Toro recently held a lively panel discussion featuring input from some of the leading voices in the cyber security field. Experts from various sectors gathered to share their insights on the most pressing challenges and emerging threats facing organisations today, and how businesses can adapt their security strategies to thrive in an increasingly complex threat landscape.
The conversation spanned topics such as the evolving nature of cyber risks, the role of AI in both defending and attacking, the critical importance of security culture, and how organisations can align their cyber security efforts with broader business objectives.
As the panelists discussed the current state of cyber security, they highlighted the key shifts in the threat landscape, including the rise of ransomware, the growing sophistication of phishing attacks, and the ever-present risk of human error. They also explored how emerging technologies, such as AI and machine learning, are being leveraged both by cybercriminals and defenders, as well as the ethical considerations surrounding the use of these technologies in cyber security.
Above all, the discussion underscored a central theme – cyber security is not just a technical issue, but a business-critical concern that must be woven into the fabric of an organisation’s operations and culture from the top down. With that in mind, the panelists shared actionable insights on how organisations can not only protect themselves from cyber threats but also enable innovation and growth through smart, strategic security practices. Here is a deeper look at the key takeaways from the conversation and how organisations can prepare for the evolving challenges of the next decade.
Ransomware remains one of the most prevalent and damaging threats in the cyber landscape. Panelists shared insights on how ransomware attacks have evolved from relatively simple infections to sophisticated, multi-layered attacks that can cripple organisations. The concept of “triple extortion” was discussed, where attackers not only encrypt (cipher) data but also steal sensitive information through exfiltration, and threaten to release it unless a ransom is paid. Ransomware-as-a-Service has lowered the barrier to entry for attackers, enabling individuals with minimal technical skills to launch devastating attacks.
Organisations must take a proactive, layered defence-in-depth approach to defend against ransomware. This includes implementing comprehensive backup systems, regularly patching vulnerabilities, and employing behavioural analysis tools that can detect unusual activities on the network, because of attackers “living off the land” using everyday tooling for malicious purposes. The conversation emphasized that organisations must not only focus on prevention but also on recovery. Recovery plans need to be rehearsed through tabletop exercises and walk through tasks to ensure that in the event of an attack, businesses can minimize downtime and protect their reputation. Being well prepared is key. Testing your backups is imperative!
One of the most controversial aspects of dealing with a ransomware attack is whether to pay the ransom demand. On one hand, paying the ransom may seem like the quickest way to recover lost data, but it is not a guaranteed solution, and is frowned upon. Panelists discussed the fact that many organisations that pay the ransom still do not get their data back or find that it is compromised. Moreover, paying the ransom only fuels the ransomware economy, making organisations more likely to be targeted again.
AI has undoubtedly transformed many aspects of cyber security, both for defenders and attackers. On the one hand, AI tools help defenders process vast amounts of data, detect threats in real-time, and automate responses. Cybercriminals, however, are also leveraging AI to enhance their attacks.
AI-driven phishing attacks have become more sophisticated, targeting individuals with highly personalised messages that are harder to spot. Generative AI, such as ChatGPT, has enabled threat actors to create convincing scams, malware, and even disinformation, making it easier for attackers to launch complex attacks.
The panelists stressed the need for organisations to understand the risks of integrating AI tools within their operations, and to consider how Generative AI will use any intellectual property that is fed into AI engines. Transparency is key when working with third-party vendors, as businesses must ensure their data is being handled securely and ethically. In addition, employees must be trained to critically assess AI-generated content, as over reliance on these tools could lead to vulnerabilities or the spread of misinformation.
One of the key takeaways from the discussion was that security should be seen as a business enabler, not a hindrance. Security is no longer just a matter of mitigating risk and stopping cyber criminals, but should be integrated into the business strategy at board level to support growth and innovation. Panelists highlighted that a strong cyber security posture can lead to enhanced customer trust, compliance with regulatory standards, and the ability to adopt modern technologies with confidence.
Organisations need to align their security measures with their overall business objectives. For example, risk management frameworks should account for both technical risks and business considerations. By understanding a company’s risk appetite, organisations can prioritise investments in cyber security that offer the greatest return on investment. This alignment ensures that security is not seen as a cost drain or grudge purchase, but as a strategic asset that opens doors for the business. Security teams should work closely with business leaders to ensure that security measures support broader organisational goals.
Human error continues to be one of the leading causes of data breaches, no matter how advanced an organisation’s security may be. Phishing, poor password practices, and unintentional disclosure of sensitive information remain constant threats. The panel stressed that addressing the human element of cyber security is crucial to reducing these risks.
A strong security culture is necessary to ensure that employees at all levels are engaged and proactive in identifying and mitigating risks. Leadership plays a critical role in setting the tone for this culture. When executives prioritise cyber security and actively engage in security training, they set an example for the rest of the organisation. It is also essential that security training be approachable, pitched at the right level, and role specific. The aim should be to raise awareness, not to catch employees out. With the majority of cyber-attacks targeting human weaknesses, it is vital to create a no-blame culture to ensure that employees feel safe to report an incident arising from human error, such as clicking on a phishing link, without fear of retribution.
Phishing simulations, while a valuable training tool, should be educational. They offer an opportunity to demonstrate what phishing attempts look like and help employees recognise the signs of a potential attack. Organisations, however, must ensure that these exercises are part of a broader security awareness programme, which should include role-specific training and continual reinforcement of good security practices as well as table top exercises to test contingency and resilience within a business.
Another key point discussed was the need for a holistic approach to security. As the threat landscape grows more complex, organisations must integrate physical security, cyber security, and human factors into one cohesive strategy. This blended approach ensures that all potential vulnerabilities are addressed, whether they stem from cyber threats, physical breaches, or human error.
The panel highlighted the importance of collaboration between physical security teams and cyber security experts. For example, protecting critical infrastructure involves securing both the digital systems that control operations and the physical access points to those systems. By working together, teams can create a unified security strategy that covers all bases and better protects the organisation from a range of threats.
Finally, the conversation turned to the need for organisations to continuously adapt their security strategies in response to evolving threats.
Cyber security is not a static field, and businesses must remain agile in their approach to risk management. Regularly reviewing and updating security measures is essential to staying ahead of emerging threats. This includes investing in threat intelligence, collaborating with industry peers, and leveraging advanced technologies like machine learning to detect and respond to new attack methods before they cause considerable damage.
A robust defence also requires the integration of 24x7x365 human-led threat hunting and Managed Detection and Response (MDR) capabilities, ensuring that highly skilled analysts are continuously monitoring for sophisticated threats and proactively neutralising risks. These capabilities provide organisations with real-time threat detection, analysis, and remediation, complementing automated systems with expert oversight.
Organisations should ensure that security is deeply woven into their day-to-day operations. This involves creating a security-conscious culture, aligning security practices with business goals, and continuously educating employees on the latest risks and best practices. Cyber security must be seen as an ongoing, cyclic journey rather than a destination one where agility, innovation, and proactive measures like MDR and human-led threat hunting are key to staying ahead of the curve.
In conclusion, the panel discussion provided valuable insights into the evolving cyber security landscape. Organisations must approach cyber security as a business enabler, integrating it into their broader strategy and aligning it with business objectives.
A strong security culture, coupled with a proactive, layered approach to risk management, is essential to mitigating the growing threat of cyberattacks. Central to this approach is the integration of 24x7x365 monitoring, which ensures continuous vigilance and rapid response to potential threats. As AI and other emerging technologies continue to transform the threat landscape, businesses must stay agile and adaptable, leveraging round-the-clock monitoring as a critical component of their strategy to identify and address vulnerabilities in real time.
By continuously improving their security measures, implementing robust monitoring systems, and preparing for new risks, organisations can not only protect their assets but also build trust with customers, drive innovation, and create a secure environment for long-term success. The combination of a resilient security culture, proactive strategies, and ongoing monitoring provides a comprehensive defence against evolving cyber threats.
Thank you to everyone that attended the session. Toro will be hosting several more of these events throughout 2025, if you are interested in being added to the guest list please email events@torosolutions.co.uk