How does cyber expert IBM think AI is advancing how security specialists are approaching cyber threats?
FRAUD & ID VERIFICATION
IBM X-FORCE
How does cyber expert IBM think AI is advancing how security specialists are approaching cyber threats?
The IBM X-Force Threat Intelligence Report dives into how the cybersecurity landscape has evolved in the face of emerging threats, specifically naming AI. Stating also that many compromises have been made due to“ lapses in cybersecurity hygiene”, it finds that new threats from AI are competing with existing issues such as weak authentication practices, misconfigured access control and insufficient vulnerability management were also cause for concerns.
These practices ultimately make financial institutions, among any business, more vulnerable to a cyber attack or data breach. The team at IBM utilise observations such as X-Force’ s tracking of nearly 40,000 vulnerabilities in 2025 to provide insights on how threat actors impact a business, their behaviour upon entry and how they get in.
“ Attackers aren’ t reinventing playbooks, they’ re speeding them up with AI,” notes Mark Hughes, Global Managing Partner for Cybersecurity Services, IBM.“ The core issue is the same: businesses are overwhelmed by software vulnerabilities.
“ Attackers aren’ t reinventing playbooks, they’ re speeding them up with AI”
Mark Hughes Global Managing Partner for Cybersecurity Services IBM
The difference now is speed. With so many vulnerabilities requiring no credentials, attackers can bypass humans and move straight from scanning to impact. Security leaders need to shift to a more proactive approach, using agentic-powered threat detection and response to identify gaps and catch threats before they escalate.”
The report highlights several features which can contribute to ineffective defense. The warning is clear – identity protection, secure configuration and visibility, cloud environments and development pipelines are“ central” to cyber resilience. By strengthening these areas, institutions can boost cyber resilience while attackers continue to refine tactics such as supply chain and credential-driven operations, ensuring they retain the most“ effective” defence.
122 May 2026