Key Takeaways:
- Attackers are increasingly exploiting trust by impersonating employees, contractors, and support staff to bypass authentication systems.
- High-profile tech companies like OpenAI, Microsoft, and Orange are stepping in to offer cybersecurity support to governments and vulnerable industries.
- Small and mid-sized businesses remain especially exposed, often lacking the resources or staffing to combat modern, AI-driven threats.
- AI is being used by both attackers and defenders, accelerating the arms race in cyber operations.
- The most effective strategies still start with people: training, verification, identity protection, and public-private collaboration.
Despite advances in firewalls, AI-based monitoring, and endpoint protection, the most persistent vulnerability in cybersecurity today remains human. People—not software—are the most commonly exploited point of entry for modern threat actors. And the latest developments across global cyber operations reflect a dual reality: attackers are adapting fast, and defenders must prioritize people as much as platforms.
Akshay Joshi, Head, Centre for Cybersecurity, World Economic Forum had some great thoughts on the matter in a detailed post.
The Rise of Impersonation-Based Breaches
Recent attacks highlight the creative and deeply human tactics now used to compromise systems. A cybercriminal group known as Scattered Spider has targeted airline and retail companies by impersonating internal support staff and contractors. They didn’t bypass systems with code—they called help desks, used insider lingo, and gained access through social engineering.
In one case, attackers gained access to a corporate network by convincing staff to reset credentials via phone, effectively bypassing multi-factor authentication. This reflects a growing shift: rather than trying to break software, attackers now study human behavior and use it against companies.
This form of social engineering is harder to detect and harder to defend. And it’s increasingly the tactic of choice among state-sponsored and financially motivated attackers.
Big Tech Steps Up
Recognizing the scale of the threat, major technology companies are stepping in to help close the growing gap between attackers and defenders.
OpenAI recently entered into a $200 million agreement to provide the U.S. Department of Defense with AI-based cyber defense solutions. Microsoft is offering no-cost cybersecurity services to European governments in an effort to shore up critical infrastructure. Meanwhile, Orange—the French telecom giant—has launched a homeland security division aimed at protecting public sector and municipal systems from digital threats.
These actions point to a broader trend: cybersecurity is no longer just a private sector concern. As cyber threats escalate in complexity and frequency, defending against them is becoming a matter of national and economic security.
Small Organizations, Big Risk
While large governments and corporations may benefit from high-end protection and partnerships, small and mid-sized organizations remain on the front lines with minimal defense.
Recent surveys show that over half of businesses in the UK experienced a cyberattack in the last year—up from just 16 percent previously. In the U.S., healthcare company Episource reported a breach that exposed personal health data for over 5 million people.
Many of these breaches occurred because companies lacked basic resources: they didn’t have a full-time cybersecurity expert, their systems weren’t patched, or staff didn’t recognize suspicious emails. This is where the human factor becomes most critical.
Nation-State Tactics Mirror Social Engineering Trends
Threat actors linked to North Korea and Russia have recently used social trust as an attack vector. Fake Zoom updates, forged emails from public agencies, and impersonated officials were all used to gain system access without writing a single line of exploit code.
This blending of old-school phishing with modern branding and AI-generated content (such as deepfake voicemails or cloned documents) makes attacks harder to spot and faster to execute. In many cases, it only takes one well-crafted message or phone call to open a door into otherwise secure systems.
These methods are especially dangerous when deployed against smaller organizations, city governments, or educational institutions—groups that often lack cyber-awareness training and dedicated response teams.
AI Arms Both Sides
Artificial intelligence is fueling both progress and peril in the cybersecurity world.
On the offensive side, cybercriminals are using AI to craft realistic phishing emails, voice mimicry, and social engineering scripts that learn from past interactions. AI can now personalize attacks at scale, making them both harder to detect and more effective.
On the defensive side, companies and governments are deploying AI to scan networks, detect anomalies, and initiate automated containment protocols when suspicious behavior occurs. Cybersecurity platforms are now integrating AI for faster triage, root-cause analysis, and predictive risk assessments.
The result is a cyber arms race—both sides using AI, but with very different goals.
What Companies Can Do Now
- Prioritize Employee Awareness and Training
One of the most effective defenses is education. Organizations should provide regular, realistic phishing simulations, social engineering training, and threat awareness sessions. These should be tailored to specific roles—technical staff, executives, and support workers each face different risks. - Reinforce Identity and Access Protocols
Multi-factor authentication is no longer enough. Companies should consider adding adaptive identity systems that factor in location, device behavior, and access patterns. Biometric verification or risk-based login prompts can prevent unauthorized access even when credentials are stolen. - Implement AI-Powered Detection Tools
AI-powered monitoring solutions can help detect subtle behavior changes and potential breaches before they escalate. These tools can also reduce alert fatigue by automatically filtering out false positives and escalating only the most relevant threats. - Engage with Vendor and Government Resources
Public-private partnerships are growing. Many technology companies now offer free or discounted services for nonprofits, municipalities, and small businesses. Connecting with these providers can provide access to threat intelligence, faster response capabilities, and expert guidance. - Invest in Resilience, Not Just Defense
No system is breach-proof. Organizations should assume compromise and build resilience through incident response planning, disaster recovery testing, and regular backups. Fast recovery often makes the difference between disruption and catastrophe. - Hire a Top-Rated IT Services firm with Cybersecurity Experience
The full time job of most hackers is trying to break into organizations like yours and the best way to stay secure is to ensure you have a talented IT team by your side.
The Bottom Line
Despite evolving technologies, most breaches still begin with a person—tricked, coerced, or unaware. Organizations that focus only on firewalls, software patches, and vendor solutions are missing a critical component: their people.
As attackers become more human-like in their tactics, defenders must do the same. That means investing in training, building a culture of security awareness, and viewing employees not as liabilities—but as the first line of defense.
Cybersecurity is no longer a purely technical issue. It’s a people issue. And the organizations that treat it that way will be the ones that stay protected in the long term.
Learn how AI Agents can supercharge your company’s profits and productivity at TMC’s AI Agent Event, Sept 29-30, 2025 in DC.
If you liked this post, you’ll love one of the the leading global business communications and technology events since 1999, the ITEXPO #TECHSUPERSHOW, Feb 10-12, 2026 Fort Lauderdale, Florida.
Don’t forget the collocated MSP Expo – just for managed service providers!
Aside from his role as CEO of TMC and chairman of ITEXPO #TECHSUPERSHOW Feb 10-12, 2026, Rich Tehrani is CEO of RT Advisors and a Registered Representative (investment banker) with and offering securities through Four Points Capital Partners LLC (Four Points) (Member FINRA/SIPC). He handles capital/debt raises as well as M&A. RT Advisors is not owned by Four Points.
The above is not an endorsement or recommendation to buy/sell any security or sector mentioned. No companies mentioned above are current or past clients of RT Advisors.
The views and opinions expressed above are those of the participants. While believed to be reliable, the information has not been independently verified for accuracy. Any broad, general statements made herein are provided for context only and should not be construed as exhaustive or universally applicable.
Portions of this article may have been developed with the assistance of artificial intelligence, which may have contributed to ideation, content generation, factual review, or editing







