At the similar time, firms should strengthen the safety of their AI fashions and information to scale back publicity to manipulation from AI-enabled malware. Such dangers may embody, as an example, immediate injections, the place a malicious person crafts a immediate to govern an AI mannequin into performing unintended actions, bypassing its unique directions and safeguards.
Agentic AI additional ups the ante, with hackers in a position to make use of AI brokers to automate assaults and make tactical selections with out fixed human oversight. “Agentic AI has the potential to collapse the cost of the kill chain,” says Bailey. “That means everyday cybercriminals could start executing campaigns that today only well-funded espionage operations can afford.”
Organizations, in flip, are exploring how AI brokers may also help them keep forward. Nearly 40% of firms count on agentic AI to enhance or help groups over the subsequent 12 months, particularly in cybersecurity, based on Cisco’s 2025 AI Readiness Index. Use circumstances embody AI brokers skilled on telemetry, which may determine anomalies or alerts from machine information too disparate and unstructured to be deciphered by people.
Calculating the quantum risk
As many cybersecurity groups deal with the very actual AI-driven risk, quantum is ready on the sidelines. Almost three-quarters (73%) of US organizations surveyed by KPMG say they imagine it’s only a matter of time earlier than cybercriminals are utilizing quantum to decrypt and disrupt at the moment’s cybersecurity protocols. And but, the majority (81%) additionally admit they may do extra to make sure that their information stays safe.
Companies are proper to be involved. Threat actors are already finishing up harvest now, decrypt later assaults, stockpiling delicate encrypted information to crack as soon as quantum expertise matures. Examples embody state-sponsored actors intercepting authorities communications and cybercriminal networks storing encrypted web visitors or monetary data.
Large expertise firms are amongst the first to roll out quantum defenses. For instance, Apple is utilizing cryptography protocol PQ3 to defend in opposition to harvest now, decrypt later assaults on its iMessage platform. Google is testing post-quantum cryptography (PQC)—which is proof against assaults from each quantum and classical computer systems—in its Chrome browser. And Cisco “has made significant investments in quantum-proofing our software and infrastructure,” says Bailey. “You’ll see more enterprises and governments taking similar steps over the next 18 to 24 months,” he provides.
As rules like the US Quantum Computing Cybersecurity Preparedness Act lay out necessities for mitigating in opposition to quantum threats, together with standardized PQC algorithms by the National Institute of Standards and Technology, a wider vary of organizations will begin making ready their very own quantum defenses.
For organizations starting that journey, Bailey outlines two key actions. First, set up visibility. “Understand what data you have and where it lives,” he says. “Take inventory, assess sensitivity, and review your encryption keys, rotating out any that are weak or outdated.”