Surge in Cyber-Attacks Globally as Attackers Leverage AI; Check Point Report
AI-Driven Attacks Become More Autonomous
Continue ReadingLeadership
Surge in Cyber Security Spending; Focus on Cloud Security & AI
Surge in Cyber Security Spending; Focus on Cloud Security & AI in 2026
Continue Reading
Indian Org’s to Hire more Dedicated Cyber security professional says Report ; Role of BISO to Gain Traction
BISO Analytics from Intrucept ‘A Unified platform to map Business risk with Cyber Risk
Continue Reading
Jaguar Land Rover Data Hack reveal Significance of Security & Privacy by Design
Jaguar Land Rover announced suffering they hit by a cyberattack in August that severely disrupted its production and retail activities. Cyber criminals stole data, held by the carmaker, it has said, as its factories in the UK and abroad face prolonged closure. This massive data hack reveal that every stakeholder in the supply chain must be embed and lazed with security and privacy by design.
Principle of security by design
So the ever evolving automotive industry and modern vehicles are more of software, which means more coding which goes upto 100 million codes and this is growing in numbers and run more applications then ever before.
So the more coding and software, the more lucrative it is for attackers to target systems and codes and if security flaws exist then its a heaven for cyber criminal as it is now easy target for data privacy leaks etc.
Best practices for Securing by Design principles and software development are enough to address the emerging risk to automotive systems and other systems within the vehicle.
According to the BBC, three plants were affected: the ones in Solihull, Halewood and Wolverhampton. Also the cyberattack forced the company to disconnect some systems, which led to factories in China, Slovakia and India getting shut down and workers being instructed to stay at home.
As per the company suppliers and retailers for JLR are also affected, some operating without computer systems and databases normally used for sourcing spare parts for garages or registering vehicles.
Scattered Spider group behind the cyber attack
As per reports the notorious Scattered Spider the hackers group is credited for the attack on JLR. The threat actor was also linked to recent attacks against major UK retailers, as well as several other industries worldwide.
This is the second cyberattack that hit JLR this year. In March, the Hellcat ransomware group claimed to data theft which were in hundreds of gigabytes of data from the carmaker.
July we witnessed how Scattered spider group targeted the aviation and retail sector
Addressing cyber security challenges in Automotive security
Organization addressing such cyber incident in near future will require dedication that will extend to all levels. This includes data layer, connection layer, authentication layer and more.
If organizations are proactive enough in establishing comprehensive protective measures and ensuring reliable systems that wont fail and in place, ultimately will create safe environment for entire ecosystem more resilient against cyber disruptions.
Cybersecurity challenges in automotive innovation
The integration of advanced technology has brought the automotive industry face-to-face with complex cybersecurity challenges. Vehicle technology, now deeply intertwined with software, exposes both consumers and manufacturers to varied threats.
The challenge for manufacturers is finding the right balance between advancing connected features and securing those very connections against evolving threats.
Transformation in Automotive industry while navigating cautiously in the midst of cyber attack
The year 2025 is transformative for automotive industry as the industry witnessing many groundbreaking technological advancements that is lazed with challenges in cybersecurity and supply chain resilience.
Navigate cyber challenges
For automotive industry as a whole, opportunities are huge for the industry as a whole but will take concrete shape when fitted with with robust architecture, zero-trust security frameworks and being transparent. There is a need to have more collaborative mindset and approaches among manufacturers, suppliers and leaders in technology of which cyber security is now important part.
Intercept offers Mirage Cloak
Mirage Cloak the Deception Technology, offers various deception methods to detect and stop threats before they cause damage.
These methods include adding decoys to the network, deploying breadcrumbs on current enterprise assets, using baits as tripwires on endpoints, and setting up lures with intentionally misconfigured or vulnerable services or applications. The flexible framework also lets customers add new deception methods as needed.
Sources: https://www.theguardian.com/business/2025/sep/10/jaguar-land-rover-says-cyber-attack-has-affected-some-data
AI seen as potential for improved threat detection & cost optimization; Wipro Report
As sophisticated cyber threat grows so is the cost and leaders are now preferring to leverage AI for improved threat detection, incident response and cost optimization.
Wipro report on ‘State of Cybersecurity Report 2025’ say 35% cybersecurity leaders which is nearly 33%, globally are opting for AI-driven automation at the forefront of their strategic priorities.
The report surveyed over 100 global cybersecurity leaders and consultants and found that AI-driven automation and cost optimization were among the main cybersecurity priorities for organizations.
Key findings:
30% of respondents state that investing in AI automation to bolster cybersecurity operations and reduce costs is a top priority.
Other strategies used by CISOs to optimize costs include tools rationalization (26%), security and risk management process optimization (23%) and operating model simplification (20%).
The report also highlights the growing role of AI in managing cyber threats and how investing in advanced AI-driven security solutions, continuously monitoring AI developments.
Fostering a culture of innovation and adaptation within cybersecurity teams can play a significant role in risk management.
Many CISOs are leveraging AI to improve threat detection and response times (31 %) and to build enhanced incident response capabilities (24%).
“Cybersecurity budgets are struggling to keep pace with the growing sophistication of cyber threats,” said Tony Buffomante, SVP & Global Head — Cybersecurity & Risk Services, Wipro Limited. “AI offers a solution by helping organizations strengthen defenses while optimizing costs. This allows CISOs to adopt a more outcome-driven focus by prioritizing risk-adjusted returns on investments.
However, even with AI’s growing significance, the implementation of Zero Trust security frameworks remains the predominant investment focus for nearly all surveyed leaders.
AI The crime enabler
In the beginning of 2025, reports came from various sources attackers are weaponizing AI and what cyber security leaders will do about it.
We all know how AI AI has been a good force in helping organizations detect anomalies, automate security responses and to some extent strengthen defense measures. But cost is high and requires lot of investments which many organizations are unbale to do.
At the same time cybercriminals have started to leverage the same technology to supercharge their attacks. The dark web we all know has long been a marketplace for malware and stolen credentials, but in 2025, we’re seeing a surge in AI-powered Cybercrime-as-a-Service (CaaS). Even low-skilled hackers can now rent AI-driven attack tools, making sophisticated threats accessible to a wider pool of cybercriminals.
But what is concerning the type of attacks that selects high-value targets, customizes ransom demands and known as Automated ransomware.
Also malicious actors deploying AI Bots scan for vulnerabilities and analyze defenses, to launch cyber attacks with precisions.
Lot of voice and video spoofing kits have arrived in the market embedded with AI tools that generate convincing deepfake audio or video for fraud and impersonation scams.
Wake up call for Business & Organization
The rise of AI-powered cyber threats is a wake-up call for businesses, governments, and individuals alike and the ‘State of Cybersecurity Report 2025‘ exactly pin-points the necessity to have AI automation to bolster cybersecurity operations and reduce costs.
The next wave of cyber crime is going to be more tactful embedded with AI. AI can analyze vast amounts of publicly available data to create detailed psychological profiles of potential victims.
This enables cyber criminals and prepares them for highly targeted and persuasive social engineering attacks. Having automation driven by AI allows attacks to unfold much more rapidly, leaving defenders with less time to react.
Conclusion: AI-Powered Security Solutions: Just as attackers are leveraging AI, so too must defenders. Implementing AI-powered security tools will act as first line defense and will be able to adapt to new threats in real-time.
Sources: CISOs Increasingly Rely on AI to Navigate Cost Pressures and Enhance Resilience: Wipro Report
Recent Health Care Data Breaches Highlight Importance of Proactive Leadership
Recent data breaches on healthcare organisation be it insurance provider to big hospitals and healthcare organisation witnesses how hackers were able to compromise the protected health information of patients.
Healthcare organisations collect an enormous amount of data and these are not only personal details but includes health insurance details, payment structure and medical records etc. These information’s are extremely important from financial point and a big lucrative market for hackers to track down and use them for gains.
In 2024 there were 1,160 healthcare related cyber breaches, exposing 305 million patients record out in dark web a marked increase of 26% in 2025.
As of March 19, 2025, 734 large data breaches have been reported to OCR, a percentage decrease of 1.74% from the 747 large healthcare data breaches reported in 2023.
While a reduction in healthcare data breaches is a step in the right direction, 2024 was the worst-ever year in terms of breached healthcare records, which jumped by 64.1% from last year’s record-breaking total to 276,775,457 breached records, or 81.38% of the 2024 population of the United States.
The Star Health Data Breach
Star Health and Allied Insurance is delaing a difficult situation where a potential exodus of top executives following a massive data breaches affecting over 30 million customers.
The breach has led to internal cybersecurity investigations, possible financial penalties up to ₹250 crore and heightened scrutiny over leadership accountability.
Employee attrition is reportedly rising with the organization, especially in tier-2 and tier-3 cities and top it all the reputational damage and operational challenges.
The hacker responsible for a major data breach at Star Health and Allied Insurance last year has reportedly claimed responsibility for sending death threats and bullet cartridges to the insurer’s top executives.
As per reports the hacker reportedly said the recent threats were triggered after being contacted by Star Health policyholders who claimed their legitimate insurance claims were denied.
Star Health, India’s biggest health insurer, has faced criticism from customers and data security experts as per Reuters. Since last September the hacker known by alias name ‘xenZen’ had leaked sensitive client data, including medical reports. At the time, xenZen told Reuters in an email they possessed 7.24 terabytes of data related to over 31 million Star Health customers and was speaking to potential buyers for the data.
This incident brings in light top leadership crisis within the organisation.
Crisis Management is broader perspective that encompasses leadership decisions, communication strategies, stakeholder engagement, business continuity, fiscal management, and long-term reputational considerations.
Healthcare specific Cyber security performance goal(CPGs)
With record numbers of healthcare records being compromised, it is clear that more needs to be done to improve healthcare cybersecurity.
Beginning of 2024, the HHS’ Office for Civil Rights published two sets of healthcare-specific cybersecurity performance goals (CPGs).
In December 2024, the HHS published a long-awaited proposed update to the HIPAA Security Rule that will, if enacted, force healthcare organizations to implement a range of measures to improve their security posture. The proposed update includes some of the recommended measures in the CPGs, such as multifactor authentication, encryption for data at rest and in transit, mitigating known vulnerabilities, network segmentation, maintaining an accurate asset inventory and cyber security testing.
Stable Leadership to deal with un-certainties of cyber threats
Organisations under stable leadership must undertake a rigorous risk-assessment process that encompasses disaster mitigation. This will include cyber incident recovery and business continuity planning to support the resilience of critical health care functions and systems.
With strong new leadership companies can adopt bold steps to regain trust by investing heavily in cyber security infrastructure. This is led by launching new products focused on identity protection.
Having a transparent approach in addressing vulnerabilities and commitment to innovation will help restore customer confidence and set a new industry standard for data protection. To turn cybersecurity threats into oppertunites, CEO and CISO’s must embrace a multifaceted leadership approach to deal with advance cyber tactics employed by hackers and cyber criminals.
To go beyond technical solutions and extends to cultural, strategic and operational changes.
Adopting a cyber-security first culture within the Organization
- First and foremost it is important to foster a security-first culture within an organization is critical. This will involve embedding cyber security considerations into every level of business decision-making.
- Organisations and top leadership taking decisions from development to customer engagement. Leadership must set the tone by prioritizing security as a fundamental business value .
- Cyber security training a must within the organisation will help build a culture that requires continuous reinforcement through regular training, internal etc.
- The next step would be ad frameworks that allow businesses to quickly pivot in response to emerging risks.
- The next step would be adopting frameworks that will allow business to quickly scale and impose proper response during emergency or any cyber threat.
- The growing cyber risk is also an opportunity for cyber security leadership to stay ahead of their adversaries by improving certain aspects like involving real time threat visibility, gathering actionable insights from industry partners etc.. This will enable proactive security measures that is resilient in building a cyber-security strategy . To reduce the after affect of breaches, top leadership must adopt cross-functional collaboration and investing in ongoing education to create a more security-conscious workforce.
- All in all a proactive cyber security strategy will help organizations and this is possible by embracing innovation and having a transparent and proactive leadership.
A strong leadership will help to mitigate risks and enhance organisations competitive standing in the market. This can be followed by Iidentifing not only technical vulnerabilities but also operational weaknesses, supply chain risks, and human factors or insider threat .
.
Leadership role in Effective Vulnerability Management
Leadership role in Vulnerability Management
Continue Reading