Non-human identities (NHIs) are already one of the biggest blind spots in enterprise security.
Now add agentic AI into the picture.
You must be a Free member to access this content.
The failure of the current iteration of generative AI to live up to its promises is putting severe strain on its credibility. A collapse could result in the destruction of personal wealth on a massive scale. While it is probably a given that the artificial intelligence (AI) industry is here to stay, questions are many. What form will survive, what will it really cost, and what is the near-term effect on other sectors like the cybersecurity industry?
There are more than 5,000 cybersecurity tool providers and thousands more MSSPs and all of them, in some form, are reliant on AI to some degree. Cybersecurity marketing, investment, and especially technology development could be a disastrous dependency… or not.
AI startup funding reached $333 billion in 2024 AI in 2024. Global venture capital funding for generative AI reached approximately $45 billion in 2024, from $24 billion in 2023 AI Investment Trends 2025. AI-related investments accounted for 33 percent of total investments into VC-backed companies in the U.S. This year, global venture capital investment in generative AI appears ready to dwarf those totals, with $49.2 billion in the first half of 2025. It is on track to exceed $100 billion this year .
The big knock on AI is the lack of an effective infrastructure to support the claims the AI companies are making on potential uses. In response, tech giants are making massive infrastructure investments: More than $300 billion has been invested this year on AI infrastructure tech megacaps plan to spend more than $300 billion in 2025 as AI race intensifies.
Zero Trust has become the leading security model in enterprise IT today. However, many organizations find that their Zero Trust frameworks do not meet expectations.
Read more...
The UK Government has recently stated it intends to advance a proposal that would prohibit ransomware payments by public sector organisations and operators of critical national infrastructure (CNI).
Read more...
Recent research has revealed the biggest risk IT security professionals face when deploying AI. Surprisingly, it isn’t data leakage or new cyber attack vectors, though both remain important. In fact, the most significant concern is that employees will defer to AI without applying the proper checks and balances.
You must be a Free member to access this content.
Stopping fraud is a major focus of cybersecurity is criminal fraud. Largely, the industry is winning that war. Nowhere is that protection more successful than in combatting deepfake crime, even though industry marketing is geared to promote fear over success. Where deepfakes are causing the real problem is in legal fraud.
Digital fraud represents 0.02 percent of all fraud claims according the National Crime Insurance Bureau (NCIB). While there is evidence that criminal use of AI is increasing the number of attacks, the number of successful attacks is too low to warrant recording.
Deepfake crime a trifle
The FBI’s Internet Crime Complaint Center (IC3) lumps all forms of online fraud into a single category. Even so, the IC3 fielded 859,532 complaints of suspected internet crime in 2024. Of those complaints, 256,256 incidents resulted in actual monetary losses, representing an average loss of $19,372 per complaint. Overall, the reported losses exceeded $16.6 billion, a 33% increase from 2023. However, the top three cybercrimes in 2024 reported to IC3 were phishing/spoofing, extortion, and personal data breaches. None of those required the use of deepfake technology, and rarely did.
Extrapolating the data from NCIB with IC3’s indicates successful deepfake fraud cases were less than 50 in total in 2024 with 94% of those occurring during a spike of activity between November and December 2024.
The growing IT skills gap is a major headache for organisations today. Finding skilled professionals across all disciplines is increasingly difficult and nowhere is the shortfall more critical than in cybersecurity. It’s a worldwide problem.
You must be a Free member to access this content.
Traditional approaches to cybersecurity are no longer enough. We must move beyond passive defence and actively prepare for this new era of cyberwarfare.
Red teaming, or adversary simulation, emulates real-world attackers using physical, social and technical techniques to test an organisation’s defences. Unlike standard penetration tests, these covert exercises emphasise persistence, privilege escalation and detection avoidance to reveal weaknesses across people, processes and technology.
For years, businesses have struggled to fill cybersecurity roles.The assumption that automation or AI tools would help hasn’t played out in practice. And that brings the conversation back to people - how to spot potential in places that haven’t traditionally been part of the recruitment pipeline. One such place is the gaming world.
You must be a Free member to access this content.