Cyber-attacks are evolving at lightning speed through generative AI. They are faster, more intelligent, and more personalised than ever before. Where attacks were once largely manual, AI-driven systems now enable cybercriminals to automate phishing campaigns, tailor malware, and detect unknown vulnerabilities at a pace that outstrips classical defences.
At the same time, organisations are deploying those very same technologies for protection. Artificial Intelligence makes it possible to recognise patterns, predict risks, and prevent incidents before they occur. According to Lenovo’s CIO Playbook 2025, 79% of organisations in EMEA are investing in AI-enhanced security services. Yet only 22% have a clear AI governance framework. This gap highlights how policy and ethical guidelines are lagging behind technological progress. A strong governance model is essential to apply AI effectively, responsibly, and compliantly, and to ensure trust among customers and partners.
A growing attack surface
Digital acceleration is evident across every sector. AI spending is soaring, and data now resides everywhere at once: on mobile devices, at the edge, and in the cloud. Security must therefore extend from endpoint to server, from firmware to the application layer. Traditional perimeter defence is no longer sufficient. Modern infrastructure must not only respond to threats, but anticipate them, and that starts not with software, but with the design of hardware and processes.
Security does not end at software or network access. Many risks arise lower in the stack – in hardware, firmware, or peripherals. To align protection with the real threat landscape, organisations need to take a broader perspective. The Open Systems Interconnection (OSI) model defines seven layers, from the physical infrastructure up to the application tier. Yet many companies still focus mainly on those upper layers, while true resilience begins at the base: the physical devices themselves.
From detection to prevention
In an AI era where attacks can unfold within milliseconds, it is crucial to stay ahead of them. Many organisations still rely on detection and response, but that is no longer adequate. A preventive approach, inspired by the military principle of ‘left of bang’, means identifying risks in the supply chain, flagging suspicious hardware, and validating firmware before a device even boots up.
This requires more than technology alone: it calls for vision, policy, and infrastructures designed with security at their core.
Looking ahead: AI and the future of cybersecurity
In the coming years, AI will play a larger role in automatically detecting and fixing vulnerabilities, such as applying patches in real time and continuously monitoring systems for anomalies. Quantum computing will introduce new challenges, where AI will be indispensable in next-generation security protocols. Meanwhile, the importance of ‘zero trust’ security models will continue to grow, with AI enabling continuous verification and risk reduction. Organisations that invest now in both technological innovation and governance will build the foundations of future-proof cyber resilience.
No organisation can do this alone. Cyber resilience requires collaboration between hardware manufacturers, software partners, policymakers, and IT leaders. Here, it is crucial for vendors to provide open, interoperable solutions not through one all-encompassing system, but by pursuing a shared strategy and a common goal: resilience.
From risk to strategic advantage
Cybersecurity is often regarded as a cost centre, but those who make security the foundation are simultaneously building trust and competitive strength. In an age where technology defines reputation, organisations that make security tangible and visible become more attractive to customers, partners, and emerging talent alike.
AI makes organisations smarter – but also more vulnerable. The real question is not if we should rethink cybersecurity, but whether we are doing so quickly and deeply enough: not merely at the surface, but at the very core of our systems.