Don’t be distracted by AI – fundamental cyber skills are still key | usagoldmines.com

The hype around generative AI (GenAI) is impossible to ignore in most industries, and cybersecurity is no exception. The potential for cybercriminals enhancing their attacks with AI looms large in industry discussions. At the same time, the security world is gripped by the promise of faster, smarter defenses, from AI-powered EDR to co-pilot-enabled SOC teams.

But here’s the uncomfortable truth: none of it matters if your patching is months out of date, your cloud assets are misconfigured, or your employees freeze under pressure. The security fundamentals are still what really makes the difference in preventing a breach.

While security teams race to bolt on the latest GenAI tools, basic cyber hygiene is in danger of being overlooked.

So how can organizations ensure their cyber skills are up to the challenge in the age of AI?

GenAI is making the basics more urgent – not obsolete

It’s easy to assume that the widespread use of GenAI requires an entirely new approach to security and it’s undeniable that AI-assisted threats are evolving fast. But the real danger isn’t that GenAI changes the game, it’s the way it accelerates the same tactics that already work.

Attackers are primarily using GenAI to scale up familiar playbooks. Social engineering, reconnaissance, and privilege escalation aren’t new, they’re just happening faster and at greater volume.

In many cases, using AI tools can also be a security risk in and of itself. Immersive’s research found that 88% of users could fool a GenAI system into leaking sensitive information, with the machines being surprisingly vulnerable to human psychological tricks. As with any other software tool, misconfigurations and poor access controls also expose GenAI to greater exploitation.

Rather than replacing hygiene, GenAI makes it more essential. If anything, organizations need to double down on the fundamentals.

Cyber hygiene is still the frontline defense

The security landscape may be changing rapidly, but the fundamentals aren’t. Most breaches today still stem from issues that are entirely preventable: an unpatched server, a poorly configured firewall, an admin account with excessive privileges. These aren’t sophisticated zero-days that require experienced threat actors to exploit. They’re hygiene failures.

Yet too many organizations treat cyber hygiene as a legacy concern, something solved once they’ve rolled out the latest AI-powered tools. That mindset is dangerous because hygiene fundamentals aren’t something you graduate from; they’re the baseline that allows advanced defenses to function effectively.

If core defenses such as access permissions and configurations are weak, AI-powered tools are just watching the breach happen in high definition. Security starts with doing the basics well and doing them consistently.

Why poor training is the real weak link

If your security fundamentals are slipping, it’s worth asking: is the problem your tools, or your training?

For most organizations, it’s the latter. Legacy training still dominates, often reduced to short videos and multiple-choice quizzes that check boxes but fail to build capability.

The issue isn’t that people don’t care about security. It’s that they’ve been taught to memorize, not to respond. Training is too often generic, passive, and disconnected from the reality of a live incident. As a result, critical cyber hygiene habits like patch management or recognising phishing attempts fall apart in the moments they matter most.

These issues are intensified when a crisis rears its head. It’s no surprise that teams struggle to respond under pressure, because most have never been given the chance to prepare in a meaningful way.

If we want better outcomes, we need to stop blaming individuals and start fixing the systems that fail to prepare them. No amount of AI will compensate for a team that doesn’t know what to do when the alert goes off.

Drills build muscle memory and enforce hygiene

We wouldn’t expect someone to be ready to fight a fire or fly a plane just because they’d watched a video and taken a quiz, and the same is true for responding to a cyberattack.

This is where cyber drills come in. Unlike traditional training, drills place people in realistic, high-pressure scenarios where they must act, not just observe. They test judgment, coordination, and the ability to follow protocols under stress. Crucially, they reinforce both crisis handling and the importance of essential cyber hygiene through repetition and lived experience.

Cyber drills also expose weaknesses that would otherwise remain hidden. A playbook that looks perfect on paper might collapse under real-time pressure. A confident team might struggle when roles blur in the heat of an incident.

Real cyber readiness isn’t achieved through once-a-year compliance exercises, it’s built into the daily rhythm of how teams work, communicate, and make decisions. That requires more than technology. It takes culture.

Don’t bet everything on the shiniest tools

GenAI is continuing to change the security landscape in unpredictable ways, but it hasn’t changed the fundamentals. Most breaches still come down to human error and poor hygiene, regardless of the tools surrounding them.

Advanced tools won’t protect you if your team isn’t ready. True cyber resilience means training for the basics, testing under pressure, and building a culture where readiness is second nature.

We list the best endpoint protection software.

This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro