A former chief technology officer of the CIA has issued a blunt warning to the architects of artificial intelligence: do not repeat the original sin of the Internet.
Speaking at Tel Aviv Cyberweek, Bob Flores argued that today’s AI boom is following a dangerously familiar path. The early Internet prioritized openness and speed. Security was treated as an upgrade to be added later. Decades on, governments and companies are still patching holes that were never meant to exist.
His message was simple. If AI is built first and secured later, society will spend the next generation chasing threats it could have prevented.
The comparison matters because AI is not just another digital tool. It is rapidly becoming infrastructure. It will make decisions, move money, manage logistics, guide vehicles and influence elections. Weak foundations would not only expose data. They would expose systems that run economies and states.
Flores described the current online environment as a frontier without fences, where even experts struggle to see what moves in the dark. He warned that AI could inherit that chaos unless security is treated as a core design principle rather than an afterthought.
The risks he outlined are already taking shape.
Malware can now be generated and adapted by AI systems faster than traditional defenses can recognize it. Autonomous software agents can probe financial networks and security systems without human supervision. A single corrupted dataset can quietly poison an entire model, turning a trusted tool into a liability. Even the hardware that runs AI can be tampered with, embedding weaknesses too deep for software fixes to reach.
These are not theoretical dangers. They are structural vulnerabilities that appear when speed outruns discipline.
At the same time, AI is also creating new defensive possibilities. Advanced models can verify identity, monitor anomalies and enforce trust across digital systems at a scale humans cannot match. Used correctly, AI can become its own shield. Used carelessly, it becomes a multiplier for attackers.
The dividing line is governance.
Flores argued that modern validation and oversight frameworks must be woven directly into AI development. Training data must be verified. Supply chains must be auditable. Systems must be hardened before deployment rather than retrofitted after breach.
He also pointed to a horizon threat that could rewrite every rule again. Quantum computing, once practical, could break many of today’s encryption methods. If AI systems are built without the ability to adapt to that shock, entire security architectures could fail at once.
The lesson is not to slow innovation. It is to discipline it.
Common standards, shared protocols and rigorous testing may sound bureaucratic, but they are the price of reliability at scale. AI models are only as trustworthy as the data and mathematics that shape them. If corrupted inputs slip through, corrupted outcomes will follow.
The Internet taught the world what happens when a technology becomes universal before it becomes secure. Trust erodes, crime professionalizes and defenses chase attackers in an endless cycle of reaction.
AI still has a choice.
Security can be treated as a constraint that delays progress, or as a foundation that makes progress durable. The first path leads to permanent firefighting. The second builds systems that can be trusted when the stakes are highest.
The warning from an intelligence veteran is less about fear than about timing. Once insecure AI is everywhere, fixing it will be slow, costly and incomplete. Building it securely from the start is harder, but it is the only moment when prevention is cheaper than repair.
If the Internet was a city built without locks, AI is a city still on the drafting table. The doors can be reinforced before the walls go up.
Whether they are will shape the safety of the digital world for decades to come.




