A Cybersecurity Paradox: Even Resilient Organizations Are Blind to AI Threats

-


Organizations are underestimating the advanced technology's risks to the software supply chain, according to a new LevelBlue report.

While cyber-resilient organizations exhibit the necessary characteristics to address current and emerging threats, they may still be unaware of artificial intelligence (AI) risks.

Cyber resilience refers to an organization's ability to withstand, recover from, and adapt to threats while maintaining business operations. Cyber-resilient organizations focus on how quickly they can bounce back from attacks and minimize downtime and disruptions. Amid reports of data breaches, successful ransomware attacks, and system compromises, organizations that focused on cyber-resilience to employ defenses against AI-powered attacks are prepared for new threats, according to a new LevelBlue report published during RSAC 2025. They invested in supply chain security, advanced threat detection, higher leadership engagement, and social engineering awareness training, the report said. Most cyber-resilient organizations (94%) are investing in software supply chain security versus 62% overall.


These organizations have had zero breaches in the past 12 months, use AI to enhance security, and rely on integrated cybersecurity defenses.

"Leaders at resilient organizations understand that cybersecurity risk is business risk," says Bob Huber, CSO of Tenable. "They are able to adapt quickly to ensure continued operations and work with partners to surge resources as required. Above all, cyber-resilient organizations have leaders who are able to manage stress effectively while providing their teams the necessary resources and autonomy to execute effectively."


AI Security Still Needs Work

Software supply chain security is an ongoing but growing concern amid booming AI use that leads to more issues and vulnerabilities. While the report found that cyber-resilient organizations are investing in software supply chain security, many executives lack sufficient concerns around AI and what that could mean for the supply chain. Only 30% of executives agree that "AI adoption has caused greater risk to the software supply chain."   

"Organizations are underestimating how underregulated AI tools could pose a risk to their extended ecosystem," LevelBlue stated. "AI adoption is happening too fast for regulations, governance, or mature cybersecurity controls to keep pace, which increases an organization's attack surface area and risk. Our executives' confidence about implementing AI in spite of cybersecurity ramifications again suggests a disconnect."


Resilience Recommendations

Taking a proactive approach is another important characteristic of cyber-resilient organizations, says Tenable CSO Bob Huber. But developing both proactive and reactive strategies requires hard work, he adds. Efforts could include exposure management, thorough risk assessment, and inventory management.


When an attack occurs, prepared organizations can respond quickly and confidently because they regularly test and revise their playbooks to not only focus on incident response, but business continuity, disaster recovery, and crisis management as well.

Due to increased risks and threats introduced over the past few years, effective security postures require shared responsibility among all business leaders — it no longer falls only on the CISO. Security has expanded beyond fulfilling checkbox compliance requirements because companies must protect increasingly critical information and assets from a range of different threats.  

"One main characteristic of a cyber-resilient organization is full coverage of the enterprise, including endpoints and the network," says Chad LeMaire, deputy CISO at ExtraHop. "The network is especially important as threats can bypass endpoint protections, entering a secure environment under the guise of a legitimate user through a simple tactic like social engineering."


Like other experts in the industry, LeMaire stresses the importance of a proactive approach with clear incident response, business impact, and recovery plans in place. Cyber resilience means conducting security audits on hardware, software, vendors, and supply chain to help security teams stay ahead of vulnerabilities and provide time to address any associated risks.


Reference: https://www.darkreading.com/keyword/ciso-corner

Comments

Post a Comment

Popular posts from this blog

The Hidden Lag Killing Your SIEM Efficiency

-
Image
  If your security tools feel slower than they should, you’re not imagining it. Many IT teams blame their sluggish SIEM performance on query complexity or alert volume. But sometimes the real issue is much simpler: oversized input files quietly dragging your system down. Think about the last time you had to sift through a bloated PDF or an unoptimised log dump. Every unnecessary megabyte adds strain. Every redundant line eats up cycles. Your SIEM doesn’t just react to threats—it processes all incoming data, relevant or not. When it starts lagging, detection gets delayed, triage slows, and in the high-stakes world of threat response, even seconds count. We often focus on analytics and rule tuning, but upstream efficiency—what you feed into your system—deserves just as much attention. This article looks at how optimising your inputs unlocks downstream performance. Why Oversized Files Clog the Pipeline As data volumes grow, organisations face esca lating  data storage costs ,...
Read more

Critical Vulnerability in Veeam Backup & Replication Exposes Enterprises to Remote Code Execution

-
Image
Critical Vulnerability in Veeam Backup & Replication Exposes Enterprises to Remote Code Execution By : Rei Ibraima A newly discovered critical vulnerability in Veeam’s Backup & Replication software, designated as CVE-2025-23120, poses a significant security risk to enterprise environments. The flaw allows authenticated domain users to execute arbitrary code remotely, potentially leading to full compromise of backup infrastructures. About CVE-2025-23120 The vulnerability arises from an insecure deserialization issue within Veeam Backup & Replication components—particularly in the .NET classes Veeam.Backup.EsxManager.xmlFrameworkDs and Veeam.Backup.Core.BackupSummary. Improper input validation in these components allows attackers to inject malicious serialized objects that are executed on the server side, resulting in Remote Code Execution (RCE). This issue affects systems where Veeam Backup & Replication is deployed in a domain-joined configuration, which—while common—is...
Read more

CISA and ENISA enhance their Cooperation

-
Image
  The European Union Agency for Cybersecurity (ENISA) has signed a Working Arrangement with the Cybersecurity and Infrastructure Security Agency (CISA) of the US, in the areas of capacity-building, best practices exchange and boosting situational awareness. Geopolitics have shaped the cyber threat landscape, bringing like-minded partners closer together in the wake of common cyber challenges and advances in digital technologies. Today at the EU-US Cyber Dialogue, ENISA and CISA announced the signing of their Working Arrangement as an important milestone in the overall cooperation between the United States and the European Union in the field of cybersecurity, also following the Joint Statement of European Commissioner Thierry Breton and U.S. Secretary for Homeland Security Alejandro Mayorkas of January 2023. ENISA’s International Strategy directs the Agency to be selective in engaging with international partners and to limit its overall approach in international cooperation to those...
Read more