A stream of thousands of alerts from fragmented tools and disconnected data sources, and limited staff and resources, means cyber and info-security teams are forced to make quick, high-stakes decisions about which alerts to investigate, often leaving dangerous threats buried in the ‘noise’. The result is a cycle of analyst burnout, slower response times, and greater exposure to risk. So suggests a report, Navigating the Human-AI Relationship for Security Operations Success, by a cyber vendor.
Dan Schiappa, President of Technology and Services at Arctic Wolf, says: “Artificial intelligence is rapidly becoming a cornerstone of modern cybersecurity, but it benefits from human expertise to be truly effective. The insights from this report give leaders the data they need to make smart, targeted investments, deploying AI where it can deliver measurable outcomes, cut through alert noise, and help security teams work with greater speed, accuracy, and confidence.”
The report suggests AI (artificial intelligence) has become a decisive factor in cyber investment. Businesses are looking to AI not just as a tool, but as a partner in security operations, using threat detection to identify malicious activity faster, large language model assistants to guide investigations and provide context, and AI-powered workflows to automate repetitive tasks. When paired with human oversight, these capabilities can cut through the noise, reduce alert fatigue, accelerate investigations, and help security teams focus on stopping the threats that matter most, the report says.
Findings from the report:
Near all, 99 per cent of organizations say AI will influence their security purchases or renewals in the next year, with nearly four in ten budgets already tied to AI-powered solutions. Most, 73 per cent of those surveyed for the firm by Sapio Research have already integrated AI into their cybersecurity posture, in terms of sector led by financial services (82pc), while risk-averse sectors like utilities (59pc) and regions such as the Nordics (59pc) are moving more cautiously. Most, 73pc plan to use AI for 24×7 security operations automation, 72pc for better threat prediction and prevention, and 70pc to boost detection capabilities. More than two-thirds say AI needs substantial human input; about half of those asked, 52pc expect to upskill their teams to manage AI, and 46pc anticipate analysts shifting toward validating AI-generated alerts. As for challenges: 33pc cite data privacy as the top challenge to AI adoption, followed by cost (30pc) and lack of fully meeting a need (28pc).
AI coding agents
Cybercriminals are using AI coding agents to carry out data extortion operations at scale; and North Korean IT workers are going about making employment fraud at scale with AI, according to a report by Anthropic, developer of the AI coding tool Claude Code. AI models are themselves being used to perform sophisticated cyberattacks – not just advising on how to carry them out. Actors with few technical skills have used AI to conduct complex operations, like developing ransomware, that would previously have required years of training. As for fraud, AI is used for tasks such as analyzing stolen data, stealing credit card information, and creating false identities.
Comment
AI is becoming a double edged sword for cybersecurity and the potential evolution of the landscape, suggests Kevin Curran, IEEE senior member and professor of cybersecurity at Ulster University. He says: “Clearly the dynamic between hackers and cybersecurity teams has shifted. Both sides are employing AI tools within their arsenal to outmanoeuvre one another. The cybersecurity landscape has evolved, and this has gradually become a high-stakes arms race. For defenders, AI is a valuable asset. Enterprises have implemented generative (GenAI) and other automation tools to analyse vast amounts of data in real time and identify anomalies, enabling teams to better mitigate potential threats. At the same time, for threat actors, AI can streamline phishing attacks, automate malware creation and even help scan networks for vulnerabilities.
“It is hard to predict what the cybersecurity landscape will look like in the future. AI has proven to be a valuable tool for cybersecurity teams and threat actors alike. Given how quickly the technology has evolved, organisations will have to adopt a more comprehensive and proactive cybersecurity policy if they want to stay ahead of attackers. After all, cyberattacks are a matter of ‘when,’ not ‘if,’ and AI will only accelerate the number of opportunities available to threat actors.
“The risk to companies is that their security teams will become over-reliant on AI, potentially sidelining human judgment and leaving systems vulnerable to attacks. There is still a need for a human ‘copilot’ and roles need to be clearly defined. For now, organisations should focus on establishing more comprehensive security measures and access controls and continue to encourage employees’ training.”
Institute call
In a recent paper, ‘A New International Approach to Beating Serious and Organised Crime’, published by the Tony Blair Institute, the think-tank suggests a Serious Organised Crime Alliance of trusted countries that would use AI models that pretend to be fraud victims, for example. Through pooling data and computing power, the Alliance could also deploy AI to map networks, track illicit finance, and intervene, enhancing disruption without needing to share sensitive personal data across jurisdictions, the paper argues.
MoJ
Secretary of State for Justice, Shabana Mahmood, recently hailed AI that will she said ‘transform the justice system’, for example an ‘AI violence predictor‘.
