According to the National Cyber Security Centre (NCSC), the UK is experiencing four ‘nationally significant’ cybersecurity attacks every week.
A record 204 nationally significant attacks were handled by the NCSC in the year to September, up from 89 in the previous 12 months.
Field CTO for EMEA at Pure Storage.
This growth is alarming, and while many of these attacks would have been incited by social engineering/phishing campaigns targeted at humans, the concerning prospect for the future is that advancement of AI will enable bad actors to fully automate cyber attacks, with no human involvement required, at an unprecedented speed and scale.
AI as a weapon and “vibe hacking”
In summer 2025, Anthropic, the company behind the Claude family of large language models (LLMs), reported that agentic AI had become “weaponized” to perform cyber-attacks and is now embedded into cyber criminality.
Dubbed “vibe hacking,” attackers are using LLMs and other AI tools to automate and scale cyberattacks. Automated phishing, adaptive malware, and AI-generated ransomware are becoming mainstream.
Anthropic’s warnings have been echoed by the UK’s National Cyber Security Centre, which says AI will make elements of cyber intrusion more effective and efficient and that there will be an increase in frequency and intensity of cyber threats.
On top of that it predicts there will be a “digital divide” between organizations whose systems keep pace with AI-enabled threats, and those that will be more vulnerable.
In the wake of the emerging and inevitable AI threat landscape, what can organizations do?
The reality is that as AI accelerates the sophistication, scale, and automation of cyberattacks, traditional cybersecurity tools – focused only on prevention and detection – are no longer enough.
This means that organizations must not only plan to prevent an attack, but also how to recover from one, quickly and safely. This leads us to cyber resiliency.
Cyber resilience emerges as a critical strategy
The concept of cyber resilience integrates the traditional prevention and detection of attacks with lightning fast recovery. It is based on a comprehensive approach that includes built-in security at the data storage level, connected threat detection and dynamic response and recovery.
Given the breadth of capabilities required to deliver holistic cyber resilience it is ideally delivered through an ecosystem of best of breed vendors backed by integrated products and tested architectures.
A secure data platform
Ensuring that the foundation of the data environment has a strong security posture is essential in preventing an attack or minimizing the attack surface.
Timely remediation of vulnerabilities, multi-factor authentication, simple and efficient snapshots of data that are comprehensively protected – both immutable and indelible – all contribute to a secure foundation providing confidence that a recovery point is available.
Being able to run the platform with automated configuration, managed by policy and with effective compliance checking to avoid human error that compromises the integrity of the data.
Connected threat detection
Understanding the broad technology landscape is essential; separating signal from noise to quickly identify malicious activity is the domain of extended detection and response (XDR), security and information event management (SIEM) and security orchestration automation and response (SOAR) solutions.
Ensuring that the underlying storage platform integrates with these platforms is key in providing insight and correlation with the rest of the connected environment. Feeding telemetry from the storage environment into these platforms gives them the ability to automatically trigger and tag snapshots if anomalies are identified.
Dynamic response and recovery
Should the worst happen and an attack succeed in disrupting the IT environment a Secure Isolated Recovery Environment (SIRE) is an essential part of the recovery process.
Having a data set that is beyond the reach of attackers, disconnected from the rest of the estate, provides an environment for forensics, cleaning and recovery of the affected environment for a businesses most critical services.
Time is valuable in this process so the ability to restore and analyze quickly with a highly performant storage platform is key to the success in restoring the business. The recovery environment will typically support multiple layers of capability aligned with the criticality of different business services to meet the restoration targets.
Don’t be caught on the wrong side of the digital divide
The accelerated speed of cyber threats means that the time to respond is shrinking rapidly. Organizations need to be able to recover in hours instead of days or weeks if the worst happens.
We face a digital divide between those organizations that possess effective cyber resilience as a strategic differentiator and those that don’t. As recent hacks have shown, consequences of an ineffective strategy include significant financial losses, reputational damage, and downtime.
Don’t get caught on the wrong side of the digital divide. A good first step towards developing cyber resilience is to focus on deploying an interconnected ecosystem to deliver a secure data platform, connected threat detection and dynamic response and recovery.
We’ve featured the best IT automation software.
This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
https://cdn.mos.cms.futurecdn.net/2BaNK5XKNiUsUgc3MA8WBC-970-80.jpg
Source link
