Why effective cybersecurity is a team effort | usagoldmines.com

It’s been 35 years since the first ever documented ransomware attack. Known as the AIDS Trojan, it was released via floppy disk in 1989, long before most people even had a personal computer. However, since then, not only have PCs become ubiquitous in people’s homes around the world, but the volume and variety of cyber-attacks have also grown exponentially, turning cybercrime into a trillion-dollar industry.

Fortunately, cybersecurity experts haven’t stood idly by as the cybercrime industry has exploded. Cybersecurity tools and techniques have also grown and evolved at an incredible pace, enabling individuals, businesses, and nation-states to build robust countermeasures and defenses against the onslaught they face on the digital battleground.

Cybercrime continues to grow at an alarming rate

Since the very first deployment of the AIDS Trojan, the number of cyber-attacks taking place every day has risen at an alarming rate. In its 2024 Digital Defence report, Microsoft stated that its customers now face around 600 million cyberattacks daily, ranging from small-scale attacks carried out by rogue individuals to huge multi-target attacks conducted by state-sponsored attackers.

Organized ransomware groups are also on the rise, with specialist companies actively tracking 73 groups on the dark web in 2025, compared to just 46 groups last year, representing a 56% increase YoY.

The rise of AI-powered cyber attacks

The type of attacks taking place continue to evolve at a rapid rate too, as criminals quickly harness emerging technologies to open new attack vectors and methods. A great example is the arrival of commercial generative AI tools, which have enabled even low-level cyber criminals to start performing much higher-level attacks than were previously possible.

A recent assessment by the National Cyber Security Centre (NCSC) stated that all types of cyber threat actors – state and non-state, skilled and less skilled – are already using AI to varying degrees. In particular, the technology is ‘providing capability uplift in reconnaissance and social engineering, almost certainly making both more effective, efficient and harder to detect’. The 2024-2025 Hacker Powered Security Report found that almost half (48%) of security leaders now view generative AI as one of the most significant risks facing their organizations today.

How organizations are fighting back with ethical hacking

In the face of such a hostile cyber landscape, many organizations are unsure how to go about keeping their data safe, particularly those with only small internal security teams and limited resources. Fortunately, there’s an incredible community of specialist security researchers that organizations can work with to augment internal efforts and ensure robust measures are in place. In fact, a growing number of businesses have started to engage with independent security researchers to vigorously test their applications, networks and other systems for vulnerabilities before they can be exploited by criminals.

These professionals use a variety of techniques to carry out their work, many of which mirror the very methods used by criminal actors. However, the difference is that security researchers use them solely within a legal and pre-agreed/authorized context rather than a malicious one. Some examples of methods used include automated and manual vulnerability scanning to detect known weaknesses, penetration testing to simulate real-world attacks, and meticulous code reviews to spot vulnerabilities and programming errors.

They may also further leverage fuzzing techniques to test software with random inputs and employ reverse engineering to dissect software’s inner workings and uncover hidden vulnerabilities. In particular, demand for penetration testing has risen significantly in recent months, with a 67% increase over the past year. These tests uncover an average of 12 vulnerabilities per engagement, with 16% classified as high or critical, demonstrating just how effective they can be in detecting critical vulnerabilities.

AI also presents significant opportunities to cyber professionals

While Generative AI is seen as a top threat by security leaders, it also presents exciting opportunities for cybersecurity professionals. Just as threat actors are learning how to use AI to enhance their attack capabilities, security researchers are also leveraging AI tools and techniques to aid their defense strategies. It has already become a significant tool for writing code and proactively uncovering vulnerabilities that would otherwise be missed. In fact, according to the recent Security Report, nearly 10% of security researchers now specialize in AI to meet the growing demand for AI testing engagements.

Government support remains vital

Of course, all cybersecurity strategies are only as strong as their weakest link, which is why government support remains critical to overall success. National and international regulations, such as the Data Protection Act 2018 and the more recent General Data Protection Regulation, remain amongst the most important factors in ensuring all organizations follow strict data protection principles and are held to account in the event of a breach.

Governments and state agencies have begun enhancing their collaborative efforts to combat the cross-border operations of ransomware and cybercriminal gangs. Additionally, they are implementing vulnerability reward programs to encourage responsible reporting of security vulnerabilities, which helps to reduce the overall threat landscape. That being said, any legislation must tread a fine line between upholding standards and not hindering business productivity, otherwise, the willingness for organizations to remain compliant starts to diminish, negatively impacting all involved.

The cybersecurity landscape is more hostile than ever before, with organized criminal groups quick to utilize emerging technologies like Generative AI for malicious purposes. Fortunately, security researchers leading the fightback are also highly adept at harnessing these technologies alongside tried and trusted methods to ensure robust protections remain in place. Modern cybersecurity is a team effort, and it is only by working together that businesses can maintain the upper hand in this ongoing game of cat and mouse.

We’ve made a list of the best identity management software.

This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro