---

Summary Bullets:

• While the escalation in cybersecurity cuts leveled off in 2025, the ISC2 survey showed economic instability is keeping IT budget expansion in check, which is a cause for concern that organizations will hold off on making needed investments in cybersecurity.
• AI is changing the IT industry as a whole, and cybersecurity specifically. Seen as both an offensive weapon and a potential defensive shield, security professionals see the technology as opportunistic for their careers rather than a threat to job security, offering them a chance to hone their skills and improve their professional trajectory.

One of the most significant challenges in cybersecurity is the resource constraints and skills gaps that plague so many organizations. Add to the mix technologies like AI that enterprising threat actors are all too eager to insert into their arsenals, and the issue of staff limitations is magnified. In its 2025 ISC2 Cybersecurity Workforce Study, the non-profit association uncovered a profession balancing the struggle to keep ahead of increasingly sophisticated adversaries while also savoring the chance to leverage AI and other technologies to elevate their defenses. The annual study of industry workplace trends, which surveyed 16,020 security professionals globally, found resource constraints are front and center in impacting the cybersecurity workplace.

Budget cuts are having a material impact on staffing levels, with 33% acknowledging they don’t have adequate security personnel. Twenty-nine percent don’t have the budget to employ staff with the required skills. That said, 55% said they currently have the appropriate security staff in place to protect their enterprise assets from incidents in the next two to three years.

The research participants see a direct correlation between having sufficient security staff in place to mounting an effective defense. Seventy-two percent said cutting staff pointedly creates an environment vulnerable to attack, with 76% calling for organizations to face consequences if they suffer a security incident after laying off cybersecurity professionals.

Having staff skills match organizational priorities is essential, with AI topping the list and 41% saying knowledge of the technology is critical. Experience in cloud security is crucial to 36% of organizations, followed by risk assessment expertise (26%) and a strong knowledge of application security (28%). Having security engineering experience and a working history navigating governance, risk, and compliance (GRC) are also important, with 27% citing both.

As defensive tools, AI-powered solutions promise to lessen repetitive manual interventions, freeing up time for security practitioners to focus on more strategic tasks. Twenty-eight percent have integrated AI security tools into their ordinances, with another 41% either actively testing them or in an early evaluation phase of AI-driven security tools.

Experiences with security solutions built on AI has been positive, as 63% said they have substantially increased their productivity.

Security professionals expect AI to have the most immediate positive security impact on network monitoring (40%), followed suit by security operations and testing – 30% for both. Other areas the respondents cited as presuming to benefit from AI include vulnerability management (29%), threat modeling (28%), and endpoint protection (also 28%). ISC2 researchers pointed out that these are all time-consuming activities that are also ripe for automation.

While AI is widely perceived in many sectors as a threat to job security, that isn’t the case with cybersecurity professionals. Seventy-three percent expect AI to open the door for more specific cybersecurity pathways, and 72% believe the technology will require more strategic approaches. Sixty-six percent also see AI adoption as driving the need for more communication skills.

Summary Bullets:

• DXC has created AdvisoryX, a global advisory and consulting group to help enterprises scale their AI deployment and create business values.
• Besides leveraging AI to drive innovation with customers, DXC is also adopting AI internally to gain productivity and embedding AI into its services.

DXC has made significant progress expanding its AI capability throughout 2025. The company recently launched AdvisoryX, a global advisory and consulting group designed to help enterprises address their most complex strategic, operational, and technology challenges. This is a positive move that can help enterprises accelerate their AI journey and achieve better outcomes. While enterprises are eager to implement AI, most of them do not have a well-thought-out strategy and operating model, or the necessary expertise to deploy AI successfully. What happens typically is departments working on siloed projects, without organization-wide collaboration, resulting in inefficiencies and governance issues. DXC’s AdvisoryX helps to overcome key challenges from getting started to the full lifecycle management.

DXC’s AdvisoryX offers five integrated solutions, which include DXC’s AI Core (i.e., the foundation including data, modeling, governance, and platform architecture); AI Reinvent (i.e., proven industry use cases across human-assisted, semi-autonomous, and autonomous operating models); AI Interact (i.e., redesigned workflows for collaboration between people and AI); AI Validate (i.e., continuous testing, observability, and governance); and AI Manage (i.e., production operations and lifecycle management).

With AdvisoryX, DXC has strengthened its position as a partner for AI innovation and allows the company to counter efforts by competitors to drive mindshare in the AI space. This is also a buildup of efforts the company has undertaken to develop its AI capabilities. In October 2025, DXC announced Xponential, which is an AI orchestration blueprint that has already been used by global enterprises to scale AI adoption. Xponential provides a structured approach to integrating people, processes, and technology. There are five independent pillars within the blueprint, including: ‘Insight’ (i.e., embedded governance, compliance, and observability); ‘Accelerators’ (i.e., tools to speed up deployment); ‘Automation’ (i.e., agentic frameworks and protocols); ‘Approach’ (i.e., collaboration of skilled professionals and AI to amplify outcomes); and ‘Process’ (i.e., delivery methodology). The company has indicated Singapore General Hospital as a client who has leveraged DXC’s expertise to develop the Augmented Intelligence in Infectious Diseases (AI2D) solution. This solution helps to guide antibiotic choices for lower respiratory tract infections with 90% accuracy and improve patient care while combating antimicrobial resistance.

In April 2025, the company introduced DXC AI Workbench, a generative AI (GenAI) offering that combines consulting, engineering, and secure enterprise services to help businesses worldwide integrate and scale responsible AI into their operations. The company has named Ferrovial, a global infrastructure company, as a customer reference that has leveraged DXC AI Workbench. The customer developed more than 30 AI agents making real-time decisions to optimize field operations, elevate safety measures, manage business knowledge, analyze competition, and assess regulatory impacts.

The company has identified AI as a key driver for business growth. Equally, it sees opportunities to apply AI internally for productivity and to gain experience from the technology. For example, DXC’s finance teams have used AI to transform back-office activities and eliminate repetitive processes; its legal department uses AI for legal research, drafting, and document preparation; and its sales and marketing teams deploy AI to automate workflows, generate proposals, etc. The company is also leveraging AI to enhance its service offerings. For example, it has partnered with 7AI to launch DXC’s agentic security operations center. These examples underscore DXC’s experience and capability in creating business values with AI.

That said, DXC is not the only systems integrator using AI to drive a with an AI advisory and consulting practice. While the company is showing traction and building customer case studies, competitors are also moving rapidly to engage clients in AI innovation and implementation. Accenture, for example, has nearly doubled its GenAI bookings in FY2025 to $5.9 billion from FY2024 and tripled its revenues to $2.7 billion. Tata Consultancy Services has also created a dedicated Tata Consultancy Services AI business unit, and it is driving transformation through a ‘responsible AI’ framework.

While DXC has introduced AdvisoryX, there is a lack of details in terms of the size of the group, areas of focus (e.g., geographical regions and industry sectors), and the assets underpinning its five integrated solutions. This makes it harder to see the differentiation against other providers that are also scaling their AI consulting practice. The company should also consider following up with announcements to highlight how AdvisoryX has made a difference in helping clients achieve their AI goals. This can be across the five integrated solutions, especially AdvisoryX’s AI Reinvent and AI Interact, which address many challenges related to human collaboration and business processes.

It is still early days in the adoption of AI, and competition in the AI space will become more intense. To stay competitive, service providers need to continue to strengthen their ability to help clients align business goals, industry-specific processes and challenges; enhance their AI platforms and tools; and expand their AI partner ecosystem. They also need to build more customer case studies to highlight success and gain credibility.

Summary Bullets:

• Boomi has developed a platform to help connect systems, manage data, and deploy AI agents more effectively.
• Boomi is expanding its customer base and partner base in Asia-Pacific; adding global systems integrators will help to drive penetration in the large enterprise segment.

Boomi highlighted at its Boomi World Tour event in Sydney (Australia) that without connectivity, context, and control, there will be no business impact. This epitomizes the challenge for businesses as they continue to pursue agentic transformation, especially with the recent focus on various AI technologies to drive new operating and business models. As enterprises shift their focus toward agentic AI, they often look at the tasks they can automate with AI agents.

However, the bigger picture is about business impact: Businesses should focus on reimagining their workflows and business operations. This requires communication between systems and application programming interfaces (APIs), which is the backbone for communications between enterprise systems connecting applications, data, and AI agents. The ability to extract data across an organization is key as it adds context for decision-making. Moreover, it is essential for businesses to have the right control over their integration, use of data, and the access rights of AI agents.

It is against this backdrop that Boomi has developed its platform to enable effective management of integration, APIs, data, and AI agents. While Boomi’s business has been anchored on integration and automation, it has made significant investments and efforts to enhance data management, API management, and AI agent management. For example, the acquisitions of Rivery and Thru have added data integration and managed file transfer capabilities respectively. While Boomi now has a compelling API management solution, it has added an AI gateway that sits between applications and AI model to check AI requests, manage costs, apply security rules, and route requests to the right model. These are crucial functions to manage the costs of using AI models that use token-based pricing, provide a layer of security to prevent prompt injection, and process streaming responses.

Boomi’s Agentstudio provides AI agent lifecycle management, allowing users to create, govern, and orchestrate agents. Its customers have deployed over 50,000 agents and nearly 350 AI-powered solutions on Boomi Marketplace. The company continues to enhance Agentstudio to meet customer demand. In particular, Boomi is supporting context engineering (e.g., GraphRAG), open-source (e.g., MCP client/server), agent governance (e.g., multi-provider support, FinOps), management of AI agent access (e.g., delegated authorization), and more. All these capabilities – from AI agent management to integration & automation, data management, and API management – are now available through a single Boomi Enterprise Platform.

Boomi’s platform and its AI approach are well-received by enterprise customers. For example, Greencross Pet Wellness Company, Australia’s largest pet wellness organization, leverages Boomi Enterprise Platform to support data integration and business transformation across its inventory systems, HR platforms, warehousing, and digital services. Boomi’s platform also enabled the company to develop its digital pet profile platform, which allows customers to build personalized profiles, receive timely reminders for treatments, view tailored product recommendations, and access relevant services based on their pet’s needs.

Serco Asia-Pacific is another customer in the Asia-Pacific region that has deployed Boomi’s platform and achieved productivity with Boomi’s AI capability. In particular, the company has reduced dramatically the time for a developer to build and document an integration, using Boomi’s DesignGen (creating integration with prompts) and Scribe (generating summaries, descriptions, and documentation) AI agents. Serco now sees Boomi as a crucial partner for its digital transformation, leveraging Boomi Enterprise Platform for integration as well as data management and API management.

Partners play a part in promoting Boomi’s solutions while helping enterprises transform their business. Example of partners in Asia-Pacific include Adaptiv, Atturra, and United Techno, who have been leveraging Boomi for their data and integration business. Atturra is a business advisory and IT solutions provider in Asia-Pacific with a strong industry focus (e.g., logistics, education, financial services, and more). Adaptiv is an ANZ provider of data integration, analytics and AI services. United Techno has a stronger focus on data management and AI solutions especially within the retail, e-commerce, and logistics sectors.

Boomi also engages global systems integrators to promote its solutions to large enterprises for their digital transformation. The company formed a strategic partnership with DXC in August 2025, focusing on application modernization and agentic AI. Particularly for AI projects, consulting services can make a difference in helping enterprises drive more successful outcomes. Systems integrators have been strengthening their consulting capabilities aligned to industry verticals, which can be pivotal in helping companies reimagine their business workflows, implement the right solutions, and measure the business outcomes effectively. They also have existing relationships with many large enterprise customers. Ultimately, the enterprise technology environment is becoming more complex with the need to manage an ecosystem of different technology vendors. Boomi wants to be the glue connecting different technologies, but it also needs partners to bring it all together. Continuing to expand its go-to-market partners and adding more global/regional systems integrators is crucial to penetrate the large enterprise segment across Asia-Pacific.

Summary Bullets:

• The combination of omni-channel capability, effective data management, and AI will drive better customer experience.
• As Twilio’s business evolves from CPaaS to customer experience, the company focuses its product development on themes around trust, simple, and smart.

The ability to provide superior customer experience (CX) helps a business gain customer loyalty and a strong competitive advantage. Many enterprises are looking to AI including generative AI (GenAI) and agentic AI to further boost CX by enabling faster resolution and personalized experiences.

Communications platform-as-a-service (CPaaS) vendors offer a platform that focuses on meeting omni-channel channel communications requirements. These players have now integrated a broader set of capabilities to solve CX challenges, involving different touch points including sales, marketing, and customer service. Twilio is one of the major CPaaS vendors that has moved beyond just communications applications programming interfaces (APIs), including contact center (Twilio Flex), customer data management (Segment), and conversational AI. Twilio’s product development has been focusing on three key themes: Trusted, Simple, and Smart. The company has demonstrated these themes through product announcements throughout 2025 and showcased at its SIGNAL events around the world.

Firstly, Twilio is winning customer trust through its scalable and reliable platform (e.g., 99.99% API reliability), working with all major telecom operators in each market (e.g., Optus, Telstra, and Vodafone in Australia). More importantly, it is helping clients win the trust of their customers. With the rising fraud impacting consumers, Twilio has introduced various capabilities including Silent Network Authentication and FIDO-certified passkey as part of its Verify, a user verification product. The company is also promoting the use of branded communications, which has shown to achieve consumer trust and greater willingness to engage with brands. Twilio has introduced branded calling, RCS for branded messaging, Whatsapp Business Calling, and WebRTC for browser.

The second theme is about simplifying developer experience when using the Twilio platform to achieve better CX outcomes. Twilio has long been in the business of giving businesses the ability to reach their customers through a range of communications channels. With Segment (customer data platform), Twilio enables businesses to leverage their data more effectively for gaining customer insights and taking actions. An example is the recent introduction of Event Triggered Journey (general availability in July 2025), which allows the creation of automated marketing workflows to support personalized customer journeys. This can be used to enable a responsive approach for real-time use cases, such as cart abandonment, onboarding flows, and trial-to-paid account journeys. By taking actions to promptly address issues a customer is facing can improve the chance of having a successful transaction, and a happy customer.

The third theme on ‘smart’ is about leveraging AI to make better decisions, enable differentiated experiences, and build stronger customer relationships. Twilio announced two conversational AI updates in May 2025. The first is ‘Conversational Intelligence’ (generally available for voice and private beta for messaging), which analyzes voice calls and text-based conversations and converting them into structured data and insights. This is useful for understanding sentiments, spotting compliance risks, and identifying churn risks. The other AI capability is ‘ConversationRelay’, which enables developers to create voice AI agents using their preferred LLM and integrate with customer data. Twilio is leveraging speech recognition technology and interrupt handling to enable human-like voice agents. Cedar, a financial experience platform for healthcare providers is leveraging ConversationRelay to automate inbound patient billing calls. Healthcare providers receive large volume of calls from patients seeking clarity on their financial obligations. And the use of ConversationRelay enables AI-powered voice agents to provide quick answers and reduce wait times. This provides a better patient experience and quantifiable outcome compared to traditional chatbots. It is also said to reduce costs. The real test is whether such capabilities impact customer experience metrics, such as net promoter score (NPS).

Today, many businesses use Twilio to enhance customer engagement. At the Twilio SIGNAL Sydney event for example, Twilio customers spoke about their success with Twilio solutions. Crypto.com reduced onboarding times from hours to minutes, Lendi Group (a mortgage FinTech company) highlighted the use of AI agents to engage customers after hours, and Philippines Airlines was exploring Twilio Segment and Twilio Flex to enable personalized customer experiences. There was a general excitement with the use of AI to further enhance CX. However, while businesses are aware of the benefits of using AI to improve customer experience, the challenge has been the ability to do it effectively.

Twilio is simplifying the process with Segment and conversational AI solutions. The company is tackling another major challenge around AI security, through the acquisition of Stytch (completed on November 14, 2025), an identity platform for AI agents. AI agent authentication becomes crucial as more agents are deployed and given access to data and systems. AI agents will also collaborate autonomously through protocols such as Model Context Protocol, which can create security risks without an effective identity framework.

It has come a long way from legacy chatbots to GenAI-powered voice agents, and Twilio is not alone in pursuing AI-powered CX solutions. The market is a long way off from providing quantifiable feedback from customers. Technology vendors enabling customer engagement (e.g., Genesys, Salesforce, and Zendesk) have developed AI capabilities including voice AI agents. The collective efforts and competition within the industry will help to drive awareness and adoption. But it is crucial to get the basics right around data management, security, and cost of deploying AI.

Summary Bullets:

• Don’t use AI browsers or AI browser extensions – the loss of privacy isn’t worth the functionality.

• AI companies mean well, but the privacy implications of these products are unsuitable for enterprise or personal use.

“If you are not paying for it, you’re not the customer; you’re the product being sold.” – Andrew Lewis (blue_beetle), MetaFilter comment (2010)

It’s not news that AI is being talked about everywhere. It’s also not news that the websites and applications you use regularly are doing their level best to spy on you or obtain data that can be used internally or be sold to advertisers. Nor is it news that the state of privacy laws across the world is pretty poor, despite the EU giving its best attempt and the US pretending that three lines of legalese in a 15-page disclaimer somehow magically sets the ‘informed’ flag on users.

But the latest trend involves AI companies either creating browser extensions or, in at least one case, creating their own browser. OpenAI is touting its AI-enabled browser called Atlas, designed to both remember all activity, search that activity, chat, and do any number of AI-enhanced things. OpenAI rival Perplexity has a browser product called Comet. There are even sidebar browser extensions for Microsoft Copilot and Google Gemini. Some browsers, such as Firefox and Brave, come with an AI sidebar but uses your choice of LLM.

The first problem is an AI watching everything – your passwords, all text you type, your URLs… everything. Then that data isn’t stored locally; it’s stored with the AI. The problems here are no different than the problems with Microsoft Recall, an AI-driven search and backup feature that Microsoft released earlier in 2025, much to the consternation of pretty much everyone. All these AI companies have multiple safeguards to protect data, have stated policies on how such data can be used and where, and are being pretty upfront about how and when they use your data. They allow end users to pick and choose when the AI is available or even forget that data after a session. Companies adding these AI features to the browser are legitimately trying to make the lives of users easier with AI and protect user privacy.

They are adding other safeguards as well. OpenAI says that its Atlas AI browser cannot access other applications, download files, and cannot install extensions. Technological limits to prevent AI browsers and extensions from becoming security risks are being taken.

But giving any corporation a detailed record of all activities conducted on the internet, including every click, search, text, or picture and the metadata around it could have disastrous consequences in the long term. Hackers could gain access to the data. Governments could seize the data and use it against a populace or an individual. Companies get bought, end user agreements change, or investors could simply demand that all that personal data is monetized. If companies go out of business, what happens to the data? A fair amount of the world doesn’t have any legal mechanism to force businesses to delete data either.

Then there are the other issues, regarding security on your desktop. Social engineering or AI chat window spoofing is a real issue. That’s just the tip of the iceberg.

Every individual and every enterprise have the choice to decide whether the risks are worth the utility of having AI integrated into your browser. Everyone wants tools that work better; some of the features in AI browsers are impressive, and likely even more features will be coming. But that shouldn’t be at the expense of risking all your personal data or risking the company’s internal data, no matter how nice the tools look or how much you trusts a given AI vendor. This is about ensuring personal privacy and the data security of enterprises. Take a pass on AI browsers and AI browser extensions. Nobody would stand for being under video and audio surveillance every second and everywhere. Don’t allow the same to happen to your digital life.

Jaguar Land Rover, the iconic British car manufacturer has had virtually no production in its plants since the end of August 2025. A devastating cyberattack shut the company down – details on how the attack happened, who initiated the attack, and why it so thoroughly shut down Jaguar Land Rover have not been released to date. The postmortem will be an interesting read, more so to find out how much of the effect of this cyberattack was Jaguar Land Rover’s fault. No, this isn’t indulgent victim-blaming, and right now there is no proof the Jaguar Land Rover was anything but diligent. But the length of the shutdown and the secrecy does arise suspicions. Under principles of good business continuity and disaster recovery, Jaguar Land Rover should have been at least somewhat back in production by now. But analysis will really have to wait until details emerge.

This does highlight an issue that most organizations struggle with. Cybersecurity, as well as disaster recovery and business continuity, are preventative – they shouldn’t be noticed unless they are needed… or if they didn’t work. It’s hard to get satisfaction creating business continuity/disaster recovery (BC/DR) systems that you may never get to actually use. Security has a much higher profile… but ‘everything is running smoothly’ doesn’t often gain accolades.

Cybersecurity, and especially BC/DR are often pressured to compromise, for finance, for convenience, and because neither function will ever make money for the organization. Often there is a push to compare cybersecurity and BC/DR to an automotive or homeowner’s insurance policy, that they offer peace of mind. There is a better way to think about it. Think of cybersecurity and BC/DR like law enforcement thinks about bomb squad units. Bomb squad units get all the training and practice they want. Bomb squad units are encouraged to get the latest training, learn the latest advances, and to keep their equipment as up to date as possible. Nobody thinks that the bomb squad has it easy when they render an explosive safe, or in the best of times are not called on. Nobody suggests that the bomb squad does more with less. Because the consequences are so extreme, both for the bomb squad and for the law enforcement organization.

Budget holders need to start viewing cybersecurity, BC/DR, and BC/DR testing like the bomb squad. Yes, they provide peace of mind. But what they really provide is protection from extreme consequences. Nobody wants the organization in the news for having been knocked offline for a month in every major news outlet. Nobody wants to have to create the postmortem and present it to the board and likely various government officials, insurance executives, investor representatives and lawyers. Let’s not let this plea to take cybersecurity and BC/DR seriously fall on deaf ears like it has in the past.

Summary Bullets:

• As part of a larger global cross-industry study, LevelBlue surveyed executives in 220 manufacturing companies to gauge the state of their cyber resilience strategies in the era of AI-driven threats and other risks
• Awareness is high but also so are concerns, with 37% saying they are seeing a significantly higher volume of attacks; just 30% said their organization is prepared for deepfake attacks, even as 47% are anticipating them

Threat actors are savvy when choosing their targets. Manufacturing holds a strong appeal to cyber criminals because the profit potential associated with intellectual property is high and, thanks in part to supply chain vulnerabilities, there are plenty of points of exposure. A recent LevelBlue survey of 220 manufacturing executives found that while awareness about the threat environment is high, preparedness, especially for AI-driven attacks, is not.

Only 32% of manufacturing executives are ready for AI-powered threats, even though 44% expect them to occur. On the supply chain front, 54% admitted to having a very low to moderate visibility into their supply chains. Just 26% said working with their software suppliers to vet their credentials will take precedence in the next year.

In spite of the fact that 28% of manufacturing executives say their organization suffered a breach in the past 12 months and more than one-third are expecting that attack volume to increase, 51% said they are highly or very highly competent to protect their enterprise against threat actors. Fifty-five percent gave themselves the same competence when it comes to implementing and using AI to enhance cybersecurity.

The contradiction between this high level of confidence in their own competencies and their preparedness for AI-driven and other types of attacks points to potential overoptimism that adversaries could easily exploit. But there are also signs that some of the traditional internal organizational cybersecurity challenges in manufacturing are being addressed. Sixty-eight percent described their cybersecurity team as being aligned with lines of business. Sixty-five percent those in leadership positions are assessed against cybersecurity KPIs, which is higher than the cross-vertical results (60%).

Seventy percent are engaged in end-user education on social engineering, again higher than the entire sample (62%). Manufacturing companies are also more willing to tap third-party security providers for security training and awareness than in the past. Thirty-eight percent said they will augment their own internal resources with external training support in the next two years versus the 30% that have engaged with a third-party in the last year.

Manufacturing organizations are investing in cybersecurity to prepare for emerging threats. Top priorities are machine learning for pattern matching (71%); cyber resilience processes across the organization (69%); GenAI to combat social engineering attacks (64%); application security (67%) and enhanced supply chain security (63%).

While investment is important, awareness, pragmatism, and solid policy execution are essential. Without these, there is no way for any enterprise to mount an effective defense against cyber adversaries.

Summary Bullets:

• In its annual Global Managed Security survey of 1,019 managed services providers (MSPs) in the US, Canada, and the UK, security vendor OpenText uncovered a big delta between the desire to exploit SMB demand for AI-driven solutions and the capability of these providers to deliver the essential support.

• Approximately 92% said they are seeing growth driven by client interest in AI but only half have the adequate resources and expertise to help clients deploy these solutions.

Organizations of all sizes are boarding the AI bandwagon. For smaller businesses lacking internal AI expertise, adoption often requires the support of an external provider. Unfortunately, that same resource limitation also plagues many of the MSPs SMBs seek out for AI support. In a recent OpenText survey of 1,019 security practitioners, IT managers, and customer relationship managers, in the coming year 96% expect to see growth in demand driven by interest in AI. However, half said a combination of factors leaves them under-prepared to support SMB AI needs, including a lack of internal expertise, too many disparate tools to manage, and the lack of standardization across different client environments.

Fewer than 50% of the surveyed organizations have developed or implemented AI cybersecurity for their clients. That said, the majority are using AI for a variety of customer-facing applications, with 67% leveraging the technology for customer support and 66% rely on AI for technical support and triage. Over half (58%) apply AI for threat detection and response.

All MSPs are aware of the urgency of upskilling staff on AI, noting it is now the third most important capability behind threat prevention and 24/7 support for its SMB clients. SMBs are seeking out bundled security packages in droves. Seventy-one percent are looking for combined prevention, detection, and response solutions. Forty-one prevent want endpoint, network, and email security offerings.

Most of the surveyed MSPs are on a growth path with 95% expanding their portfolios in the coming year. Integration across discrete tools is of highest importance (38%). Eighteen percent said attach-rate to core services is crucial. Sixteen percent cited the criticality of having solutions that work across vertical industries.

A proven reputation is essential for MSPs to compete and win new clients. Thirty-two percent said customer referrals are the primary way to gain new customers, while 29% of prospects come to MSPs through digital searches or advertisements.

Summary Bullets:

• Fueled both by its lucrative results and AI-driven toolkits that lower the barrier of entry for enterprising yet inexperienced bad actors, ransomware incidents are soaring.

• In 2024, ransomware drove 44% of data breaches around the world and accounted for 54% of those in APAC, according to the 2025 Verizon Data Breach Investigations Report (DBIR).

As is the case with any IT security breach, it is no longer a question of if but when an enterprise might be hit with ransomware. Motivated in large part by profit potential, cybercriminals are drawn to ransomware as a mechanism to extort money. As a result, ransomware incidents are on the rise with the 2025 Verizon DBIR finding the number has increased 37% in 2024 versus the prior year.

In Akamai’s newly-published 2025 State of the Internet/Security research, security and content delivery network (CDN) provider Akamai attributed this surge to a number of factors, including AI. Examining incident data from its secure internet access enterprise clients, Akamai shows a strong correlation between the increased availability of GenAI and large language models (LLMs) tools. This makes it easier for less seasoned bad actors to mount highly effective ransomware operations. Cybercriminals use LLMs to generate code and enhance their social engineering techniques.

While money is a powerful motivator in ransomware campaigns, the Akamai research notes hacktivism is also part of the picture. The increasing prevalence of ransomware-as-a-service (RaaS) is one indicator of this. RaaS leverages a sprawling underground network that uses developers, the zero-day market, and initial access brokers. These organized crime entities specialize in particular functions like money laundering to fund activities pursuing sociopolitical or ethical goals.

Threat actors are also becoming more aggressive in their extortion efforts, increasingly applying double extortion, in which cybercriminals move beyond breaching an organization to encrypt data and then demanding payment to decrypt it, has become commonplace. In double extortion breaches, cybercriminals promise to release data elsewhere if not paid. Triple extortion, leveraging DDoS attacks to add more incentive for the targeted organization to pay the ransom, is also a more frequently used tactic than in the past.

Akamai notes that it has found incidents that use quadruple extortion, in which cybercriminals communicate with executives, other employees, partners, and the media to add more pressure to pay. Some criminal organizations also threaten to expose lack of regulatory compliance to authorities to up the ante. It is worth noting that some cybercriminals release the data anyway or come back for more ransom money. There is no honor among thieves.

The effectiveness of cybercriminals in collecting ransom has had a ripple effect on cyber insurance rates and an increased frequency of IT security audits by firms to ensure the appropriate controls are in place.

The challenge of staying one step ahead of the threat actors has never been more daunting. Budget holders need to prioritize the resources to make it possible for security practitioners to do so, or risk the consequences.

Summary Bullets:

• In a survey of 2,286 technology and security-focused executives, Accenture reports that only 34% have a mature cybersecurity strategy.
• Just 20% say they are confident in their ability to protect their generative AI (GenAI) models from a breach.

Artificial intelligence (AI) presents as a double-edged sword for many enterprises. The technology has the potential to revolutionize business processes and drive further innovation but is protecting the model from advancing threats that could compromise the integrity of data output. This is a daunting challenge that few organizations have a handle on today. Add threat actors harnessing AI for their own nefarious purposes to the mix, and the situation becomes much more daunting for the enterprise.

Accenture surveyed 2,286 executives, 80% of whom are chief information security officers (CISOs), and it uncovered a perilous scenario where enterprises are largely unready to protect their assets, including AI applications, from emerging threats. Just 20% of those surveyed say they are ready to defend their generative AI (GenAI) models from cyber threats.

One of the issues enterprises are running into with respect to their security postures in general is the prioritization of AI development and deployment over other IT investments, which often means security falls by the wayside. Between 2023 and 2024, Accenture reports that investments in GenAI projects are 1.6 times higher than security spending. If this trend continues, there is a risk that AI systems built on less than secure ground are vulnerable to cyber threats. Only 28% of the executives surveyed say they are integrating security capabilities into all transformative projects from the earliest development phases. Only 42% say they are mapping security development spending to AI development.

The news is not all bleak. For organizations that prioritize cybersecurity investments and focus on infrastructure resilience as they conduct transformational projects to create elevated security postures that mitigate serious risks. Enterprises that achieve what Accenture terms a ‘Reinvention-Ready Zone’ classification faces a 69% lower risk of the kind of sophisticated cyberattacks that leverage advanced techniques, including AI to cripple operations.

The investment in security brings other dividends. Accenture found organizations that prioritize security spending achieve a 1.7 times lower technical debt due in large part to the overall efficiency and resilience of their infrastructure.

The clear takeaway is that enterprises need to balance their AI infrastructure investments with their security spending to ensure the most protected, consistent, and high-performing environment possible.

Summary Bullets:

• Password managers do tend to make logging in easier – but it’s a change that people must get used to…

• To really embrace cybersecurity, there needs to be a reckoning to correct old thinking and ideas.

Sixteen (16) billion. That’s a number that isn’t comprehendible. It’s a number you hear on the news, usually in a science segment or in a finance segment talking about the ultra-wealthy. But this time, 16 billion is the number of exposed login credentials researchers from Cybernews found in an exposed dataset. This dataset contains stolen login credentials, mostly gained via malware. The credentials come from everywhere – from websites around the world, including popular websites and cloud services.

What is known is that the dataset was visible for a short time before being taken down. We know that some or all of the data in the dataset is not new but comes from earlier breaches and infostealers. We do not know where the data was being held/exposed from. The data wasn’t stolen from any one site breach, but likely a compilation of earlier stolen credentials. Initial reports seem to indicate that much of the discovery is net-new, but that has since been disputed. Still, that many credentials in one spot is a worry.

What was interesting about this information was essentially the lack of reaction from the public. Sure, skepticism of the discovery happened quickly – many security experts feel that this was a bit of a case of crying wolf. But the initial reaction by the public was more of a shrug. After all, how many times can a person’s login credentials get stolen? How many times should an individual go through the cumbersome process of updating passwords? Especially when it seems like there are more breaches every day. Keeping one’s credentials up to date after breaches begins to look like a Sisyphean task.

Cybersecurity fatigue is real, and the public is becoming increasingly numb about cybersecurity incidents. Reminders to update passkeys, use password managers, don’t reuse passwords, and enable multi-factor authentication are a constant drumbeat. With every hysteria-filled announcement of another breach that spills user data and login credentials, more people tune it out entirely – after all, *they* have never been hit.

The ugly truth: Good cybersecurity is difficult, even when just talking about login and passwords. Passwords should be long, 20-30 characters, randomly generated, and contain upper- and lower-case letters, numbers, and symbols. Each site should have its own password. People resist that – extremely difficult to remember a password like that, and it’s much easier to simply have a single password to use everywhere. A password manager is required to generate and store these passwords, as well as enter them when it comes time to log in. That password manager needs to work across platforms – e.g., Apple (e.g., phones, tablets, macs), PC, Android, and Linux.

But a password manager is yet another thing – one that requires its own password. To make it worse, the very public breach of LastPass, a popular password manager, makes people distrust password managers, especially those with a cloud component. There is also the learning barrier – using a password manager requires effort and changes how you log in. Password managers do tend to make logging in easier – but it’s a change that people must get used to, and people hate change to daily routines like logging in. Changing habits is hard, and not being able to just instantly enter a memorized password feels frustrating at first.

To really embrace cybersecurity, there needs to be a reckoning to correct old thinking and ideas. Let’s take a look:

• Password managers are not hard or scary – they are designed for ease of use, and there are tons of tutorials.

• Your personal password generation is vulnerable, no matter how clever the scheme you created is. Brute force techniques are far better than you imagine. And no, the word ‘password’ backwards isn’t clever.

• Password re-use is a vulnerability, no matter how easy it makes things.

• The fact that a person has never been hacked or doesn’t know anyone who has been isn’t a reason to keep old practices.

• This isn’t about having perfect security. It’s about protecting yourself and limiting damage if a breach occurs. Just like locking your doors and putting your blinds down at night.

Take the plunge yourself, get a password manager, then show a friend that it isn’t that hard and, in the end, never forgetting a password is a time-saver too! Proactive action with a password manager and password hygiene is important, and we cannot let the slew of high-profile breaches numb us from upping the quality of our own cybersecurity regimen.

The post How to Get a Finger on the Pulse of Corporate Networks via the SSL VPN appeared first on Detectify Blog.

The post Detectify now checks for File Disclosure in SSL VPNs – Pulse Secure and Fortinet appeared first on Detectify Blog.

Download now!

“SECURE PHONE”

• Let’s create a phone using ANDROID OS as an example
• With protection against network traffic interception;
• With notification about substitution of the base station (BS);
• By choosing open source firmware or removing built-in backdoors (yes, yes, they’re present in almost every firmware!);
• By encrypting it and making it resistant to forensics;
• Discuss backup and recovery methods, as well as encryption for secure storage;
• Talking about antiviruses for Android: are they useful and which one to choose?
• We will highlight services of automatic caller’s number detection, as well as services of automatic call recording of GSM standard and messengers;
• Figuring out the safest messengers of the 3 dominant types (federated, centralized, and p2p);
• Protecting sim cards, types of root and frameworks to change OS function on the fly;
• Using VPN for smartphone;
• Protecting the phone’s DNS from spoofing;
• Using firewalls for Android;
• By protecting your smartphone from being tapped by third-party applications;
• Safely deleting files, with a clear understanding of why you can’t give your phone to repair or sell it without first scrubbing it.

“HACK PHONE”

• Phone as a pentester tool that is always on hand
• Phone as a bootable flash drive for hacking and administering Windows;
• Phone as a BAD UASB tool to deliver a payload;
• Net Hunter and its installation types, directly on the phone, or as an element of Smartphone firmware;

Testing router security via Smartphone;

Setting up and optimizing Termux to work with root rights and pentester frameworks for “underhand” testing