AI lowering barriers to cyber attacks. 5 steps for businesses to become more AI aware

AI is “lowering the barrier to entry” for cyberattacks, warns an expert, with two-thirds of organizations reporting an increase in attacks over the last year, according to Hiscox’s Cyber Readiness Report.

Cybersecurity insurer Hiscox, along with AI expert Durgan Cooper, is raising concerns about the growing threat of sophisticated cyberattacks fueled by advances in artificial intelligence.

Cooper, who has advised the House of Lords on cybersecurity, explains that AI is making it easier for cybercriminals to launch complex attacks. This trend is supported by Hiscox’s 2024 Cyber Readiness Report, which revealed that 67% of businesses worldwide reported an increase in cyberattacks last year.

Cooper notes that AI-generated content and adaptive malware are now more accessible, leading to a rise in targeted attacks and social engineering. He also highlights AI’s ability to quickly learn network behaviours, significantly reducing the time between an initial breach and a full-scale attack.

Additionally, AI is adept at exploiting vulnerabilities in poorly protected databases and systems, as well as human errors in system configurations.

The Hiscox report also indicates that a significant number of firms (34%) admit that their cybersecurity measures are compromised due to a lack of expertise in managing the risks associated with emerging technologies.

With phishing remaining a primary cause of cyberattacks, accounting for approximately 90% of incidents, experts emphasize the importance of sophisticated employee training to counter AI-enhanced phishing and ransomware campaigns.

Hiscox’s 2024 Cyber Readiness Report

5 practical steps for SMEs to be AI-aware in 2025

Hiscox’s Cyber Readiness Report reveals that almost two-thirds (64%) of business leaders believe generative AI will be pivotal in shaping their cybersecurity approach by 2030. But for SMEs looking to act now, we highlight five key steps for keeping your business safe.

1. Teach technical protections through Cyber Essentials certification

Cyber Essentials is a government-backed scheme demonstrating basic security standards that help protect against common cyber threats. Durgan recommends, “all businesses should undertake Cyber Essentials as a solid cybersecurity foundation.”

2. Monitor networks for unusual activity

Durgan advises that businesses “must monitor networks to identify abnormal behaviour and invest in Security Operations Centre (SOC) services to investigate anomalies and respond quickly.”

SOCs monitor network traffic and automatically flag suspicious activities. Although advanced, Durgan notes they are “becoming more mainstream, rather than just a product reserved for large organisations.”

3. Regularly apply patches and updates

Patching vulnerabilities and keeping systems up to date is one of the simplest and most effective ways to prevent cyberattacks, as outdated systems are more vulnerable to attack. Regular updates and patches ensure that software is resilient to the latest threats.

4. Safeguard with cyber insurance

In addition to preventative measures, small businesses should consider cyber insurance to mitigate the financial impact of a breach. Says Durgan: “All businesses are at risk of cyberattacks as threats evolve in line with AI developments. Cyber insurance not only provides financial protection in the event of a breach but also gives businesses the resources to recover swiftly.”

5. Enhance employee training

With AI-powered phishing scams becoming increasingly convincing, businesses must ensure their employees can spot potential threats. Ongoing training is vital to stay ahead of evolving attack methods.

For latest tech stories go to TechDigest.tv