Cybersecurity Snapshot: AI Security Tools Embraced by Cyber Teams, Survey Finds, as Vulnerability Research Gets a Boost from UK Cyber Agency

A recent survey conducted by the International Information System Security Certification Consortium (ISC2) has revealed that Artificial Intelligence (AI) security tools are becoming an essential component of cybersecurity teams' tool suites. The survey, which polled almost 440 cybersecurity professionals, found that 30% of respondents are already using AI security tools, while 42% are either evaluating or actively testing them.

"AI is reshaping how organizations operate, and cybersecurity is no exception," said Casey Marks, ISC2 Chief Qualifications Officer. "Our latest AI Survey shows cautious but growing interest in AI security tools, with adoption expected to accelerate in the future."

The survey also found that teams who are using AI security tools credit these new wares with improving their cyber operations by 70%. The most significant impact of AI is seen in network monitoring and intrusion detection; endpoint protection and response; and vulnerability management.

But what's driving this trend? Concrete benefits. AI-based security tools have the potential to enhance cybersecurity capabilities, increase efficiency, reduce human error, and address the growing scale and sophistication of modern threats.

However, there are concerns about the future of cyber roles. Over half (52%) of respondents say AI could decimate entry-level staff jobs as it takes over repetitive, time-consuming tasks typically assigned to junior members of the team.

Still, 31% of respondents see a potential upside: Instead of reducing the hiring of entry-level staffers, organizations could instead assign them to areas such as AI governance, automation, and security data analysis. There's evidence of this shift, with ISC2 reports that it has seen entry-level cyber jobs advertised for AI-assisted SOC analysts; AI governance/compliance associates; and cloud security support analysts.

U.K.’s NCSC Boosts Vulnerability Research Efforts

The U.K.'s National Cyber Security Centre (NCSC) has launched a new project called the Vulnerability Research Initiative (VRI) to strengthen the country's ability to discover and tackle software bugs. The VRI will boost collaboration between the vulnerability research team at the NCSC and external partners, such as other U.K. government agencies, technology companies, and others.

"The VRI’s mission is to strengthen the U.K.'s ability to carry out VR. We work with the best external vulnerability researchers to deliver deep understanding of security on a wide range of technologies we care about," reads an NCSC statement.

Tenable Webinar Poll Looks at Securing Machine Identities

A recent webinar conducted by Tenable explored the challenges of securing non-human identities, including machine identities. The webinar polled 58 attendees and found that they face challenges such as ensuring secure access to machines, managing identity fatigue, and addressing the increasing complexity of IoT devices.

Open Source Devs Get Guidance for CRA Compliance

Developers of open source software (OSS) who want to learn more about staying compliant with the EU's Cyber Resilience Act (CRA) now have a new resource to check out. The Open Source Security Foundation (OpenSSF) has published its "CRA Brief Guide for OSS Developers," which aims to help OSS developers better grasp this new law's scope and key concepts.

"If you develop OSS, we think you'll appreciate this straightforward guide," said David A. Wheeler, Director of Open Source Supply Chain Security at OpenSSF. "It is not legal advice; rather, it is an overview to help you understand the situation — but understanding is the first step."

Crypto Theft Balloons in 2025’s First Half

Cyber thieves are doubling down on cryptocurrency targets, having already exceeded $2.17 billion stolen from crypto services in the first six months of 2025. Chainalysis reported that a staggering $1.5 billion was stolen from ByBit attributed to North Korean cyber actors – the largest crypto hack ever.

"The surge in cryptocurrency thefts represents both an immediate threat to ecosystem participants and a long-term challenge for the industry's security infrastructure," reads Chainalysis' "2025 Crypto Crime Mid-year Update" report.