Cybersecurity Leaders Warn AI Threats Are Outpacing Corporate Readiness
Key Highlights
- Experts emphasized that organizations that fail to translate cybersecurity into financial and operational terms risk under-resourcing critical defenses and recovery planning.
- Participants noted that a large share of organizations cannot assign dollar values to data or accurately model outage costs, limiting effective risk decision-making.
- The discussion highlighted a mismatch between the average 21-day recovery period after a cyber incident and the roughly 26 days of operating capital many middle-market firms hold.
Cybersecurity leaders are warning that many organizations remain unprepared for rapidly evolving cyber threats, particularly companies that still view cybersecurity as a technical issue instead of a core business and governance risk.
During the “Beyond the SOC” (Security Operations Center) executive roundtable held in Chicago, experts from cybersecurity, legal, financial services and risk management fields discussed the growing impact of ransomware, operational disruption and AI-driven attacks. The event was organized by Mayer Brown, Tölt Strategies, Blue Team Alpha and DIACSUS.
Participants emphasized that most organizations struggle to translate cyber risk into financial terms that executives and boards can act on. The group noted that while the average cyber recovery time is now about 21 days, many middle-market companies maintain only 26 days of operating capital.
“Cyber risk is still too often communicated in technical terms, while capital is allocated in financial ones,” said Brad Giemza, Advisor and Consultant to Tölt Strategies.
Artificial intelligence emerged as a major focus of the discussion. Ed Driscoll, CEO of Blue Team Alpha, warned that AI-generated attacks are moving faster than traditional human-led security operations can respond.
“Cybersecurity is no longer about humans attacking humans,” Driscoll said. “It’s now about AI-generated, autonomous attacks.”
Participants also cautioned against equating compliance with security. Kirke Cushing, Partner at DIACSUS, said many breaches occur in operational gaps that standard audits fail to detect, including misconfigured permissions and overlooked workflows.
The roundtable also explored cyber insurance challenges, offensive cyber defense policies and the growing role AI will play in autonomous detection and response systems.
The consensus among participants: companies that fail to modernize cyber governance and operational resilience risk falling behind in an increasingly AI-driven threat landscape.
Source: Mayer Brown; Tölt Strategies; Blue Team Alpha; DIACSUS
Stay Connected with ISE Magazine
Subscribe to our newsletters and magazine for the latest telecom insights, explore the current issue for in-depth features and strategies, and register for upcoming webinars to learn directly from industry leaders.