• Home
  • Blog
  • EVENT RECAP: From Risk to Resilience, Building Cyber Resilience in the Age of AI
Blog Banners
EVENT RECAP From Risk to Resilience, Building Cyber Resilience in the Age of AI
12:35

At CyberOne’s Risk to Resilience Live event, we tackled a core challenge for organisations: building resilience as threats become faster, more complex and increasingly shaped by AI.

AI is transforming both business innovation and cyber risk, security leaders now need to look beyond prevention. The real test is not whether every attack can be stopped, but whether the business can prepare, respond and keep operating when disruption strikes.

Whether facing AI-enabled threats, data exposure, supply chain risk or governance challenges, the message is clear: cyber resilience is now essential for business continuity.

Cyber Resilience Is the New Security Metric

Traditional cyber security has focused on prevention: protecting assets, stopping attacks and deploying controls. These steps are still vital, but they are no longer enough on their own, the focus is shifting towards resilience. That means asking more business-focused questions:

  • Can critical services continue operating during a disruption?

  • Has the organisation tested its response plans?

  • Does the business understand its key suppliers and dependencies?

  • Can resilience be demonstrated to boards, regulators, customers and stakeholders?

“The boardroom conversation has changed. Security is no longer just about whether an organisation has the right technical controls in place. It is about whether the business can survive, recover and continue operating when things go wrong.  The question is no longer simply, are we secure? It is, can the business survive and recover?”

- Phil Ridley, Director of Cyber Risk Management, CyberOne

This shift reflects a more realistic view of cyber risk. Incidents are not always avoidable, but their impact can be reduced when organisations prepare properly, act quickly and understand what matters most to the business.

AI Is Changing the Speed and Scale of Cyber Risk

AI is Changing

AI was central to the discussion, whilst it brings new opportunities for productivity and innovation, it is also changing the economics of cyber attacks.

Capabilities that once needed specialist skills are now widely accessible. Threat actors use AI to scale reconnaissance, improve phishing, automate attacks and find new ways to exploit weaknesses.

This changes the reality for defenders.

With attacks moving at machine speed, organisations cannot rely on slow, manual processes. Security teams need stronger visibility, faster response and the ability to use AI defensively to cut noise, analyse telemetry and prioritise action.

AI is no longer just a tool, in some environments, it is becoming an actor. As AI agents start making decisions and taking action, organisations must address governance, accountability and control.

Security-First AI Transformation Starts with the Foundations

Jose Lazaro, Technical Manager for Security and AI Solutions at Microsoft UK and Ireland, highlighted that successful AI adoption must start with a security-first approach.

As organisations move into the agentic era, AI is becoming a new operating reality for security teams. Microsoft’s Zero Trust approach connects identity, access, data protection, endpoint security, cloud apps, workloads and telemetry, helping organisations build the foundations needed to adopt AI safely.

Jose outlined four major AI security challenges facing organisations:

Organisations Face Numerous Security Challenges When Adopting AI​

 

These risks show why AI adoption cannot be separated from identity, data governance and compliance. Before scaling tools such as Microsoft Copilot or AI agents, organisations need to delete obsolete data, restrict repository access, create DLP policies and apply sensitivity labels.

“For a successful AI transformation, you need to build the security foundation first. Once those pillars are in place, you can innovate with trust and enable people to use AI safely.”
— Jose Lazaro, Technical Manager for Security & AI Solutions, Microsoft UK and Ireland

 

The key takeaway: AI can unlock major productivity gains, but only when organisations have the visibility, controls and governance to manage it securely.

Data Security Is the Foundation for Safe AI Adoption

AI adoption depends on data, this makes data security a critical pillar of cyber resilience.

Before organisations can safely adopt tools like Microsoft Copilot or agentic AI, they need to know what data exists, where it sits, who can access it and how it is protected. If data is classified or accessible to the wrong users, AI can surface that risk at speed. In many cases, AI does not create the weakness. It exposes existing gaps in access control, governance and data management.

To adopt AI securely, organisations need to focus on the fundamentals:

  • Understand where sensitive data is stored.

  • Restrict access to critical repositories.

  • Apply sensitivity labels

  • Create and enforce data loss prevention policies.

  • Remove obsolete or unnecessary data.

  • Monitor how users and AI tools interact with information.

The quality and safety of AI outputs depend on the quality, relevance and security of the data available. If old, unnecessary or overexposed data remains, AI can amplify the risk.

Shadow AI Creates a New Governance Challenge

Another key topic was shadow AI; employees are already using AI tools to work faster, summarise information and support day-to-day tasks. If organisations do not provide safe and approved routes for AI adoption, users may turn to unsanctioned tools.

This creates a significant governance challenge. Sensitive business information may be copied into external AI platforms without proper controls, visibility or oversight.

Blocking innovation is not the answer, AI is already part of daily work. Organisations need to make secure adoption easier by providing approved tools, clear policies and practical guardrails.

This includes understanding which AI applications are being used, assessing their risk, blocking high-risk tools where necessary and guiding users towards secure enterprise alternatives. The goal is to enable productivity without losing control of data.

Supply Chain Resilience Needs to Go Beyond Questionnaires

Supply chain risk remains one of the biggest challenges for organisations.

Businesses rely on cloud providers, SaaS platforms, managed service providers, identity tools, software vendors and third-party services. These relationships drive efficiency but also create dependency.

The discussion highlighted an important shift in thinking. The question is no longer simply, “Have we assessed our suppliers?”

The better question is:
“What happens if a critical supplier fails?”

A supplier outage, breach or operational failure can create a cascading impact across the business. This means organisations need to identify critical dependencies, assess operational impact and test contingency plans.

Supplier risk management should not be a once-a-year questionnaire exercise. It should be part of a wider resilience strategy that helps the business understand how it would continue operating if a key third party were unavailable or compromised.

AI Governance Must Balance Innovation & Control

AI adoption is one of the biggest opportunities for transformation organisations have seen in years. However, successful adoption depends on more than technology.

A recurring theme was the need to balance innovation with governance.

Organisations need to allow teams to experiment with AI, build fluency and identify practical use cases. At the same time, they need to ensure that AI is being used safely, responsibly and in line with business risk appetite.

This requires collaboration between technology, security, operational and business teams. AI should not be treated as another isolated IT initiative, it needs to be connected to business outcomes, risk management and wider organisational strategy.

The organisations that succeed will be those that create safe environments for experimentation, while maintaining control over data, access, compliance and accountability.

Human Expertise Still Matters in an AI-Driven SOC

AI plays a powerful role in security operations. It can help analyse large volumes of data, identify patterns, reduce alert fatigue and accelerate first-line triage. However, AI does not remove the need for human expertise.

Human Expertise Still Matters in an AI-Driven SOC

In the SOC, the best model is not AI replacing people. It is AI supporting skilled analysts so they can focus on higher-value work. AI can provide speed and scale, but humans bring context, judgement and wisdom.

This is particularly important when incidents involve sensitive data, complex business environments or decisions that require accountability. AI can help security teams move faster, but people remain essential to interpreting risk, validating action and making decisions that align with business priorities.

Incident Response Must Be Built for Speed

The threat landscape is also changing how organisations need to think about incident response.

As AI lowers the barrier to entry for cyber criminals, attack activity is likely to become faster, more frequent and less predictable. Instead of relying only on well-known ransomware groups or branded threat actors, organisations may face more fragmented and opportunistic attacks.

This makes speed of response critical.

Organisations need to know what to do before an incident happens. Response plans must be tested, roles must be clear and teams must understand how to act quickly when a disruption occurs.

Resilience also means accepting that something will go wrong, the priority is to reduce impact, restore operations and keep the business moving.

Physical Security &Cyber Security Share the Same Principles

The discussion also explored the parallels between physical security and cyber security. Whether protecting people, events, systems or data, the same principles apply: preparation, communication, intelligence, trust and calm decision-making.

Strong security is not only about what happens during the incident. Much of the value comes from the planning, risk assessment, scenario testing and coordination that happen beforehand.

This is directly relevant to cyber resilience. Organisations need to prepare for realistic scenarios, understand their vulnerabilities and test how teams respond under pressure.

Resilience is built through preparation, not panic.

What Security Leaders Should Prioritise Next

For security leaders, the next phase of resilience should focus on several core priorities.

  • Secure the foundations: Identity, endpoint, cloud, email, data and monitoring controls need to be properly configured and integrated.

  • Understand the data: Organisations need visibility of sensitive information, how it is accessed, where it is shared and how it is protected.

  • Govern AI adoption: Businesses need clear policies, approved tools and practical guardrails that enable innovation without increasing unnecessary risk.

  • Test response plans: Incident response, supplier failure scenarios and business continuity processes should be exercised regularly.

  • Bring security into the business conversation: Cyber resilience is not just a technical issue. It is about operational continuity, customer trust, regulatory confidence and business performance.

Five Key Takeaways From Risk to Resilience

  1. Resilience is now a board-level metric. Organisations must be able to show how critical services will continue and recover during disruption.
  2. AI changes the speed of both attack and defence. Security teams need AI-enabled defences to respond to machine-speed threats.
  3. Identity and data controls are essential foundations. MFA alone is not enough, and AI adoption without data governance increases risk.
  4. Agentic AI needs clear ownership and oversight. Agents require identity, access control, monitoring, lifecycle management, and accountability.
  5. Preparation beats improvisation. Realistic testing, collaboration, and clear communication are what allow teams to respond calmly under pressure.

Final Thoughts

AI is reshaping cyber security, but it is also reinforcing a familiar truth: resilience depends on preparation.

Organisations cannot control every risk, supplier failure, emerging threat or AI-driven attack. But they can control how prepared they are, how quickly they detect what is happening and how effectively their teams respond.

The organisations best placed to succeed will be those that combine secure foundations, strong data governance, AI-enabled defence and human expertise.

In an AI-driven threat landscape, cyber resilience is no longer optional. It is the foundation for business trust, continuity and growth.

Take the Next Step Towards Resilience

If you would like to receive the resources from Risk to Resilience or speak to CyberOne about how these topics apply to your organisation, we would be happy to help.

Get in touch with CyberOne today.

Event Gallery

image-20260624-135340-6151b971_8842
image-20260624-133547-00514297_7239
image-20260624-155838-1e3244de_5888
image-20260624-132946-6915a84e_5157
image-20260624-162134-8138ed7b_3278
image-20260624-131506-b244913a_1970
Share this post

Related Articles