AI-driven cyberattacks overwhelm human defences — Experts

Cybersecurity experts have warned organisations worldwide to urgently redesign their security systems as artificial intelligence (AI) makes cyberattacks increasingly difficult for humans to detect.

The warning was delivered at the Future of Cybersecurity Newcastle 2026 conference in England, where industry leaders highlighted a rapidly evolving threat landscape driven by AI-powered deception and the looming risks of quantum computing.

Speaking at the event, Emmanuel Olorunnisola, Group Security Operations Intelligence Manager at Mott MacDonald Limited, said traditional reliance on employees to identify scams is becoming ineffective. According to him, cybercriminals are now deploying advanced generative AI tools to clone voices, create realistic video calls and craft highly personalised phishing messages.

He revealed that AI-generated phishing attacks surged fourteenfold in late 2025 and now account for more than half of global phishing traffic.

“In a world where AI can perfectly imitate voices, videos and messages, the idea of the ‘human firewall’ is collapsing,” Olorunnisola said, noting that organisations must shift focus from training employees to detect fraud to redesigning the systems they use.

He also warned of a growing long-term threat from quantum computing, explaining that attackers are already stealing encrypted data today with the intention of decrypting it in the future — a tactic known as “Harvest Now, Decrypt Later.”

“If your data needs to remain confidential for more than five years, it may already be at risk,” he said.

Also speaking, Bennet Morka, Information Security Strategy and Governance Leader at Mott MacDonald Limited, criticised the practice of blaming employees for cyber breaches, arguing that the real vulnerabilities lie in poorly designed systems.

He questioned the effectiveness of current awareness strategies, asking how workers can realistically detect fake communications when AI can replicate voices and identities with near-perfect accuracy.

Morka further cautioned that organisations risk creating future security crises by investing in systems that may not support post-quantum cryptography.

“If you are investing in infrastructure that will still be running in ten years but cannot support quantum-safe security, you are building tomorrow’s risks today,” he said.

Both experts emphasised that traditional cybersecurity awareness training is losing relevance, as deepfake fraud and AI-driven impersonation attacks continue to rise. They cited data suggesting that more than 40 per cent of organisations have already experienced deepfake-related attacks targeting senior executives.

To address these challenges, the speakers advocated a shift towards what they described as “Trust-by-Design” architecture. This approach replaces reliance on human judgment with stronger, cryptography-based verification systems.

Technologies such as passkeys, hardware security modules and continuous authentication were identified as critical tools for establishing secure, verifiable digital trust.

The experts also called for a new approach to measuring cybersecurity resilience, urging organisations to focus less on phishing test results and more on whether critical operations can continue even if user accounts are compromised.

They noted that transitioning to post-quantum security will be complex, with newer encryption standards requiring greater computing power and potentially causing performance challenges for legacy systems and networks.

Ultimately, the speakers stressed that cybersecurity must evolve beyond traditional methods, as AI continues to blur the line between real and fake.

“The future of security is not about trusting what you see or hear,” Olorunnisola said. “It is about building systems where trust must always be cryptographically proven.”