Understanding cyber resilience in the age of internal threats, AI, and emerging data loss risks
Date:
Wed, 08 Jul 2026 14:03:03 +0000
Description:
As AI adoption accelerates, organizations must prepare for emerging data loss and recovery risk.
FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter External cyberattacks, especially ransomware , are now viewed as a matter of when, not if.
Its no wonder they dominate cybersecurity discussions and make frequent headlines. IBMs 2025 Cost of a Data Breach report found that the average global cost of a data breach stands at $4.4million, underscoring why the threat of an attack keeps business and IT leaders up at night. Latest Videos From Watch full video here: Stacy Hayes Social Links Navigation
Chief Strategy Officer at Assured Data Protection. But they represent only
one side of the data risk landscape. Whats less understood and often underestimated are the internal threats that can be just as disruptive and damaging.
From simple employee errors to deliberate insider actions, and even the unintended consequences of generative AI tools, these risks pose serious challenges for every organizations data security strategy. You may like When cyberattacks are inevitable, recovery becomes the strategy In the age of AI-based threats, zero-trust is no longer enough The biggest cyber threats businesses face in 2026 Human Error and Malice Human error remains one of the most persistent vulnerabilities in cybersecurity . In fact, 2024 research found that the human element played a role in 68% of breaches, ranging from simple mistakes to social engineering and misconfigurations. Ignoring this reality leaves a critical gap in any security strategy.
Human error isnt the only internal risk. Insider threats - both intentional and negligent - represent a growing portion of todays breach landscape. In fact, 83% of organizations experienced at least one insider-related incident last year. Whether its a disgruntled employee exfiltrating data or a staff member mistakenly over-provisioning access, incidents involving trusted credentials are notoriously difficult to detect and recover from. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting
your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
Whether its accidental human error or deliberate insider attacks, the first step to reducing these types of risks is to acknowledge that the weakest link in any cybersecurity chain is people. Even the most advanced internet
security infrastructure can be compromised by a single careless mistake or a trusted user with bad intentions. Creating a culture of continuous education mixed with accountability can mitigate some of these threats.
Reducing privileged access to only what is necessary can also significantly lower the risk of employee caused data leaks. However, organizations should always assume that human errors will occur and prepare accordingly. User and Entity Behavior Analytics (UEBA) plays a critical role in identifying suspicious activity that may indicate insider threats.
By flagging anomalies such as unexpected data transfers or unusual access patterns, UEBA enables security teams to respond swiftly before significant damage occurs. What to read next Whats keeping IT leaders up at night in the AI era? Why cybersecurity needs hybrid AI, not platform consolidation Who decides when a cyber AI tool is safe to deploy?
Just as important is having strong technical safeguards in place. These act
as a critical safety net when human controls fail. For example, its important to verify that automated backups are running efficiently and include all data sources, such as cloud applications and endpoints.
This can ensure that no critical data is left unprotected or overlooked in
the event of a disruption or breach. These backups need to be immutable and tamper-proof, so that even a rogue insider cannot alter or delete recovery points. The AI Conundrum While AI promises a boost to productivity and innovation, it also brings with it new threats. As an example, the rise of AI co-pilots and agents in various workflows such as coding, writing and data analysis widens the attack surface. For AI to operate efficiently, it
requires access to sensitive internal data such as documents and proprietary systems, which means that the slightest oversight in access permissions and data governance can severely cost an organization.
This is not going unnoticed. The U.S. National Institute of Standards and Technology (NIST) states in its AI Risk Management Framework that AI models may leak, generate, or correctly infer sensitive information even data not explicitly included in the input, through memorization, adversarial attacks, or by combining disparate sources.
This concern is echoed in the private sector, with over 80% of security leaders expressing concern that generative AI could leak company secrets, and security experts warning that only 24% of generative AI initiatives are fully secured. Furthermore, a staggering 90% of organizations report a lack of adequate security standards to defend against AI-centered threats. Gartner predicts that by 2027, more than 40% of AI-related data breaches will be caused by the improper use of generative AI.
So how can enterprises continue to implement the evolving world of AI into business processes while ensuring it doesnt open the door to a bevy of cyberattacks? The first step is to treat AI agents as part of the threat model. The same security principles that are often implemented to traditional IT environments need to be applied to AI implementation - zero trust, data minimization, encryption , segmentation, etc.
AI agents need to be viewed as tools with privileged access, and handled accordingly. The data that is being fed into these AI agents needs to be reviewed and cleaned-up, including removing outdated or overly sensitive
files from training sets and ensuring only approved data sources are
utilized.
Close monitoring and keeping a log of all AI interactions is also critical. This needs to be detailed enough to enable an audit trail that can help to detect potential abuse or oversharing of confidential data.
To reduce the risk of human error, AI guidelines should also include security awareness training so that employees can understand that AI agents are not sandbox environments, and any sensitive data could be logged, stored, and in the worst-case scenario, shared. Immutable Backups Delivered as a Managed Service While the threat landscape continues to expand, the reality is clear
- no security stack is impenetrable. Cybercriminals will always search for
new angles, whether through ransomware, insider threats, or AI-driven exploits. Thats why true resilience depends not only on prevention but also
on the ability to recover quickly and confidently when defenses are breached.
Immutable backups , delivered as a managed service, provide that safety net. Unlike traditional backups that can be corrupted, deleted, or encrypted by attackers, immutable backups are unchangeable and tamper-proof. By layering this with 24/7 monitoring, expert management, and tested recovery processes,
a managed service ensures that recovery points remain secure and always available.
This approach dramatically shortens downtime, from days to hours and removes the operational burden from internal IT teams who may lack the time or expertise to manage complex recovery environments. Looking for the best cloud backup? This article was produced as part of TechRadar Pro Perspectives , our channel to feature the best and brightest minds in the technology industry today.
The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here:
https://www.techradar.com/pro/perspectives-how-to-submit
======================================================================
Link to news story:
https://www.techradar.com/pro/understanding-cyber-resilience-in-the-age-of-int ernal-threats-ai-and-emerging-data-loss-risks
--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)