The UK Government has recently stated it intends to advance a proposal that would prohibit ransomware payments by public sector organisations and operators of critical national infrastructure (CNI).
Read more...
Recent research has revealed the biggest risk IT security professionals face when deploying AI. Surprisingly, it isn’t data leakage or new cyber attack vectors, though both remain important. In fact, the most significant concern is that employees will defer to AI without applying the proper checks and balances.
You must be a Free member to access this content.
Stopping fraud is a major focus of cybersecurity is criminal fraud. Largely, the industry is winning that war. Nowhere is that protection more successful than in combatting deepfake crime, even though industry marketing is geared to promote fear over success. Where deepfakes are causing the real problem is in legal fraud.
Digital fraud represents 0.02 percent of all fraud claims according the National Crime Insurance Bureau (NCIB). While there is evidence that criminal use of AI is increasing the number of attacks, the number of successful attacks is too low to warrant recording.
Deepfake crime a trifle
The FBI’s Internet Crime Complaint Center (IC3) lumps all forms of online fraud into a single category. Even so, the IC3 fielded 859,532 complaints of suspected internet crime in 2024. Of those complaints, 256,256 incidents resulted in actual monetary losses, representing an average loss of $19,372 per complaint. Overall, the reported losses exceeded $16.6 billion, a 33% increase from 2023. However, the top three cybercrimes in 2024 reported to IC3 were phishing/spoofing, extortion, and personal data breaches. None of those required the use of deepfake technology, and rarely did.
Extrapolating the data from NCIB with IC3’s indicates successful deepfake fraud cases were less than 50 in total in 2024 with 94% of those occurring during a spike of activity between November and December 2024.
The growing IT skills gap is a major headache for organisations today. Finding skilled professionals across all disciplines is increasingly difficult and nowhere is the shortfall more critical than in cybersecurity. It’s a worldwide problem.
You must be a Free member to access this content.
Traditional approaches to cybersecurity are no longer enough. We must move beyond passive defence and actively prepare for this new era of cyberwarfare.
Red teaming, or adversary simulation, emulates real-world attackers using physical, social and technical techniques to test an organisation’s defences. Unlike standard penetration tests, these covert exercises emphasise persistence, privilege escalation and detection avoidance to reveal weaknesses across people, processes and technology.
For years, businesses have struggled to fill cybersecurity roles.The assumption that automation or AI tools would help hasn’t played out in practice. And that brings the conversation back to people - how to spot potential in places that haven’t traditionally been part of the recruitment pipeline. One such place is the gaming world.
You must be a Free member to access this content.
There’s nothing inherently wrong with bots. In fact, when they’re used well, they’re one of the most powerful tools in a business’s digital toolkit — streamlining repetitive tasks, freeing up human time, and delivering consistent results. The issue isn’t the bots themselves. It’s how carelessly we’ve started deploying them.
The current market conception of agents as LLMs with function calling represents a fundamental mischaracterization of true autonomous systems. 25% of companies that use GenAI will launch agentic AI pilots or proofs of concept in 2025, yet over 40% of agentic AI projects will be canceled by the end of 2027 due to escalating costs, unclear business value, or inadequate risk controls.
"Agentic AI" is the newest thing in AI. It promises systems that can talk to people and things around them, plan, and learn. But the truth is more complicated than what all the ads say. We're creating a world where the line between human and artificial interaction quickly disappears.