{"id":192657,"date":"2026-03-04T08:00:00","date_gmt":"2026-03-04T13:00:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/04\/ai-raises-the-cybersecurity-stakes-but-people-still-open-the-door\/"},"modified":"2026-03-04T08:15:10","modified_gmt":"2026-03-04T13:15:10","slug":"ai-raises-the-cybersecurity-stakes-but-people-still-open-the-door","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/04\/ai-raises-the-cybersecurity-stakes-but-people-still-open-the-door\/","title":{"rendered":"AI Raises the Cybersecurity Stakes \u2014 But People Still Open the Door"},"content":{"rendered":"<p><a href=\"https:\/\/www.infosecurity-magazine.com\/opinions\/ai-cybersecurity-people-open-door\/\">AI Raises the Cybersecurity Stakes \u2014 But People Still Open the Door<\/a><\/p>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/opinions\/ai-cybersecurity-people-open-door\/\">https:\/\/www.infosecurity-magazine.com\/opinions\/ai-cybersecurity-people-open-door\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-04 08:00:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.infosecurity-magazine.com\">www.infosecurity-magazine.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. When people think about cybersecurity, they often picture a hooded figure in a dark room, hammering away at a keyboard, trying to break through a digital perimeter. It\u2019s a familiar image, and an increasingly misleading one. Today\u2019s reality isn\u2019t man vs. machine; it\u2019s human vs. human.<\/p>\n<p>What is different today, is you no longer need to be deeply technical or exceptionally skilled to play the attacker. It\u2019s here that AI is lowering the barrier to entry and changing the rules of engagement.<\/p>\n<p>Yes, generative AI has given security professionals new ways to accelerate detection and response. But it\u2019s also given bad actors a powerful upgrade in their ability to deceive. Well-written phishing emails, deepfake voice calls, and highly targeted social engineering attacks are now faster to produce and harder to detect. The tools of the trade are persuasion, misdirection, and manipulation, which means your people, not your perimeter, continue to be the most exposed surface area.<\/p>\n<p>The Same Attacks, Better Disguises<\/p>\n<p>AI allows bad actors to industrialise deception. Phishing emails are no longer poorly written or obviously generic. They\u2019re fluent, well-timed, and context aware. Voice cloning and AI-driven call scripts can mimic tone, authority, and urgency with alarming accuracy. Social engineering attacks that once took weeks to plan and prepare can now be executed in minutes.<\/p>\n<p>From a defender\u2019s perspective, that acceleration matters. It shortens reaction times, increases volume, and raises the cognitive load on people making decisions at the frontline. But it doesn\u2019t fundamentally alter the nature of the threat. The door is still opened or closed by a human being.<\/p>\n<p>Why People Remain the Weakest Link and the Strongest Defence<\/p>\n<p>Security professionals often describe people as the weakest link. There\u2019s truth in that, but it\u2019s only half the story. People are difficult to control, but they\u2019re also the only part of the system capable of judgement. Firewalls don\u2019t get suspicious. Policies don\u2019t feel uneasy. Automated controls can enforce rules, but they can\u2019t interpret intent.<\/p>\n<p>That matters because modern attacks are designed to bypass technical controls by targeting psychology instead. Fear, urgency, authority, and confusion are the weapons of choice. The goal isn\u2019t to break a system, it\u2019s to rush someone into making a bad decision before they have time to think.<\/p>\n<p>AI amplifies this by making those attacks feel more legitimate. This is why cybersecurity today is less about building higher walls and more about shaping better judgement.<\/p>\n<p>The Danger of Over-Indexing on AI<\/p>\n<p>There\u2019s a risk, as AI adoption accelerates, that organisations focus too heavily on AI-driven defences while neglecting the fundamentals. New tools promise faster detection, better analytics, and automated response, and many of them deliver real value.<\/p>\n<p>However, some of the most effective attacks we\u2019ve seen recently have started with people. They\u2019ve relied on classic social engineering techniques: password reset requests, authority impersonation, and carefully staged misinformation designed to create distraction.<\/p>\n<p>In some cases, attackers don\u2019t even need to breach systems at all. By engineering the perception of a breach, they can trigger confusion and panic. In one recent example involving a major social network, attackers convinced users they had lost control of their accounts, prompting frantic recovery attempts that created exactly the disruption the attackers needed. The breach wasn\u2019t technical, it was psychological.<\/p>\n<p>Breaches seen last year offer another clear example. Attackers were able to embed themselves on calls with security teams at one organisation, asking the right questions and learning where the pressure points were. They then moved on to other retailers, exploiting the same weaknesses with remarkable speed. The lesson is simple: attackers don\u2019t exploit systems, they exploit people.<\/p>\n<p>Education Without Fear<\/p>\n<p>If people are central to security, the question becomes how to support them without paralysing them. The answer isn\u2019t more rules, louder warnings, or harsher consequences. Fear doesn\u2019t create good security outcomes. It creates knee-jerk reactions that attackers rely on.<\/p>\n<p>At bet365, we focus on building confidence, as well as compliance. We want people to stop and think before they act. We want them to trust their instincts, and, crucially, we want them to feel safe escalating concerns, even if they turn out to be false alarms.<\/p>\n<p>If someone feels something isn\u2019t right, the correct response is never to push through under pressure. That might mean escalating a call from someone claiming to be from inside the organisation. If they\u2019re requesting an urgent password reset, but unable to provide the correct credentials, it should be escalated. Even if they insist they\u2019re the CEO.<\/p>\n<p>Authority, urgency, and familiarity are classic pressure tactics. Pausing, checking, and handing it off isn\u2019t a failure; it\u2019s good security practice. Good security cultures reward that behaviour rather than punishing it. This approach recognises a simple truth: attackers exploit moments of isolation. Collaboration breaks that spell.<\/p>\n<p>Guardrails, Not Handcuffs<\/p>\n<p>AI also forces organisations to confront a long-standing tension in security: how to protect the business without stifling innovation. If you don\u2019t trust your people, you can\u2019t innovate. But if you remove all guardrails, you invite risk. The solution isn\u2019t blanket restriction. It\u2019s contextual control.<\/p>\n<p>Different roles require different levels of access, flexibility, and autonomy. Policies need to be clear and consistent, but their application must be pragmatic. Exemptions aren\u2019t failures, they\u2019re deliberate, managed decisions that reflect how the business operates. AI doesn\u2019t change that balance. It makes getting it right more important.<\/p>\n<p>Security as Judgement at Scale<\/p>\n<p>AI raises the stakes because it compresses time. Decisions that once allowed for reflection now demand near-instant judgement. That places enormous pressure on people, particularly those in frontline operational roles.<\/p>\n<p>The organisations that will succeed aren\u2019t those with the most sophisticated tools, but those that invest in judgement at scale. That means:<\/p>\n<p>\tTeaching people how attackers think, not just what rules to follow<br \/>\n\tEncouraging pause over panic<br \/>\n\tTreating security as a shared responsibility, not a specialist task<\/p>\n<p>AI may be machine-driven, but cybersecurity outcomes are still shaped by human behaviour.<\/p>\n<p>The Human Constant<\/p>\n<p>AI will continue to evolve, tools will improve, attacks will become more convincing, and automation will play a bigger role on both sides of the equation. But one thing won\u2019t change. Security isn\u2019t about beating the machine. It\u2019s about helping people recognise when they\u2019re being played and giving them the confidence to act accordingly.<\/p>\n<p>That\u2019s where the real battle is fought, and it always has been.<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>AI Raises the Cybersecurity Stakes \u2014 But People Still Open the Door https:\/\/www.infosecurity-magazine.com\/opinions\/ai-cybersecurity-people-open-door\/ Publish Date:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":192658,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/assets.infosecurity-magazine.com\/webpage\/og\/64179457-f0d4-4f28-a9d1-532d75a712c3.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,30,24,31,25],"class_list":["post-192657","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-breach","tag-cybersecurity","tag-exploit","tag-phishing"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/192657"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=192657"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/192657\/revisions"}],"predecessor-version":[{"id":192659,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/192657\/revisions\/192659"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/192658"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=192657"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=192657"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=192657"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}