Season 7, Post 8: Cyber on my mind

It’s hard to escape from AI. The topic remains on the lips of every industry executive. Column inches abound about its potential. Fundamentally, AI is (and always has been) about the intelligent manipulation of data. However, data have no value unless secured, stored and analysed, a view we first enunciated over a decade ago. It was therefore with interest that your author received three novel reports on the state of the cyber industry (a topic we last wrote on in September 2024) in his inbox recently. A brief summary of each follows:

Security software vendor, Darktrace’s annual State of AI Cybersecurity Report is a must-read for anyone interested in cyber. Its insights are the results of surveying 1,500 security leaders. 78% of CISOs (Chief Information Security Officers) are of the view that AI-powered cyber threats are having a significant impact on their organisation. Even if AI solutions to this challenge may be the future – a view endorsed by 95% of CISOs polled – almost 50% of those polled said that they were not prepared for the reality of AI threats. It sounds to us as if businesses need to get spending on cyber, although the report says that only 11% of participants are planning to increase cyber staff in 2025.

Similarly cheery reading is available in the form of the Global Threat Report issued annually by CrowdStrike, another cyber vendor. It begins by reminding readers that similar to in the jungle or the desert, it does not pay to underestimate your adversary. Needless to say, CrowdStrike has a vested interest in making such an observation, but the numbers back its claim up. The report notes how the amount of time it takes for an adversary to start moving laterally across a network it has compromised has fallen in the past year from 48 minutes to just 51 seconds. At the same time, new threats are emerging. Watch particularly for ‘vishing’, or voice-phishing attacks, which have risen more than 400% (albeit from a low base) in the last 12 months.

If vishing were not worrying enough, then what about the risk of remote identity incidents, camera attacks and face swaps? These emerging threats are addressed in detail in iProov’s latest Threat Intelligence Report. With at least a 300% increase in these novel formats of attack over 2024 (again from a low starting point), the report demonstrates just how quickly the cyber landscape continues to evolve. Deepfakes are becoming increasingly commercialised and commoditised. iProov (whose Chief Scientific Officer we interviewed in a prior Blog post) says that at least 115,000 different known attack combinations in this format currently exist. The scale and the vectors through which cybercriminals are seeking to penetrate organisations continues only to grow.

6 March 2025

The above does not constitute investment advice and is the sole opinion of the author at the time of publication. Past performance is no guide to future performance and the value of investments and income from them can fall as well as rise.

Click to here view all Blog posts.

Alex Gunz, Fund Manager

Disclaimers

The document is provided for information purposes only and does not constitute investment advice or any recommendation to buy, or sell or otherwise transact in any investments. The document is not intended to be construed as investment research. The contents of this document are based upon sources of information which Heptagon Capital LLP believes to be reliable. However, except to the extent required by applicable law or regulations, no guarantee, warranty or representation (express or implied) is given as to the accuracy or completeness of this document or its contents and, Heptagon Capital LLP, its affiliate companies and its members, officers, employees, agents and advisors do not accept any liability or responsibility in respect of the information or any views expressed herein. Opinions expressed whether in general or in both on the performance of individual investments and in a wider economic context represent the views of the contributor at the time of preparation. Where this document provides forward-looking statements which are based on relevant reports, current opinions, expectations and projections, actual results could differ materially from those anticipated in such statements. All opinions and estimates included in the document are subject to change without notice and Heptagon Capital LLP is under no obligation to update or revise information contained in the document. Furthermore, Heptagon Capital LLP disclaims any liability for any loss, damage, costs or expenses (including direct, indirect, special and consequential) howsoever arising which any person may suffer or incur as a result of viewing or utilising any information included in this document. 

The document is protected by copyright. The use of any trademarks and logos displayed in the document without Heptagon Capital LLP’s prior written consent is strictly prohibited. Information in the document must not be published or redistributed without Heptagon Capital LLP’s prior written consent. 

Heptagon Capital LLP, 63 Brook Street, Mayfair, London W1K 4HS
tel +44 20 7070 1800
email [email protected] 

Partnership No: OC307355 Registered in England and Wales Authorised & Regulated by the Financial Conduct Authority 

Heptagon Capital Limited is licenced to conduct investment services by the Malta Financial Services Authority.

Related Insights

See all Insights
View From The Top: Numbers, not noise
  • Featured Insights

View From The Top: Numbers, not noise

Season 7, Post 7: The ultimate concierge?
  • Featured Insights

Season 7, Post 7: The ultimate concierge?

Season 7, Post 6: What we talk about when we talk about AI
  • Featured Insights

Season 7, Post 6: What we talk about when we talk about AI

GET THE UPDATES

Sign up to our monthly email newsletter for the latest fund updates, webcasts and insights.

GET THE UPDATES