification of people, content, software, and brands becomes foundational. This is where companies like Alethea responding to brand and wider intelligence, and GetReal for deep fake detection, are leading the charge.

The next chapter of security will be defined by scale, automation, and trust – and it’s arriving fast. The organizations that act now – by modernizing security fundamentals and embracing AI responsibly – will shape the future rather than react to it. And at Ballistic, we remain committed to backing the best entrepreneurs and technologies tackling today’s challenges and those still ahead.