Cybersecurity in the Age of AI: Why Leadership Must Start With People, Not Just Technology

What going on the BBC and researching the newest story around Cybersecurity, makes all too clear...

broken image

I do love getting asked to go on the radio.

As Dan Sodergren, and their Tech and AI expert, it's great to be interiewed about positive technology news stories and think about the future of work. But this is NOT always the case. Sometimes, it's the negative side of technology too. Today's story was all about cybersecurity. Listen to the full interview here.

What did we discuss?

When Marks & Spencer fell victim to a large-scale cyberattack, the headlines focused on the ransomware group, DragonForce, and the loosely affiliated hackers known as Scattered Spider. But the deeper issue isn’t just who carried it out — it’s how they got in. And more importantly, what this tells us about the future of leadership and workforce training in a digital world shaped by artificial intelligence.

This wasn’t just a systems failure. It was a human one.

In an age where AI is as much a weapon for attackers as it is a tool for defence, companies cannot afford to view cybersecurity as a task for the IT department. It must become a core business function — embedded at every level of leadership and every role across the workforce. And that starts with training.

AI Isn’t the Whole Answer — But It Will Change the Question

Generative AI is changing how security operations centres function. Tools like CrowdStrike’s Charlotte AI can now triage incidents at speed, deliver over 98% accurate alerts, and automate response to basic threats. This should be seen as a leap forward. But it also sets a dangerous trap: the illusion of security because a tool is in place.

As highlighted by CrowdStrike’s CTO, Elia Zaitsev, AI will never replace the human layer in cybersecurity. Instead, it amplifies the need for skilled, informed employees who know what to look for and how to respond. AI might spot an anomaly in a login pattern. But it’s still a person who clicked the link, answered the fake phone call, or reused a weak password.

The speed of AI-driven attacks is increasing — some breaches now escalate within seconds. That compresses the timeline in which humans must react. Training becomes not just a preventative tool, but a survival mechanism.

What the M&S Breach Teaches Us About Human Vulnerability

The M&S breach affected both customer experience and internal systems. Online orders stalled. Payment systems went down. Operations were disrupted. Millions in revenue were lost.

But what’s notable isn’t just the damage — it’s the suspected entry point. Like many modern attacks, it likely began with social engineering. Not high-level code. Not deep-tech hacking. Just persuasion.

Scattered Spider, the group many believe to be behind the breach, are known for impersonating internal IT staff and tricking employees into giving away credentials. This kind of attack sidesteps software entirely.

That’s why software alone can’t be your frontline defence. The real perimeter is your people.

Leadership in the AI Age Means Owning the Human Risk

If cybersecurity is everyone’s job, then leaders have to enable that reality.

Here’s the uncomfortable truth: far too many senior leaders still treat cyber risk as an operational detail rather than a strategic concern. AI will widen the gap between the organisations that take this seriously and those that leave it to the IT team. And it’s not just about budgets — it’s about mindset.

In The AI Leader’s Guide to the Future of Work, I explore this shift in leadership thinking. We no longer need leaders who understand every technical layer. We need those who know how to build cultures of curiosity, trust, and resilience. Leaders who invest in training not because compliance requires it, but because future-ready businesses demand it.

You can find the book here: The AI Leader’s Guide

Workforce Training Is Your Best Cyber Defence

If there’s one area of underinvestment that keeps recurring across industries, it’s employee training. Not in theory, but in practice.

Here’s what effective cybersecurity training looks like in 2025:

  • Real-world simulation: Phishing drills and social engineering scenarios that mimic modern threats.
  • Microlearning over modules: Bite-sized, ongoing training that builds habits, not just awareness.
  • Leadership-led culture: When CEOs and directors visibly support security efforts, staff follow suit.
  • Accessible policies: Clear, jargon-free guidance on what to do, when to escalate, and how to report.
  • Cross-functional integration: Everyone, from finance to HR, needs cyber literacy — not just tech teams.

Cybersecurity must become a daily discipline, not an annual checkbox.

You can embed this into your company culture with training strategies outlined at www.aileadershipcourse.com — a programme designed specifically for leaders ready to guide their organisations through AI-driven change.

5 Proactive Moves Every Leader Should Make This Year

  1. Fund Cyber Literacy for All
    Include digital security in all onboarding and leadership development. It’s no longer optional.
  2. Champion Multi-Factor Authentication (MFA)
    Make MFA non-negotiable. Across all systems. No exceptions.
  3. Lead Simulated Exercises Personally
    Don’t delegate this. Be part of your company’s tabletop security drills.
  4. Review Your Incident Response Plan Quarterly
    Cyber risks change fast. So should your strategy. Practice like it’s real.
  5. Invest in Human Firewall Culture
    Your employees are your last line of defence. Equip them accordingly.

This Isn’t Just IT. It’s About Organisational Survival.

60% of small businesses don’t survive more than six months after a successful cyberattack. That’s not a statistic — it’s a warning. And it applies to businesses of all sizes if leadership doesn’t respond.

The cost of data breaches is rising. The methods of attack are evolving. And the pace of threat acceleration is shortening response time. But the biggest shift of all is this:

Cybersecurity is no longer about tools.
It’s about trust.

If your people don’t trust your systems — and if your customers don’t trust your ability to protect their data — then the business doesn’t scale. And that trust starts at the top.

Final Thought: Train Like Your Future Depends on It

Because it does.

If AI is shaping the future of work, then human judgment, ethical leadership, and cyber awareness are its foundation. Smart systems won’t protect you unless your people know how to use them wisely.

The best leaders of the next decade won’t be the most technical — they’ll be the most adaptable. They’ll train their people before the breach, not after it. And they’ll lead from the front when risk hits, not hide behind software.

If you’re ready to do that, start with the training frameworks and leadership insights at www.aileadershipcourse.com, or download my book at The AI Leader’s Guide.

Because in this new world, awareness isn’t just protection.
It’s power.

About the Author:

Keynote speaker, professional speaker, Ted X talker, serial tech startup founder, ex marketing agency owner, digital trainer, and now author and media spokesperson Dan Sodergren’s main area of interest is the future of work, technology, data and AI In his spare time, as well as being a dad, which comes first, Dan is a digital marketing and technology (and now AI) expert for TV shows and the BBC and countless radio shows.

Occasionally donning the cape of consumer champion on shows like BBC WatchDog, the One Show and RipOffBritain and being a marketing tech specialist for SuperShoppers and RealFakeAndUnknown and BBC Breakfast.

He is also a host and guest on podcasts and webinars speaking as a tech futurist. And a remote reporter / content creator for tech companies at tech events and shows.

His main interest is in the future. Be that the future of marketing, or the future or work or how AI and technology will change the world for the better as part of the #FifthIndustrialRevolution.

Find out more about him here bit.ly/DanSodergren

His Social Links:

Dan’s website link www.dansodergren.com

His Books And Courses Links:

And the book cited in the blog is ...

https://futureofwork.gumroad.com/l/aileadersguide

broken image

Here are the URLs of all the pieces cited:

Subscribe
PreviousNext
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save