Critical ‘by design’ weakness located in Anthropic’s MCP SDK
Systemic remote code execution vulnerability in Anthropic’s Model Context Protocol (MCP) SDK
Continue ReadingAI Security
AI Surge in CyberSecurity Redefining Threat & Defense; Reshaping Software Development & Security
Currently enterprise Cyber Security strategy with AI has become a game changer, reshaping is critical for both threat and defense. Embracing Gen AI for a robust defensive system empowers organizations to analyze vast amount of data is key requirement for enterprise security where software development is key to enterprise security , embracing ‘security by design’.
In 2024-2025, we have witnessed how mainstream enterprise deployment of AI has changed the strategic cyber security requirement. Thereby creating a strong defense mechanism around enterprise security, redefining the threat landscape and shaping software development.
AI is changing the way we look at products being a risk multiplier. How organization balancing innovation with protection?
AI can track and break commonly used passwords within minutes. So this is scary as more powers are in the hands of hackers, on the other side AI can improve password security again a boon. The Dark Web is already selling Fraud GPT and Worm GPT.
For Organizational cyber security strategy AI is being used now to tackle threats and cyber defense. Again AI has the capability to accelerate the speed of cyber attacks.
So what are leaders deciding when chasing AI based products. The way leaders are looking at products is products that give practical and actionable outlook and being embedded in delivery workflows.
Strategically, this means evolving away from rigid, checkbox-based compliance toward dynamic, adaptive security models that reflect how modern teams really build software—especially in AI-accelerated environments.
As per statistics 2025 witnessed the following AI based cyber attacks.16% of all breaches in 2025 involved attackers using AI. (IBM),and other AI attacks included 37% used phishing attacks and 35% used deepfake attacks. (IBM). 63% of breached organizations had no AI governance policy or were still developing one, highlighting the governance gap around AI adoption (IBM).
OpenText has released their survey and the report entails, AI is rapidly changing the threat landscape for organizations . Organizations are navigating a high-stake balancing act to enable innovation while managing risk.
Here are the key findings
Top AI-related concerns among respondents include data leakage (29%), AI-enabled attacks (27%), and deepfakes (16%).
95% of respondents are confident in their ability to recover from a ransomware attack, but only 15% of those attacked fully recovered their data.
88% allow employees to use GenAI tools, yet less than half (48%) have a formal AI use policy.
Enterprises lead AI governance (52%) compared to SMBs (43%) by having a formal AI policy in place.
52% report increased phishing or ransomware due to AI; 44% have seen deepfake-style impersonation attempts.
Surge in AI Threats via sophisticated attacks
One of the reasons cited by threat researchers is organizations are embracing GenAI, allowing employees to use generative AI tools and few less then 50% have a formal AI-use or data privacy policy in place, the report noted.
This is added with hackers innovative way in tricking using AI, bypassing any defense mechanism which is traditional.
AI tools are now being used to create such convincing phishing emails, fake websites and even deepfake videos to injecting malicious code giving leverage to cyber criminals
In the last few months we witnessed how Ransomware attacks round the world surged and quite complex in nature as third-party service providers or software supply chains were prime targets. The Qantas airline breach and M&S data beach that hit UK’s top retail brand.
While Qantas did not to Information Age whether AI voice deepfakes were used in the breach, the cybercrime group experts believe may be linked to the hack — dubbed ‘Scattered Spider’ — has a track record of using voice-based phishing (or ‘vishing’) in its attacks. This is clear AI being used and surge is quite high in AI based cyber attacks.
AI for Cyber Defense for Organizational Cyber Security Strategy
It is not hackers who are benefiting but for Organizations it is a game changer as AI being used to detect attack at faster pace meaning mean time.
Findings of this survey reinforces that protecting against ransomware now depends not just on internal defenses, but also on how effectively organizations’, partners, and technology providers collaborate to close security gaps before they are exploited.
Key pointer for building pragmatic and strategic choices and this approach starts with embracing security by design approach in developmental life cycle.
- Continuously Embedding security in developer workflows keeping automating, scanning, policy enforcement and anomaly detection in tools used by developers.
- Cybersecurity AI tools are better at identifying patterns and anomalies in large datasets including vulnerabilities. teams have to highly prioritize and contextualize them in term of developing products.
- Supposedly there is an attack and the security tools not able to detect. So continuous testing is mandatory.
- Developers can favor simple solutions that favors pragmatic security patterns and transparency in architecture. In this way trust is developed with clients.
Few important developers keep in focus is to sponsor bug bounties, publish advisories using standards like the Common Security Advisory Framework (CSAF) and provide context on severity and exploitability.
Threat researcher suggest organizations who are building in products accept all vulnerability reports, investigate them, and fix the issues. Any critically important advisory to be used for root cause analysis to improve tools, training and various threat models. Developers are suggested to give feedback for external tools if they help them evolve. Understanding no software can ever be perfect.
Offerings from IntruceptLabs are exactly what you need to develop organizational cyber defense capabilities
Intru360
Intru360 gives security analysts and SOC managers a clear view across the organization, helping them fully understand the extent and context of an attack. It also simplifies workflows by automatically handling alerts, allowing for faster detection of both known and unknown threats.
Identify latest threats without having to purchase, implement, and oversee several solutions or find, hire, and manage a team security analyst. Unify latest threat intelligence and security technologies to prioritize the threats that pose the greatest risk to your company.
Here are some features we offer:
- Over 400 third-party and cloud integrations.
- More than 1,100 preconfigured correlation rules.
- Ready-to-use threat analytics, threat intelligence service feeds, and prioritization based on risk.
- Prebuilt playbooks and automated response capabilities.
(Sources: https://www.mckinsey.com/about-us/new-at-mckinsey-blog/ai-is-the-greatest-threat-and-defense-in-cybersecurity-today)
Sources: https://investors.opentext.com/press-releases/press-releases-details/2025/OpenText-Cybersecurity-2025-Global-Ransomware-Survey-Rising-Confidence-Meets-a-Growing-AI-Threat/default.aspx)
Ways to combat Cyber Threats; Strengthen your SOC’s readiness involves 3 key strategies
Cyber threats are no longer limited to human attackers, with AI-driven “bad bot” attacks now accounting for 1/3 as per research. These attacks can be automated, allowing attackers to launch more extensive and efficient campaigns
Organizations are now exposed new risks, providing cybercriminals with more entry points and potential “surface areas” to exploit as they go digital and adopt to innovations and wider use of digital technologies.
Some of the types of bad bots are DDoS bots, which disrupt a website or online service by overwhelming it with traffic from multiple sources.
Cybercriminals are using Gen-AI tools to improve the efficiency and yield of their campaigns – with Check Point Research’s recent AI Security Report 2025 flagging the use of the technology for malicious activities like AI-enhanced impersonation and social engineering.
Account takeover bots, which use stolen credentials to access users’ online accounts; web content scraping bots, which copy and reuse website content without permission; and social media bots, which spread fake news and propaganda on social media platforms.
The purpose of Bad Bot is expose critical flaws and vulnerabilities within the security frameworks that IT leaders have established in their architectures and operations.
Unfortunately, traditional security operations centers (SOCs) are built to detect threats based on predefined rules and human-driven logic or characteristics.
AI-powered bots use automation and adaptive methods to execute more sophisticated and dynamic attacks that can bypass these existing defences.
Vulnerabilities are evolving so SOC team have more responsibilities then before as BOTs are AI powered.
Here we outlined three strategies to strengthen your SOC readiness
1.SOC team an essential or important component of business are in Fatigue Zone:
SOCs continuously monitor your organization’s network, systems, and applications to identify potential vulnerabilities and detect any signs of malicious activity.
SOC team quickly takes action to contain the threat and minimize damage, ultimately reducing the overall impact on your business.
Ponemon institute research say SOC teams are fatigued and one research pointed that 65% has fatigue and burn out issues.
That means Cyber security need to support the SOC teams and research found highlight that a lack of visibility and having to perform repetitive tasks are major contributors to analyst burnout.
Threat hunting teams have a difficult time identifying threats because they have too many IOCs to track, too much internal traffic to compare against IOCs.
Sometimes organizations have lack internal resources and expertise and too many false positives.
Bringing out SOC team from fatigue issue is as important as investing on training, upskilling on cyber skills and development to keep your team’s spirit high.
Establish Key Performance Indicators (KPIs) to measure the effectiveness of your SOC. Monitor these KPIs closely and use them to identify areas for improvement.
2. How do Organization harness Nex-gen technology to combat cyber Threats
Staying abreast of industry trends and best practices to ensure your SOC teams remains at the forefront of cyber security or ahead of the curve with Nex-gen technologies.
So that SOC teams can detect and respond to threats more quickly and efficiently, get holistic view of organizations security posture, AI and ML can augment the SOC team by automating routine task.
Many organizations are adopting hybrid cloud infrastructure and SaaS applications for productivity and cost efficiency reasons. But organizations face difficulty of managing and securing the data on those platforms, which is again leading to higher breach costs.
Darktrace report says 78% of the more than 1,500 security executives responding to a recent survey said that AI-powered threats are having a significant impact on their organizations – with many admitting they lack the knowledge, skills, and personnel to successfully defend against those threats.
Many organizations are already leveraging AI as a cyber-security tool.
Now more IT leaders say they are integrating AI into their cloud strategies for use in advanced security and threat detection.
Organizations can encounter several challenges when integrating AI into their cloud strategies.
Along with SOC team who seamlessly integrate across the organization, same is for AI. Seamless integrations of AI will make it easier for AI-assisted threat detection, notification, enrichment and remediation.
The purpose is AI should focus on tuning models that is organization specific environment. Once done AI will integrate threat intelligence and filtering will be done based on specific context. This will help reinforcing trust with customers and stakeholders.
3. Investing in Predictive Threat Modelling priority for Nex-gen SOC Teams
In this era where AI is being leveraged by organisation to derive accuracy, SOC teams who are evolving will prefer investing in intelligence predictive threat models that are proactive in nature to anticipate risks and refine their response strategies.
When organizations have a Threat Intelligence-Driven SOC it is easier to transform security operations from reactive to proactive defence. Most of the organization builds and operates its own SOC. That is done by employing a dedicated team of cyber security professionals who offers to take complete control over security operations but can be resource-intensive.
AI makes the process easier, as having AI-driven analytics will assist detect anomalous behaviours and zero-day threats.
Further with implementing predictive threat modelling to anticipate emerging attack patterns and leveraging the right frameworks, tools and best practices will help organizations build an intelligence-driven SOC. And with an intelligence-driven SOC team, anticipating any cyber threats can be dealt with efficiency.
IntruceptLabs now offers Mirage Cloak and to summarise Mirage Cloak offers various deception methods to detect and stop threats before they cause damage.
These methods include adding decoys to the network, deploying breadcrumbs on current enterprise assets, using baits as tripwires on endpoints.
This is executed by setting up lures with intentionally misconfigured or vulnerable services or applications.
The flexible framework also lets customers add new deception methods as needed.
Conclusion: Organizations can better protect their digital assets and ensure business continuity by understanding the key components and best practices for building a successful SOC.
At the end we must accept that to defend against any sort of AI attack, SOC teams must evolve with right collaborations and effective communication between partners seamlessly to evaluate information to stay ahead of attackers.
Recent Comments