ESET Strengthens Cybersecurity with $40 Million AI Investment

ESET has announced a significant $40 million investment in AI-powered cybersecurity. This initiative aims to enhance the company's internal AI capabilities, develop new protections for AI-driven systems, and introduce advanced methodologies for security data processing. The announcement was made at ESET World 2026 in Berlin, where executives discussed the rise of autonomous AI systems, new AI-related attack surfaces, and cybercrime operations.

Richard Marko, ESET's CEO, emphasized that this investment is a response to the evolution of autonomous AI systems, comparing the current moment to historical shifts in malware detection, from heuristics to deep learning. Marko highlighted that we have entered a "completely new AI era in cybersecurity" and that the response lies in the intelligent application of artificial intelligence in cyber defense. The company also announced the opening of new offices in France, the Netherlands, and India, bringing the total to 25 global locations, and its entry into the network security field.

The New Frontiers of AI Protection and Emerging Risks

ESET's investment is structured around three core pillars. The first involves developing proprietary AI foundations, trained on specific cybersecurity data, to avoid exclusive reliance on models controlled by large technology companies. This strategy reflects a clear priority towards data sovereignty and control over its defense capabilities. The second pillar focuses on protecting AI systems themselves, recognizing that as AI integrates into applications and enterprise workflows, it becomes a new attack surface. ESET is exploring a layered AI security stack capable of protecting agent-to-agent communication, browser-to-LLM communication, and systems that import tools and skills without direct human action.

The third area is security data processing. XDR systems generate massive volumes of data, and ESET believes that simply replacing analysts with LLM agents is not sufficient. The company is therefore working on new ways to categorize, enrich, and process this data more effectively. A crucial example discussed was OpenClaw, a project combining LLMs, external tools, coding capabilities, and natural-language "skills." The public repository of "skills" for OpenClaw grew exponentially, from approximately 60,000 skills (with over 10,000 suspicious and 1,000 malicious) in March 2025, to over 800,000 (with over 25,000 suspicious and 3,000 malicious) in less than two months. This highlights a rapid evolution of threats and the need for agile defenses.

"Private" Solutions and Expansion into Network Security

ESET also introduced ESET Private, a suite of corporate solutions designed for organizations requiring tailored deployments and long-term support. Martin Talian, ESET's Chief Corporate Solutions Officer, explained that this division, created in 2022, supports customers with mission-critical environments, including governments, defense organizations, critical infrastructure operators, fintech companies, banks, and logistics firms. These customers often prioritize continuity, reliability, and mission-specific deployments over standard software features.

One concrete example is the adaptation of technologies like LiveGrid and LiveGuard for air-gapped defense environments, where systems require updates and data transfers despite lacking external connectivity. ESET is also developing an abstraction layer that allows workloads and solutions to operate outside major public clouds, including private cloud and self-hosted environments. This supports "private scanners," enabling customers to use ESET's scanning engine in private environments or high-throughput settings without exposing their data to the company. ESET's entry into network security, with a network probe for packet inspection and telemetry aggregation, further strengthens its offering for local protection and sensitive data management.

Implications for On-Premise Deployments and the Fight Against Cybercrime

ESET's strategy, with its focus on proprietary AI foundations, "Private" solutions for air-gapped and self-hosted environments, and expansion into network security, strongly resonates with the needs of organizations prioritizing data sovereignty and infrastructure control. For CTOs, DevOps leads, and infrastructure architects evaluating self-hosted alternatives to the cloud for AI/LLM workloads, these initiatives offer options to keep sensitive data within their boundaries and reduce reliance on third parties. The possibility of tailored deployments and the use of "private scanners" are concrete examples of how ESET is addressing the compliance and security constraints typical of on-premise environments.

In parallel, ESET continues its collaboration with law enforcement agencies, such as Europol, to combat cybercrime. Roman Kováč, ESET's Chief Research Officer, described cybercrime as a structured ecosystem, not a random activity. Visibility into billions of URLs, such as the 345 billion seen this year by ESET technologies, is crucial, but disrupting criminal networks requires investigative action, legal authority, and cross-border coordination. Marijn Schuurbiers of Europol emphasized the importance of cooperation among law enforcement, intelligence agencies, and private companies to address hybrid threats, which are increasingly blurring the lines between state actors, cybercriminals, and hacktivists.