Cloud breaches have seen a significant increase of 136% in the last six months, with North Korean hackers infiltrating 320 companies using AI-generated identities. The group Scattered Spider is now able to deploy ransomware in less than 24 hours. However, recent developments in the security industry, particularly showcased at Black Hat 2025, have introduced agentic AI as a solution that delivers tangible results rather than just promises.
CrowdStrike’s recent discovery of 28 North Korean operatives posing as remote IT workers within various organizations highlights the evolution of agentic AI in practical threat detection. The focus at Black Hat 2025 was on operational readiness and tangible outcomes rather than theoretical claims.
Security leaders are reporting increased efficiency in processing alerts and investigating threats, with improvements in mean time to investigate and resource utilization. The shift towards real-world outcomes and away from aspirational roadmaps is evident.
The agentic AI arms race has shifted from promises to production, with a focus on practical applications and results. Vendors are actively producing use cases and demonstrating the effectiveness of agentic AI in threat detection.
The North Korean threat has rapidly evolved, with FAMOUS CHOLLIMA operatives using AI throughout their operations to infiltrate organizations and obtain sensitive information. The sophistication of their operations has increased, requiring a robust response from cybersecurity teams.
Despite the advancements in AI technology, the human element remains crucial in cybersecurity operations. Agentic AI is seen as a tool to augment human analysts rather than replace them, emphasizing the importance of human insight and creativity in threat hunting.
Competition in the cybersecurity industry has shifted from features to results, with a focus on reasoning engines, action frameworks, and learning systems that continuously improve based on outcomes. Vendors are emphasizing operational excellence rather than just the presence of AI.
There are concerns about AI becoming the next insider threat, as organizations increasingly rely on AI for various tasks. Standardization and governance measures are being discussed to address this challenge, with a focus on securing AI agents themselves.
Overall, the cybersecurity landscape is evolving rapidly, with AI-driven attacks posing a significant threat to organizations. The importance of securing AI agents, collaborating on standards, and adapting to the fast-paced nature of cyber threats is emphasized.
In conclusion, the cybersecurity industry is facing new challenges with the rise of AI-driven attacks, highlighting the need for proactive measures to protect organizations’ core assets and maintain customer trust. Stay informed and prepared to defend against evolving cyber threats in today’s digital landscape.