IRONSCALES founder & CEO Eyal Benishti is a pioneering security software engineer & executive leader with 15+ years of industry experience.gettyI talk to security leaders every week, and the conversation always splits in two directions: what's hitting them right now (BEC campaigns, credential theft, AI-generated phishing that's getting harder to spot) and what they're bracing for next (deepfakes in real-time meetings, multichannel social engineering, threats that don't look like threats yet). Both conversations are urgent, and neither one can wait.However, what's ahead remains hazy at best. While some emerging threats, such as deepfakes, are already attracting solutions, the rate of AI-powered change makes it all but impossible to clearly foresee the threats looming ahead. With a mountain of unknown unknowns in front of it, the cybersecurity industry is stuck wondering how exactly to prepare for what's to come.That said, many very real (often very familiar) threats are plaguing businesses right now. While keeping an eye to the future is always wise, one can never afford to lose sight of the present.The All-Too Familiar Threats That Still Plague Today's BusinessesDespite the emergence of novel threats such as deepfakes and VIP impersonation, the reality is that the bulk of today's attacks still fall into the same all-too-familiar categories. Year after year, things such as ransomware, phishing and social engineering top the lists of most common attack vectors. At the same time, even though new channels such as Slack and Teams are becoming more common avenues for communications, the vast majority of attacks still come through more familiar channels such as email. While the new frontier may be exploiting AI agents, the human element still plays a central role in the vast majority of today's attacks.As a result, we find ourselves in a threat landscape that looks strangely familiar for a time otherwise marked by such dramatic technological change. Verizon's 2026 Data Breach Investigations Report noted that ransomware still remains the primary means of eliciting funds from organizations, email is the number one vector for social engineering, and 62% of all breaches still include the human element (an increase of two percentage points from the 2025 report). With so much staying the same, the good guys should already have everything figured out, right? Unfortunately, no.More Of The Same, But Different While things might look the same, as we all know, looks can be deceiving. Although the types of attacks remain largely the same, the scale, speed and sophistication have changed dramatically.Yes, phishing is still a top-level cyberthreat, but the days of poorly written missives from far-off princes are long gone. Instead, we're seeing social engineering and phishing undergo an AI-powered renaissance—with highly sophisticated, highly convincing attacks capable of gliding past traditional defenses and fooling even the most vigilant of employees.Verizon's report found that AI-assisted text in malicious emails has doubled in relation to previous years. As a result, phishing has become the number one AI-assisted initial access technique in use today, accounting for 44% of all AI-assisted attacks, with email remaining by far the most common channel being used.While phishing emails are anything but new, AI has given them new life. We're now seeing the volume, speed and sophistication of these "traditional" attack types reach unprecedented heights, and organizations are struggling to keep up.The Growing Need For A Multilayered Approach To Cyber DefenseIn light of these challenges, the days of relying solely on traditional defensive tools are over. While solutions such as secure email gateways (SEGs) remain essential parts of the security stack, organizations can no longer solely rely on them for modern defenses.The IRONSCALES team found in 2025 that traditional SEGs fail to stop an average of 67.5 phishing attacks per 100 mailboxes every month. As the use of malicious payloads, blacklisted links and other traditional hallmarks of malicious emails fall to the wayside, traditional tools are developing blind spots. At the same time, the sheer speed that AI enables makes signature databases and blocklists less and less effective.A new class of AI-assisted solutions, developed to layer on top of organizations' front-line defenses, can detect anomalous characteristics in email communications in order to flag malicious content. By fighting fire with fire, they're able to move at the same machine speed as today's AI-enabled threat actors—learning and adapting as new campaigns and threats make their way onto the threat landscape.A Vision Of Tomorrow's (Less Human) Threat LandscapeWhile these known threats continue to keep security teams plenty busy, it's important to remain mindful of what could lie ahead. As we've discussed, AI is already very much making its presence felt in the cybersecurity space. However, its evolution is still in its infancy.While we're currently seeing human threat actors using AI to enhance traditional threats, the rise of AI agents points to a future where the threat landscape looks much less familiar. As enterprises rush to bring agentic AI into more of their day-to-day operations, they're opening up the door to an entirely new frontier of risk.In a world where agents respond to emails and take actions that those emails inform, we'll undoubtedly see social engineering tailored not to humans but to the agents themselves. Meanwhile, threat actors will also undoubtedly leverage agents as offensive tools. As a result, we'll likely see humans exploiting agents, agents exploiting humans and, eventually, agents exploiting agents.Keep Your Feet On The Ground And An Eye To The FutureOrganizations can't afford to take their eye off the ball. At the same time, they can't risk being unprepared for what's to come. That puts security vendors and their customers in a difficult position, trying to effectively allocate time and resources to today's threats while also innovating and preparing for what's to come.While it's no small task, it'll be those that are able to do both (without losing their balance) that will successfully weather the storm.Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
Cybersec: Fighting For The Here & Now While Preparing For What's Next
Organizations can't afford to take their eye off the ball. At the same time, they can't risk being unprepared for what's to come.






