I’ve been writing about IT and cybersecurity for more than 10 years and while the goals are the same—keeping systems up and keeping data safe—it’s hard to overstate how much the last few years have changed the game.
Ransomware is still around, phishing is still around, but the persistence and resources in the hands of attackers have grown tremendously in recent years.
5 Years is a long time in the world of security
In 2021, IT leaders were focused on prevention, detection, and identity-focused protection. You might remember chatter about Zero Trust Architecture and Managed Detection and Response—and there are some tools that prevailed back then which are only becoming more valuable, like Multi-Factor Authentication.
IT leaders were beginning to warm to the idea of segmenting out assets in a company’s technology portfolio, and protecting them individually (and this reasoning has only grown).
We were still in the throes of the pandemic, and remote work was still a fairly new concept to many employers. It was a time when, suddenly, a much larger share of the market had to fall in line quickly with cloud technology solutions, and find ways to help their staff access critical data from anywhere, safely.
So, what has changed?
We’re still interested in many of the tools that were relevant back then:
- Cybersecurity training
- SaaS data backup
- Enhanced email security & scanning
- Password management
- Multi-factor authentication
You’ve probably already guessed the big missing piece from all this: AI has dramatically changed the way attackers attack, and the way defenders (like us) can defend.
AI changes everything
Artificial intelligence via LLMs is making enormous strides it the way people interface with technology every day, and as I’m sure you’ve seen, it has become easier than ever to impersonate humans and mask identity. The reliability and believability of phishing attempts (using voice impersonation, deepfake imagery, and improved copywriting) have leaped forward at breakneck speed, and with machines doing the work, it has made a coordinated attack the easiest that it’s ever been for a skilled attacker.
Many people are already using AI to draft their business emails by choice—so what happens when we receive a well-written email from an attacker also using AI to draft their words? You can guess.
To get a better picture of this, I shared a conversation with Director of Service Delivery Jamey Wofford to get his perspective on where things stand in 2026.
What’s our “base level” of cybersecurity in 2026?
It’s no surprise that AI has been the massive driver of these changes, and it affects both the ways that attackers operate and the way that IT leaders are able to combat them.
The basis for most attacks has remained the same: we’re still seeing malware, like ransomware, attempt to reach systems but attackers now have AI bots at their disposal to tackle giant, tedious pieces of the process that wouldn’t have been possible before. There’s less luck involved in making your attacks when your AI tools can scrape massive data sets, identify the best targets, and make precision strikes on those individuals for the best return-on-investment.
Attack techniques have advanced as well. On the technical side, we’ve seen the rise of “polymorphic malware,” which can adapt in real time to defense controls that it encounters while trying to breach a system. On the human side, you can also imagine how much better a large language models (LLM) can be at generating realistic personalized phishing emails.
All of these tactics result in a much faster timeline, from the attacker’s point of view. Newmind Director of Service Delivery Jamey Wofford notes that in the past, some of these attacks used to take days, weeks, or even months in order to do the necessary recon and launch an attack on a worthy target. Most attacks today average around 25 minutes to achieve the same result.
What steps are we taking to fight back?
For us, it means developing a layered approach to cybersecurity.
User Awareness
Keeping end users trained and prepared remains the first and last line of defense that we focus on. We’ve had a good success rate with tools like NINJIO to bring some element of fun and humanity to the learning process. Creating incentives for completing training sections can be a good way to keep your team on track.
Next-Gen Security Tools
This may sound broad, but the best way to protect yourself on the technical side alone is by keeping your security tools at pace with these types of advances in cyberattacks. When you see the term next-gen cybersecurity in the wild, that often means moving beyond the older “signature-based” detection models of security. Security providers are creating tools that use AI to provide big-picture, holistic protection over your systems, tracking unusual patterns for “indicators of compromise” (IOCs). We think of this as using AI in order to fight fire with fire.
Invest in Your Team
There’s a common concern among business owners about return on investment (ROI) for security tooling and training and it’s our believe that you should view these things as dependent on the ROI of everything else that your organization produces. The money you invest in security is like an insurance policy for all of the other investments you’ve made.
Are you interested in bolstering your team’s security, but not sure where to start? We’d love to have a conversation with you but you can also get started by taking a look at our Cybersecurity page and seeing what types of tools we offer. Stay safe out there.