Cloud intrusions have seen a significant increase, rising by 136% in the last six months. Notably, North Korean operatives infiltrated 320 companies using AI-generated identities. The group known as Scattered Spider is now capable of deploying ransomware within 24 hours. At Black Hat 2025, the cybersecurity industry showcased advancements in agentic AI, which is moving from theoretical promises to practical applications in threat detection.
CrowdStrike recently identified 28 North Korean operatives who were embedded as remote workers, illustrating the evolving capabilities of agentic AI in real-world situations. Vendors at Black Hat reported measurable improvements in threat detection and response capabilities, highlighting shifts towards operational effectiveness rather than hype.
CISOs attending the event noted enhancements in alert processing and investigation times, although improvements vary based on implementation maturity. This indicates a movement away from aspirational goals toward actual results in security operations.
Discussions at Black Hat focused heavily on agentic AI, with over 100 announcements related to new applications and services aimed at enhancing security measures. CrowdStrike’s Adam Meyers underlined the importance of integrating agentic AI within security operations for timely responses against increasingly fast-moving adversaries, particularly those deploying ransomware.
The conference also raised concerns about adversaries leveraging AI technologies for infiltration and manipulation, as demonstrated by the FAMOUS CHOLLIMA operatives who use AI to create synthetic identities and navigate employment processes undetected.
Despite the presence of advanced technologies, vendors emphasized the necessity of retaining human oversight for complex decision-making and creative problem-solving. Analysts have become a critical component in augmenting machine capabilities.
As AI becomes more integrated into cybersecurity, predictions arose regarding potential insider threats presented by AI itself, prompting discussions on standardization and governance in the industry. This rapid evolution of threats necessitates continuous adaptation and vigilance from organizations to safeguard critical assets and maintain trust with their customers.
Source: https://venturebeat.com/security/black-hat-2025-how-agentic-ai-is-finally-delivering-real-value/