BT's Security Chief: Why AI Poses Such a Risk to Security
Global cyber attacks reached unprecedented levels in 2024, with ransomware attacks affecting organisations from healthcare providers to critical infrastructure operators.
Today’s cyber criminals are increasingly deploying AI-powered tools to automate attacks and identify system weaknesses, while organisations struggle to maintain adequate defences.
As AI continues to create new security vulnerabilities, BT Group – Britain’s largest telecommunications provider – has revealed it processes 2,000 signals of potential cyber attacks every second, equivalent to 200 million daily threats.
Tris Morgan, Managing Director of Security at BT, says the scale of threats means cyber security skills will become essential for businesses in 2025. “There is an existing stereotype that cybersecurity is too hard to understand. But you don’t need to be born a cybernaut to understand it, or even master it,” he says.
The warning comes as cyber criminals develop increasingly sophisticated tactics, including AI-driven phishing attacks – fraudulent attempts to obtain sensitive information by disguising as trustworthy entities – and malware, software specifically designed to disrupt computer systems.
AI creates new opportunities for cyber defence teams
According to Tris, the rise of AI is creating both opportunities and risks for corporate security teams. AI-powered learning platforms and no-code security tools, which allow users to create applications without writing code, will help address the skills shortage, he says.
He also predicts 2025 will mark a significant shift in how organisations approach cyber security training. Recent technological advances, including threat simulation systems that replicate real-world attacks, will enable more workers to develop cyber security expertise.
- BT detects 2,000 potential cyber attacks every second across its networks
- Daily cyber threat signals reach 200 million at BT's security operations
- Six critical layers identified for operational resilience: physical infrastructure, network, hosting, applications, data and staff
However, he warns that employees using AI tools on personal devices risk exposing sensitive corporate data. “Many businesses overlook risks when opting for convenience,” Tris says.
The proliferation of AI applications across business operations means companies must increase scrutiny of data storage practices. This becomes particularly critical as organisations adopt multiple AI technologies across different departments.
Operational resilience becomes business priority
Tris emphasises that operational resilience – an organisation's ability to maintain critical functions during disruption – must be central to business planning in 2025.
“Throughout these six layers, businesses should take stock, and work out how they should best respond to a breach, and be fit to face the unexpected,” he says, referring to the key areas of physical infrastructure, network security, data hosting, applications, data protection and staff training.
European regulations reshape corporate security landscape
New European Union regulations including the Digital Operational Resilience Act (DORA) and Network and Information Security 2 (NIS2) directive will force companies to strengthen their cyber defences, according to Tris.
DORA, which targets financial institutions, and NIS2, focusing on critical infrastructure operators, represent significant regulatory changes in the European cyber security framework. While compliance may expose organisational weaknesses, Morgan suggests these requirements will ultimately strengthen industry-wide resilience.
“Governments will play a pivotal role in shaping cybersecurity practices through regulations like the EU’s DORA and NIS2,” he says. “While these regulations will challenge businesses by exposing weaknesses, they will also help foster resilience across the industry.
Small business impact
The regulatory changes coincide with an increasing number of small and medium-sized enterprises (SMEs) moving to digital-first business models. These businesses face particular challenges as they often lack dedicated security resources while managing growing cyber threats.
The transition requires SMEs to develop comprehensive recovery plans and maintain strong digital hygiene – basic security practices including regular software updates and secure password management.
"Even small businesses transitioning to digital-first models will better understand the importance of digital hygiene and recovery plans to combat the growing threats," Tris says.
Technology solutions bridge skills gap
BT’s data indicates the scale of cyber threats continues to grow, highlighting the urgency for organisations to develop internal security capabilities. Tris believes technological advances will make security expertise more accessible across organisations.
“Recent advances in technology, such as AI-powered learning platforms, no-code/low-code security tools and threat simulation and detection systems, will help people to upskill, deepen their understanding and work in these domains. This means 2025 will be the year we crack the skills conundrum with the support of technology,” he says.
Explore the latest edition of Cyber Magazine and be part of the conversation at our global conference series, Tech & AI LIVE and Cyber LIVE.
Discover all our upcoming events and secure your tickets today.
Cyber Magazine is a BizClik brand
Company portals
- Moody's Warns that AI Cyber Arms Race Raises Risks for BanksTechnology & AI
- State of Supply Chain Security: Roundup of the Big HitsCyber Security
- How Mistral AI Drives Sovereign AI Adoption in ManufacturingCyber Security
- Fujitsu's Dual AI Deal: Claude for Defence & ChatGPT for OpsTechnology & AI