CyberOne are proud to announce that we have become a founding signatory of the CREST Global AI Charter and the Nine AI Principles, a commitment to responsible AI use in cyber security that puts transparency, accountability and assurance at the centre of how we deliver security services.
But this isn't just about CyberOne signing a document, it's about acknowledging a reality that's reshaping our industry: AI has become both the most powerful weapon in the attacker's arsenal and the most critical tool in our defence.
Dominic List, CEO & Founder at CyberOne:
"AI represents one of the most transformative technologies of our generation. It's driving innovation at an unprecedented pace, enabling businesses to operate more efficiently and solve complex problems faster than ever before.
But with that power comes responsibility, AI is also being weaponised by threat actors to launch increasingly sophisticated attacks at scale. As defenders, we must embrace AI to stay ahead, but we must do so with transparency, accountability and a commitment to ethical standards.
That's why CyberOne is proud to be a founding signatory of the CREST Global AI Charter. It's not just about adopting AI, it's about doing it right."
The data reflects this urgency, Cloud Security Alliance (2026) reports that 73% of security leaders say AI-powered threats are already having a significant impact on their organisation, whilst 92% agree that AI-powered cyber threats are forcing them to significantly upgrade their defences.
Adoption is outpacing governance. 77% of organisations now run generative AI in their security stack, yet only 37% have a formal AI policy in place [Darktrace, 2026]. That gap represents real, measurable risk.
Philip Ridley, Director of Cyber Risk Management at CyberOne and CREST UK Council Member:
"The rapid adoption of AI in cyber security has created a governance gap that organisations can no longer afford to ignore.
AI systems behave in ways that traditional defences aren't designed to monitor, introducing new risks around data exposure, unauthorised actions and opaque decision-making. The CREST AI Charter provides a practical framework for responsible AI adoption, one that balances innovation with accountability.
For CyberOne, supporting these principles isn't just about compliance. It's about ensuring our clients can trust the AI-enabled security services we deliver, knowing they're built on a foundation of transparency, ethical standards and measurable outcomes."
The pressure isn't limited to enterprise. British Chambers of Commerce, 2026 data shows that 54% of UK SMEs are now actively adopting AI, up from 35% in 2025, 25% in 2024 and 23% in 2023. That's rapid growth by any measure.
The challenge is that adoption is running ahead of capability. The Department for Science, Innovation and Technology (DSIT), 2026 finds that 60% of businesses cite limited AI skills and expertise as a key blocker, whilst 71% haven't identified a clear use for AI in their organisation.
Mid-market businesses face the same security threats as enterprise organisations without the same resources to address them. CyberOne bridges that gap, delivering scalable, cost-effective Microsoft Security solutions that produce measurable outcomes, resilience, compliance and secure growth, without the enterprise price tag or complexity.
The threat landscape is shifting in a specific direction. The World Economic Forum, 2026 reports that data leaks associated with generative AI are now the top concern for 2026 at 34%, ahead of the advancement of adversarial capabilities at 29%. In 2025, those figures were reversed: adversarial capabilities led at 47%, with data leaks at 22%.
For security leaders, the picture is sharper still. Sensitive data exposure is the primary concern at 61%, with regulatory compliance violations close behind at 56%. Responsible AI governance is no longer a future consideration; it's a current operational requirement.
As a founding signatory, CyberOne is helping to define the professional standards that will govern responsible AI use across the global cyber security industry. In practice, that means four commitments:
The global AI security market is projected to grow from $24.3 billion in 2024 to $133.8 billion by 2030, at a CAGR of 21.9% [Grand View Research, 2025]. That scale of investment confirms that AI security is now a boardroom priority. The question for most organisations is no longer whether to adopt AI-enabled security, but how to do it without introducing new risk. That's the question the CREST AI Charter exists to answer.