Cyware CEO Anuj Goel on the Enterprise Cybersecurity Context Problem
In a new Forbes Technology Council piece, Cyware CEO and co-founder Anuj Goel argues that the modern security stack's real weakness sits above detection, in what happens to an alert after it fires.

Goel opens with a paradox. EDR is AI-driven, SIEM correlates at scale, and cloud-native tooling is now built into the infrastructure itself, giving security teams more visibility than they've ever had. Yet breaches keep happening, response times stay slow, and teams remain overwhelmed. His explanation: an alert only tells you something happened, and a threat feed only tells you what someone else already saw. Neither tells you whether that activity matters for your assets, your exposure, or the adversaries most likely to target you specifically, and that gap between raw intelligence and decision-ready context is where most programs break down.
The industry's current answer to that gap is agentic AI, built on the premise that a system reasoning like a senior analyst can close it on its own. Goel disagrees: "Agentic AI is only as good as the data it can reason over." An agent working over siloed, stale, unenriched data doesn't produce analyst-level judgment, it just reaches the same shallow conclusions faster. He points to McKinsey research showing that AI adoption across enterprises is outpacing most organizations' ability to convert it into consistent operational impact.
A third problem gets even less attention, in his view: how little threat intelligence moves between organizations in real time. Nation-state actors and organized ransomware groups operate as coordinated networks, sharing tooling and target intelligence continuously. Defenders rarely do the same, so the same attacks get independently detected and triaged over and over, often hours or days after another organization already solved them.
Goel's fix has three parts: a continuously enriched intelligence layer that produces confidence-scored, explainable output, a collaboration layer that lets that intelligence move across organizational boundaries in near real time while keeping humans in the loop on high-risk decisions, and an agentic AI layer that reasons on top of that foundation instead of standing in for it. His closing argument is that security teams already have plenty of data and tooling. What's missing is a consistent way to decide what matters and what to do next.