The numbers in TechRadar’s report are alarming: 36,000 automated scans per second is a clear sign that AI is now fully embedded in the attacker’s toolkit. While much of the industry is looking to AI as the next big thing in defence, the reality is it’s already being used to accelerate and scale cyberattacks, particularly Ransomware-as-a-Service.
Simon Pamlin, CTO of cyber security firm, Certes, comments, “Let’s be clear: AI isn’t transforming cybersecurity. It’s transforming cybercrime. AI is making cybercrime faster and more effective. But what it isn’t doing is protecting the data. And that’s where the real problem lies.”
Ransomware isn’t about disruption for the sake of it, it’s about leverage. Attackers want data they can lock, leak, or sell. If that data has value in their hands, then the business in question is at risk. So instead of focusing efforts on stopping attackers from getting in, which is becoming near-impossible, it is essential to make the attack itself pointless.
Simon continues, “That means devaluing the data. When data is protected, policy-controlled and context-aware, even after a breach, it loses its value to the attacker. There’s nothing to ransom, nothing to leak, and no leverage to be gained. This is the core of Data Protection & Risk Mitigation (DPRM). It’s not about building higher walls; it’s about rendering the prize inside worthless.”
AI has changed the speed and scale of threats, but not their intent. To shift the balance of power back to defenders, data needs to stop being treated as a sitting target, and instead become a dead end.
In a world of weaponised AI, the smartest move isn’t harder defence, it’s smarter data.
Because it’s still, and always is, about the data.
