Insights
AI and Cybersecurity: scenario, threats and protection for companies
Artificial intelligence is revolutionising the work and everyday life of many, offering extraordinary opportunities for innovation, efficiency and growth.
One has to be aware, however, that the same technology can be used with diametrically opposed approaches, depending on intentions: just think of the area of IT security, where on the one hand AI can help companies protect themselves, but on the other hand it can be used maliciously by cyber criminals.
Indeed, AI enables more sophisticated and difficult-to-detect attacks, increasing the threat level for organisations in every sector. Faced with this evolution, businesses must adopt increasingly advanced cybersecurity strategies to protect their data and make their IT infrastructure resilient.
Cybersecurity scenario in Switzerland
A survey we conducted in 2024, with SUPSI, AITI Servizi and the Digital Coach service of the AGIRE Foundation, shows how cyber security is a priority for Swiss companies.
Over the past two years, cyber attacks have increased by 61 per cent, with SMEs as the main target. Data protection is, in fact, one of the biggest concerns for small and medium-sized enterprises: as many as 40 per cent of companies fear for the security of their data, while as many as 25 per cent do not yet have a cloud migration plan because of these fears, thus exposing themselves to greater operational and regulatory risks.
And public institutions are not immune: the Federal Intelligence Service* has reported targeted attacks on municipalities and strategic bodies, with devastating consequences, including financial damage, system crashes and the compromise of sensitive data.
Download research
AI: a double-edged sword for cyber security?
AI is changing the digital threat landscape: according to the MIT Technology Review**, attacks based on artificial intelligence are becoming increasingly sophisticated.
These are just some of the main emerging threats:
- AI-enhanced phishing - Phishing has grown by 60%, thanks to the use of generative AI that creates convincing emails by tone and words used, manipulated photos and videos. These attacks are increasingly effective in deceiving employees and customers;
- Deepfakes and identity theft - Generative AI can create increasingly realistic deepfakes and enhance “impersonation” scams by even resorting to voice simulation (voice deepfakes or vishing);
- Forged documents - AI-based tools can generate fake identity documents, facilitating financial fraud and money laundering;
- Manipulation of LLMs - Hackers exploit advanced techniques to induce AI models to bypass their own security rules, obtaining sensitive information or creating malicious code;
- Automated cyber attacks - Recent studies show that cyber criminals are automating the creation and dissemination of malware using AI, making attacks faster and harder to intercept.
Faced with these potential critical issues, organisations need to adopt advanced cybersecurity strategies. Recent regulatory updates, such as FINMA in Switzerland and the DORA regulation across Europe as well as NIS2, press for increasingly stringent measures to protect data, especially in high-risk sectors such as finance.
Key solutions for corporate security according to Tinext Cloud
In order to mitigate risks, proactive measures should be taken, such as updating outdated infrastructure, Zero Trust approach in accessing corporate property and constant backups.
Like Tinext Cloud, our approach is to suggest solutions and services to companies to prevent and mitigate data access security risks, including:
- Zero Trust approach, i.e. limiting access to critical information by implementing continuous audits on users and devices;
- Cloud Backup & Disaster Recovery, solutions that ensure business continuity in the event of an attack and the rapid recovery of data, without loss or interruption of service;
- Training and Awareness, which involves educating enterprise staff on emerging threats, to know how to recognise and avoid them;
- Active Monitoring, i.e. the use of AI-based threat detection tools to anticipate and neutralise attacks, because artificial intelligence can also be a valuable ally in the fight against cyber criminals.
AI, therefore, represents both a challenge and an opportunity: from this perspective, protecting one's IT infrastructure is no longer a choice or a technicality, but a strategic and business necessity.
