Back to all
Cybersecurity is a common concern for businesses of all sizes – as shown by an April 2025 Experis survey where 41% of Chief Information Officers ranked it as such. It’s an area of both threats and opportunities – and the game is changing all the time.
To help our users keep up, we brought together two experts in IT and cybersecurity – Kris Haynes (Presales Manager, Axess Systems) and Jason Brown (Senior Sales Engineer, Sophos). They discussed AI’s role, and the importance of the human element in defence. Here’s a recap of the best bits…
Webinar Recap
The Evolving Threat Landscape
One recurring theme was the growing range of cybersecurity threats – and how flexible working, the Internet of Things (IoT) and AI are bolstering them.
There are still many ways to make environments safer – like strong passwords or storing data backups offsite. But these are increasingly losing the battle to social engineering, mobile malware and data theft.
Cybercrime-As-A-Service
Kris noted that more people are also buying malicious code on the dark web – including a month’s worth of DDoS attacks.
Cybercrime is no longer just for skilled hackers; anyone can access it, as Jason explained:
“Cybercrime as a service separates the bad actors from the smart people that create the code. In some respects, you don’t need to have the technical ability to do things, you just need to have the criminal drive to do things.”
Cybersecurity Predictions for 2025: AI On The Rise
Despite the rise in cybercrime-as-a-service, the webinar still spotlighted more well-known threats – ransomware and state-sponsored attacks.
Jason used state-sponsored attacks as an example of a strategic shift in how threat actors operate.
“We’re seeing smaller organizations targeted to be used as part of the attack. So, you write something very sophisticated, which you think is probably going to compromise a government level of security – that will go, often, straight past organizations that have less protection. You can then use those as zombies to start attacking [bigger organisations].”
Unsurprisingly, AI is fuelling both sides of this new battlefield. While bad actors bypass ethical restrictions, good actors do the opposite – using AI to predict, detect, and neutralise threats. Jason cited Sophos itself as an example of this.
However, Jason also emphasised the remaining human element to Managed Detection Response (MDR):
“If you could do everything without any kind of human input, you wouldn’t need EDR [Endpoint Detection Response] or XDR (Extended Detection Response]. That would all be done in the endpoint solution. You do need somebody to actually analyse and work out what it all means.”
Real Life Case Study
A case study showed Sophos’ own blended approach to threats.
A North Korea-linked actor took advantage of an unmonitored period to try and access a system. Sophos’ Microsoft integrations meant they found out about the breach quicker and could see account privileges – giving them reason to investigate. The mixture of integrated signals and human skill meant the threat was neutralised within 2 and a half hours. This showcases the real need for layered defence.
Q&A
Our audience also asked some standout questions in the webinar’s Q&A session. Topics included metrics to identify suspicious activities, data prioritisation and patching responsibility.
They reinforced the webinar’s central theme: organisations must have access to actionable insights into threats. As Jason summarised:
“If you have an XDR solution or an MDR solution, understanding what that’s seeing, looking at how often you go in and determine what it means, because if you’re not doing that, at least on a daily basis, then there’s things that are potentially going to slip through.”
Thank you to Kris and Jason for lending their time and expertise to educate our users on cybersecurity! If you want to watch the webinar in full, you can do so here.
Looking for help solving your cybersecurity challenges? Book a free, no obligation consultation by clicking here.
Previous
