On the similar time, corporations should strengthen the safety of their AI fashions and knowledge to scale back publicity to manipulation from AI-enabled malware. Such dangers might embrace, as an example, immediate injections, the place a malicious consumer crafts a immediate to control an AI mannequin into performing unintended actions, bypassing its unique directions and safeguards.
Agentic AI additional ups the ante, with hackers ready to make use of AI brokers to automate assaults and make tactical choices with out fixed human oversight. “Agentic AI has the potential to break down the price of the kill chain,” says Bailey. “Meaning on a regular basis cybercriminals might begin executing campaigns that right this moment solely well-funded espionage operations can afford.”
Organizations, in flip, are exploring how AI brokers may also help them keep forward. Practically 40% of corporations count on agentic AI to enhance or help groups over the following 12 months, particularly in cybersecurity, in keeping with Cisco’s 2025 AI Readiness Index. Use circumstances embrace AI brokers skilled on telemetry, which may establish anomalies or indicators from machine knowledge too disparate and unstructured to be deciphered by people.
Calculating the quantum risk
As many cybersecurity groups deal with the very actual AI-driven risk, quantum is ready on the sidelines. Nearly three-quarters (73%) of US organizations surveyed by KPMG say they imagine it is just a matter of time earlier than cybercriminals are utilizing quantum to decrypt and disrupt right this moment’s cybersecurity protocols. And but, the bulk (81%) additionally admit they may do extra to make sure that their knowledge stays safe.
Corporations are proper to be involved. Menace actors are already finishing up harvest now, decrypt later assaults, stockpiling delicate encrypted knowledge to crack as soon as quantum know-how matures. Examples embrace state-sponsored actors intercepting authorities communications and cybercriminal networks storing encrypted web site visitors or monetary information.
Massive know-how corporations are among the many first to roll out quantum defenses. For instance, Apple is utilizing cryptography protocol PQ3 to defend towards harvest now, decrypt later assaults on its iMessage platform. Google is testing post-quantum cryptography (PQC)—which is proof against assaults from each quantum and classical computer systems—in its Chrome browser. And Cisco “has made important investments in quantum-proofing our software program and infrastructure,” says Bailey. “You’ll see extra enterprises and governments taking related steps over the following 18 to 24 months,” he provides.
As rules just like the US Quantum Computing Cybersecurity Preparedness Act lay out necessities for mitigating towards quantum threats, together with standardized PQC algorithms by the Nationwide Institute of Requirements and Know-how, a wider vary of organizations will begin getting ready their very own quantum defenses.
For organizations starting that journey, Bailey outlines two key actions. First, set up visibility. “Perceive what knowledge you will have and the place it lives,” he says. “Take stock, assess sensitivity, and overview your encryption keys, rotating out any which might be weak or outdated.”
