Managing AI in the fight against cybercrime

Jonathan Sharp is CEO of Britannic Technologies

This year has been crucial for businesses in operationalising AI and securing their systems and data against cybercrime. Businesses have moved from the hype surrounding AI to hastily rushing to deploy it because of FOMO, to adopting a more methodical approach, planning it carefully, and operationalising the technology. Aligning it with their business objectives and strategy, identifying why it’s needed, what challenges they face, and what needs to be improved.

It has also been the year of cybercrime, with attacks taking down well-known enterprises, costing them billions, forcing them to cut staff, and damaging their brands. The National Cyber Security Centre (NCSC) and the National Crime Agency (NCA) have announced that cybercrime is now a national emergency and that they cannot fight it alone. Placing the onus on businesses and organisations to secure their systems and data, moving cybersecurity to the top of the agenda.

Operationalising with intent

Last year, many companies were rushing to get on the AI bandwagon but were unsure why and how to use it, leading to failed projects and wasted investment. Gartner reported that only 48% of digital initiatives meet or exceed business outcomes, demonstrating the importance of preparation and ownership.

This year, we have seen more businesses wake up to the importance of the critical success factor that any new technology project, particularly AI, is dependent on someone in the business taking ownership. Managing it from the outset and on a daily basis, consistently evaluating it to identify its failures, strengths and opportunities.

Also, the increase in businesses that are reducing the fear factor associated with AI replacing jobs by involving their staff from the start of the project. Getting valuable input to identify the challenges and how they think they can be improved. The necessity is not only to train them on how to use the AI solution, but also to utilise it and extract and interpret the data into actionable insights for the business.

Everyone in the company, from the CEO downwards, should be responsible for cybersecurity. Security must be integrated into the company’s culture

Data skills shortage

Everyone is aware of a talent shortage of data scientists and engineers in the UK, and we are seeing it too. The enterprise companies have the in-house capabilities with data scientists and engineers, but the real struggle is with the SMEs who need guidance and often external resource to assist them with this bottleneck.

AI skills will be the career currency, and this is a huge gap that needs to be addressed beyond in-house training by the tech giants, the government, and education. If we don’t do this soon, then the gap will get wider, and tech will continue to overtake us, putting us and our economies at a disadvantage.

Setting objectives and measuring outcomes

By identifying your pain points in a customer journey or with processes, you can understand what needs to be improved. Then, you can set measurable objectives that are aligned with the overall business goals so that from the start, you know what you are striving to achieve.

In recent years, we observed many businesses that did not adopt this approach, but equally important, if not more so, were those that deployed the AI solution and then left it unattended. This led to people not using it or not using it correctly, and because it was not being managed, it failed to deliver the intended results.

Fortunately, in 2025, we have seen that businesses are now regularly measuring their outcomes to determine if they are achieving their goals. This includes metrics like minutes saved, customer satisfaction, increased revenue, reduced abandoned calls or queues, or higher quote conversion rates.

Securing against cybercrime

Cybercrime is rising, and we must change how we think and operate online and with technology. We need to be agile, adaptable, and open-minded about learning new ways of operating and working.

Companies must act proactively rather than reactively to protect their systems and data, safeguarding their business, people, and reputation from a cyber breach. It is no longer solely the responsibility of the IT department; everyone in the company, from the CEO downwards, should be responsible for cybersecurity. Security must be integrated into the company’s culture, and to achieve this, employees should be educated about cybersecurity.

Ensure all employees have strong, unique passwords that combine upper and lower case letters, numbers, and symbols to prevent cybercriminal access. Provide a password manager on your systems to help employees avoid having to remember passwords and to improve security. Along with multi-factor authentication (MFA) for an additional verification step, this could involve a code sent to their mobile phone or an authenticator application.

Investing in layered security with perimeters, secure endpoints, and AI monitoring that can detect threats and anomalies in real time. Protecting employees and customers, allowing action before an attack occurs.

AI can be employed to detect deepfakes, which criminals use in social engineering. Implementing a solution that recognises these irregularities can prevent a cyberattack in advance. Employees must be trained to spot these in links, emails, etc.

Prepare and on-guard

It was refreshing to see that businesses are now planning and preparing for AI projects and implementations by laying strong foundations on which they can build on. And ensuring that their businesses, tech, data and people are all protected from the serious threat of cybercrime. Both aspects need continuous management and evaluation to constantly make improvements and never stand still.