Artificial Intelligence (AI) has become deeply embedded in our daily lives – from smartphone photo enhancements to automated meeting summaries and hyper-realistic video content. In the workplace, AI is fueling productivity, creativity, and communication. But while businesses embrace its potential, threat actors are doing the same.
The AI-enhanced threat landscape
As AI becomes more accessible, cybercriminals are using it to launch faster, more convincing attacks. Deepfake videos, AI-generated phishing emails, and social engineering campaigns are now more personalized and harder to detect. Attackers can quickly scan public data, mimic real people, and create realistic videos, voices, and messages that trick users into sharing sensitive information or credentials.
To stay ahead, organizations need a layered security approach – one that doesn’t rely on a single tool or solution, but instead uses multiple defenses working together. This strategy helps block threats at different points, limits damage if an attack does happen, and improves overall resilience.
A few key layers stand out:
- AI-powered threat detection helps organizations spot unusual activity in real time, such as suspicious logins or phishing attempts. These tools can catch what traditional systems might miss and respond faster than a human team alone.
- Zero-trust security means never automatically trusting users or devices, even if they’re inside the network. Every access request is verified, and access is limited to only what’s necessary, reducing the chance of attackers moving freely once inside.
- Privileged Access Management (PAM) protects high-level accounts that could do the most damage if compromised. By limiting who can access sensitive systems and when, PAM helps prevent attackers from escalating their privileges or reaching critical IT infrastructure.
No one solution is enough on its own, but together, these tools and strategies form a strong foundation. As attackers grow more advanced with AI, defenders must do the same, with smart tools, smart strategies, and a focus on reducing risk from all angles.
Quantum computing and the next wave of threats
Quantum computing is no longer a far-off concept – it’s becoming a reality with real-world implications for cybersecurity. Its development poses a serious threat to traditional encryption methods like RSA and elliptic curve cryptography. Governments and institutions worldwide, including in Japan, are already responding. The Japanese Financial Services Agency has encouraged banks to explore Quantum-Resistant Cryptography (QRC), and National Institute of Standards and Technology (NIST) in the U.S. has released new post-quantum cryptographic standards.
The “store now, decrypt later” threat is real – where attackers harvest encrypted data today in hopes of decrypting it with quantum computers tomorrow. Transitioning to quantum-resistant encryption takes time, and organizations – particularly those in finance, healthcare, and government – should begin evaluating QRC solutions now as part of their long-term cybersecurity strategy.
The role of standards
In today’s hyper-connected digital landscape, cybersecurity isn’t just about protecting your own organization – it’s also about ensuring the security of everyone you do business with. That’s why internationally recognized standards, like ISO 27001, are critical not only for internal operations but also when selecting technology vendors and business partners.
ISO 27001 provides a globally accepted framework for establishing and maintaining an Information Security Management System (ISMS). It ensures organizations have the policies, processes, and controls in place to manage risks and protect sensitive data. Achieving ISO 27001 certification demonstrates a serious, ongoing commitment to cybersecurity and data protection.
For enterprises, implementing ISO 27001 internally helps strengthen governance, align with regulatory requirements, and build resilience against evolving threats. But it shouldn’t stop there. Organizations should also expect the same standard of security from the vendors, suppliers, and partners they work with – especially those that handle sensitive systems, data, or infrastructure.
Working with ISO 27001-certified vendors provides greater transparency and assurance that best practices are being followed throughout your extended ecosystem. Without these assurances, even a well-protected organization can be put at risk by a less secure third party.
In short, standards matter – and they should apply across the entire supply chain. A proactive approach to security means not just protecting your own house, but also making sure everyone you depend on is doing the same.
A secure future with AI
AI can be a force for good – when paired with strong cybersecurity practices. As organizations adopt generative AI tools and agents, they must also adopt modern defenses: PAM, zero-trust principles, quantum-resistant cryptography, employee education, and globally recognized standards. Cybersecurity is not a checkbox; it’s a continuous journey. And with the pace of innovation, the time to act is now.
Takanori Nishiyama is the senior vice president of Asia-Pacific (APAC) sales, and country manager for Japan, at Keeper Security. He brings over a decade of leadership experience from VMware, where he successfully led the End User Computing (EUC) business across APAC and Japan. In his previous role as Senior Director at VMware, Nishiyama drove sales growth in the EUC division. Nishiyama also contributed to high-growth initiatives at Red Hat and EMC, demonstrating a strong track record in advancing businesses across the hardware, software and SaaS sectors.
TNGlobal INSIDER publishes contributions relevant to entrepreneurship and innovation. You may submit your own original or published contributions subject to editorial discretion.
Featured image: MARIOLA GROBELSKA on Unsplash
From curious prompts to career hacks: Southeast Asia’s quiet AI revolution