Are AI cyber threats overhyped?

We’re just over a week into 2026 but already, enterprise cybersecurity teams will be hard at work repelling attacks – and business leaders will be worrying about the year ahead.

On the one hand, we’re told that AI tools are beginning to empower security teams to go further and faster. On the other, the use of AI by hackers to launch attacks also appears to be on the rise.

All of this is happening against a backdrop of rising geopolitical tensions and continual attacks by state-sponsored hacking groups against businesses. How will all this come together in 2026 and beyond?

In this episode, Jane and Rory are joined by Jamie Collier, lead advisor in Europe at Google Threat Intelligence Group, to explore the risks – both novel and ordinary – enterprises face in 2026.

Highlights

"I think one of the big reflections for me is just the extent to which threat actors are adapting to what I would call modern infrastructure. We think about the way that a lot of these traditional attacks have worked, we've seen that typical hack moving through the network, escalating privileges, etc. When we look towards defending cloud, SaaS, these sorts of spaces, it's a very different space, a lot more emphasis on identity and that is providing, effectively, a bypass to a lot of those complex threat operations where these threat actors can just really log in."

"The most obvious way that for actors are using AI is probably the most boring in terms of it's just different levels of automation of their attack life cycle. It's crafting phishing emails. It's conducting reconnaissance. I think that sort of goes without saying, and actually a lot of that is in areas we're not necessarily going to fully see, because they're going to be doing that with their own models, etc."

"There is a lot more to North Korea than just IT workers, right? We see also very big targeting of software developers, we see cryptocurrency remains a primary target, and I think given that their kind of dual objective of financial motivated operations and strategic intelligence gathering, it actually exposes a lot of organizations to all sorts of different types of North Korean threats that range from tailored targeting, to employment fraud, to initial access to cryptocurrency theft, ransomware, supply chain compromise."

Footnotes

• NCSC issues urgent warning over growing AI prompt injection risks – here’s what you need to know
• Cyber experts have been warning about AI-powered DDoS attacks – now they’re becoming a reality
• Salt Typhoon attack on US congressional email system ‘exposes how vulnerable core communications systems remain to nation-state actors’
• OpenAI says prompt injection attacks are a serious threat for AI browsers – and it’s a problem that’s ‘unlikely to ever be fully solved'
• OpenAI turns to red teamers to prevent malicious ChatGPT use as company warns future models could pose 'high' security risk
• A flaw in Google’s new Gemini CLI tool could’ve allowed hackers to exfiltrate data
• Google says you shouldn't worry about AI malware – but that won’t last long as hackers refine techniques
• North Korean IT workers: The growing threat
• North Korean hackers continue targeting developers in open source malware campaign - and experts say as many as 36,000 victims have been snared so far
• CRINK attacks: which nation state hackers will be the biggest threat in 2026?

Subscribe 

• Subscribe to The IT Pro Podcast on Apple Podcasts
• Subscribe to The IT Pro Podcast on Spotify
• Subscribe to the IT Pro newsletter
• Join us on LinkedIn