Why AI Agents Aren’t Evil—But They Can Be Unrelentingly Persistent, Says Dell’s CISO

When you picture an artificial‑intelligence agent, you might imagine a sleek, helpful chatbot or a clever algorithm that streams recommendations. It’s easy to think of these systems as neutral—just code that does what we tell it to do. John Scimone, Dell’s chief information security officer, pushes back against that naive view. He says the technology itself isn’t inherently malicious, but in the wrong hands it can become something far more relentless than a human hacker.

Scimone’s point is simple yet profound: an AI agent doesn’t have intent. It follows the objectives it’s given, no matter how benign or sinister those goals are. That means a malicious actor can program an AI to scan the internet for vulnerable devices, automate phishing campaigns, or even craft convincing deep‑fake audio. The difference is that, unlike a human, the AI doesn’t need sleep, coffee breaks, or a weekend off. It can keep pounding at a target 24/7, grinding through data at a speed that would make any conventional cyber‑criminal jealous.

What makes this especially worrying is how affordable and accessible these tools have become. Open‑source models, cloud‑based inference services, and plug‑and‑play APIs mean that even a small group with modest technical chops can spin up a weaponized agent in a matter of hours. Scimone points out that it’s no longer a story of nation‑state actors alone; cyber‑crime gangs, hacktivists, and opportunistic scammers are all joining the AI‑enabled bandwagon.

“It’s not the AI that’s evil,” Scimone says, “it’s the instructions we feed it.” He likens the situation to handing a powerful kitchen appliance to someone who doesn’t know how to use it safely. The appliance works perfectly as designed, but misuse can lead to a burnt house.

So, what should organizations do? First, they need to acknowledge that AI is now part of the threat landscape, not just a productivity boost. That means expanding traditional security playbooks to cover model poisoning, prompt injection, and other AI‑specific attack vectors. Scimone recommends adopting a “defense‑in‑depth” mindset: combine robust identity and access management, continuous monitoring, and AI‑aware incident response.

Second, firms must practice responsible AI development. This includes sandboxing models, limiting the data they can access, and establishing clear governance around model usage. Dell, for instance, has instituted internal policies that require any AI‑driven tool to undergo a risk assessment before it’s rolled out in production.

Finally, there’s a cultural component. Employees need to understand that the same AI that drafts a marketing email can also help a bad actor draft a phishing lure. Regular training that highlights AI‑related risks can go a long way toward building that awareness.

Scimone’s takeaway is a mixture of caution and optimism. While AI agents can be “relentless” when weaponized, they are also powerful allies when handled responsibly. The key, he says, is to stay ahead of the curve—anticipate how the technology could be twisted, and put safeguards in place before the threat materializes.

In short, AI isn’t a villain in a black‑and‑white story. It’s a tool, and like any tool, its impact depends on the hands that wield it. The onus is now on security leaders, developers, and even end‑users to make sure those hands are guided by good intent, solid policies, and a healthy dose of skepticism.