AI & Human Intelligence: The Best Defence Against Cyber Threats

A Recap from CyberOne's AI Webinar

In a recent CyberOne webinar, Luke Elston, Microsoft Practice Lead and Lewis Pack, Head of Cyber Defence, explored how Artificial Intelligence (AI) transforms the cyber threat landscape and the tools used to fight it. While AI introduces new capabilities—and new risks—it’s clear that real protection still requires human oversight, critical thinking and experience.

The Rising Tide of Cybercrime

The session opened with a stark reality check:

• Cybercrime now generates a staggering $9.2 trillion annual economic impact, making it the third-largest global economy. This figure is astonishing—it’s growing at 15% annually.

Yet organisations are struggling to keep up.

• The cyber security industry faces a massive skills shortage, with over 5 million roles unfilled worldwide.

This creates an imbalance between threat and defence, explaining why many attacks go undetected until too late.

AI: A New Risk Frontier

Another trend highlighted was the surge in “Bring Your AI” (BYOAI).

• 78% of employees use external AI tools without formal approval or oversight.

This introduces new vulnerabilities and unsurprisingly:

• 57% of organisations have reported increased security incidents.

Compounding this:

• 60% of organisations have yet to implement AI-specific security policies.

This unchecked usage of generative AI introduces significant vulnerabilities. Attackers are capitalising on this gap, using AI to gain scale, speed and stealth in their campaigns.

AI in Defence: More Than Just Speed

While it introduces new challenges, AI offers substantial benefits when used effectively. 

• It works tirelessly 24x7
• Can sift through millions of data points
• Predicts threats before they materialise
• Reduces false positives and alert fatigue

Luke described AI as a “force multiplier,” enabling faster threat detection, improved signal-to-noise ratios and predictive capabilities. It never tires, processes huge volumes of data in real-time and reduces false positives—freeing human analysts to focus on strategic actions rather than alert fatigue.

Combined with human intelligence, this creates a highly adaptive defence capability—blending instinct, judgement and automation.

The Skills Gap and Rise of Hybrid Roles

As AI becomes embedded in modern security tools, the demand shifts toward hybrid roles that blend cyber security fundamentals with AI literacy. The speakers noted a growing need for skills like prompt engineering, AI-driven threat hunting and adversarial AI awareness—especially in tools like Microsoft Security Copilot.

This isn’t about replacing cyber professionals. It’s about upskilling and empowering them to evolve with the tools they now use daily.

Generative AI: Double-Edged Sword

Drawing attention to the dark side of generative AI, threat actors increasingly use this powerful technology to create sophisticated and convincing phishing attacks, deepfakes and malware.

Shared examples included:

• Phishing emails were indistinguishable from genuine internal communication
• Voice and video deepfakes mimicked executives
• Polymorphic malware changed its code to evade detection

This evolving threat landscape means detection alone isn’t enough—contextual analysis and human oversight are now vital.

Real-World Threat Scenarios

The webinar discussed real-world incidents to highlight how AI is actively being weaponised. This included:

• Imitate senior executives in Business Email Compromise (BEC) scams
• Conduct large-scale, AI-powered reconnaissance
• Launch coordinated attacks across multiple vectors with unprecedented speed

Why Humans Still Matter

Humans still outperform AI in critical thinking, empathy, creativity and communication.

AI isn’t replacing your team; it’s enhancing their impact.

Crucially, AI is still bound by its data. It can’t always explain why it made a decision, nor can it consider broader business risks or strategies.

AI Enables Security Teams to Predict. Not Just React.

CyberOne’s experts stressed the importance of AI-powered pre-breach strategies to proactively defend against evolving threats.

These include:

• Automated attack surface management
• AI-enhanced threat hunting
• Zero Trust architectures
• Phishing prevention and deception
• Dark web monitoring
• Secure-by-design infrastructure

This proactive stance is essential for resilience, especially as threat actors continue to automate and scale their attacks.

The Ethical Boundary

One of the most thought-provoking parts of the session touched on AI’s lack of ethical judgment.

Unlike humans, AI doesn’t consider fairness, privacy, or proportionality. It simply optimises for outcomes—without a moral compass.

Organisations pairing AI and Human Intelligence unlock a truly resilient cyber security model.

From Insight to Action: The CyberOne Approach

Human defenders excel at interpreting why something is happening, not just what is happening.

This understanding helps distinguish a harmless anomaly from a strategic insider threat. It also enables humans to adapt in real-time, especially during “low and slow” attacks that AI might miss due to the lack of obvious patterns.

CyberOne combines the speed and scalability of AI with the intelligence and judgement of experienced analysts. Our Managed eXtended Detection and Response (MXDR) service leverages Microsoft Security’s tools while their experts interpret the data, investigate threats and take decisive action.

AI Poll Pulse Check: What Attendees Told Us

During the webinar session, we asked attendees to share how their organisations are approaching AI in cyber security.

1. Does your organisation currently have a policy governing the use of AI tools?

2. How would you describe your organisation’s current use of AI in cyber security operations?

3. What best describes your organisation’s biggest cyber security challenge today?

Here’s what we learned:

• AI Governance is Inconsistent: Only 38% of attendees reported having a formal, enforced policy governing AI tool usage. Another 33% said they have an informal or evolving policy, while 29% had none at all—though some plan to implement one.

• AI Adoption is Varied: 42% of participants have moderately or extensively integrated AI into their cybersecurity operations. However, 32% are still in early stages or not using AI at all, highlighting a wide maturity gap across organisations.

• Top Security Challenge? Resources. When asked about their biggest cybersecurity challenge, 38% cited limited internal resources or expertise. This was followed by lack of visibility (31%) and the growing complexity driven by digital transformation and AI (15%).

Learn More

CyberOne is offering on-demand access, whether you’re a Security or IT leader or business stakeholder, this session is a must-watch.

Watch:  "AI & Human Intelligence: The Best Defence Against Cyber Threats" On-Demand Webinar

View & Register: CyberOne's Upcoming Events & Webinars