By Leon Crisp

Organizations in every industry continue investing to combat the growing complexity of cyber threats. Yet, several significant challenges remain: particularly the complexity of IT infrastructures, the lack of automation and the risk posed by AI and generative AI-powered threat actors.

The 2024 Kyndryl Readiness Report found that only 29% of business leaders currently feel ready across multiple external risks.

Here are three strategies that can help address the challenges and ensure that your cybersecurity platform is prepared to address the security needs of a modern enterprise.
 

The complexity of IT infrastructures

One of our customers in the banking sector recently approached us with a familiar challenge.

Each of their multiple subsidiaries used a distinct set of security tools and systems, creating a fragmented and complex IT environment. What they needed, and fast, was visibility: a clear picture of their cybersecurity sprawl and a way to unify these systems and tools.

Many security teams are overwhelmed by the sheer number of tools they’re expected to manage. In fact, the Kyndryl Readiness Report research shows that complexity is the top challenge businesses face when modernizing. I’ve personally seen customers running dozens of disconnected and often competing security solutions. Meanwhile, these tools are busy generating a flood of incident and vulnerability data that, without integration or coordinated response, goes underutilized.

These collective challenges often lead to security gaps, slower response times and decreased efficiency. At the same time, limited visibility into the organization’s security ecosystem can obscure critical links between events that might appear unrelated.

Possible solution: Open integration platforms

Tool integration is essential. Recently, there has been a trend to consolidate the best attributes of discrete tools onto single cybersecurity platforms.

Unfortunately, few have met the expectations of CISOs.

An open integration platform, however, is different. Open integration platforms have the ability to use AI and generative AI-powered digital business architectures that connect multiple systems and applications, allowing organizations to collect data and streamline workflows across their entire IT estate. These platforms also support insights and cross-business integration while providing a single management structure.

Steps to take today

I recommend looking for an open-integration digital business platform that goes beyond your current integration hubs or enterprise service buses. This platform should provide a foundation for connecting your internal systems with external services, offering an end-to-end business solution. It should also offer seamless integration capabilities without needing to re-platform your existing tools, helping you get more out of your existing investments.

Lack of automation

Another customer – a large government agency in North America – came to us with a sobering realization: they were operating on borrowed time. Their legacy security systems required constant manual oversight to stay afloat, leaving them vulnerable to reputational and operational risk.

They’re far from alone. The Kyndryl Readiness Report shows that only 8% of IT incidents are currently resolved through automation, falling far short of what’s achievable with today’s technology.

In many enterprises, security tasks that could be automated still require manual intervention, reducing team efficiency, increasing costs and diverting resources from critical activities. Without automation, detecting and responding to security incidents takes longer, allowing threats to cause more damage. Manual processes are also more prone to mistakes, potentially leading to misconfigurations, overlooked vulnerabilities and delayed responses to threats.

Possible solution: Upskilling and managed services

The effectiveness of any security stack depends on the expertise of the individuals leveraging it. As such, investing in your Security Operations Center (SOC) team is as much about recruiting as it is about building out a program of continuous upskilling.

Steps to take today

I’d recommend starting your upskilling program with a dedicated education track for SOC teams on the fundamentals of AI. In the spy versus spy scenario created by the rise of both AI-driven threats and, conversely, AI-powered solutions, this education will be critical for your team’s understanding of how AI works, where it adds value and also, how it might be used against them.

Generative AI and agentic AI-powered cyber threats

Along these same lines, AI and generative AI present both opportunities and risks for IT security.

On the risk side, cybercriminals are using generative AI models to carry out sophisticated attacks, from self-evolving malware to deepfake content for social engineering attacks.

Possible solution: A human-centric approach to AI

Preparing for the onslaught of generative AI-fueled cyber threats and successfully integrating AI and generative AI in your security stack depend on a human-centric approach.

Before selecting a specific technology stack, it is essential to establish an ethical framework that outlines how your organization intends to utilize AI responsibly. AI should not be viewed as a replacement for human roles, but rather as an enhancement to your workforce.  

Once you are ready to implement AI, whether generative AI or agentic AI, you need to understand the best practices for leveraging this technology while minimizing the inherent risks it may introduce.

Emerging agentic AI, for example, is promising particularly in its ability to respond to security threats autonomously – and at scale. Agentic AI systems can adapt to evolving threats and significantly augment the tasks of traditional security analysts and IT administrators, making them crucial as cybercriminals increasingly use AI for more sophisticated attacks.

Steps to take today

Ensure that your framework aligns with your overall risk strategy and corporate standards. Key components to consider include a new governance structure that ensures transparency and compliance with regulations through human oversight.

Addressing the potential risks of AI-specific issues like hallucinations or biases is also important. This means implementing regular audits and human-centered monitoring to catch anomalies early. Expanding your red teaming scope to include adversarial testing is another key step towards strengthening your safeguards.

Leon T. Crisp II is Director of Global Strategy for the CTO Office at Kyndryl.

¹ Infosec spending projected to rise 27% on average in 2025 – Highlights from VotE: Information Security. 451 Research. April 2025.