Earlier this month, Simplex Services hosted SimpleXConnect, our annual roundtable to bring the best minds in the industry together to understand the challenges, solutions, and innovations leading up to the next level of technology. Hosted aboard the iconic HMS Belfast, moored on the River Thames, this year’s event tackled one of the most pressing topics in technology today: the complex intersection of artificial intelligence, cybersecurity, and cloud transformation.
SimpleXConnect was launched with its first in-person event in London in 2019 with an intention to bring industry leaders together and foster innovation. It is now an annual fixture in the UK tech circuit as a platform to meet, connect and brainstorm with people who are instrumental in the future of technology innovation.
The conversation, which featured an illustrious line-up of speakers, including Anju Tiwari, Cheryl Martin, and Naveen Thomas, moved quickly past the buzzwords to address the real-world implications of AI. As businesses worldwide grapple with increasingly sophisticated attacks, the panel explored the dual role of AI as both a formidable weapon for attackers and an indispensable tool for defenders.
The Problem Isn’t Just Technology—It’s People
The discussion kicked off with a look at the recent spate of high-profile cyber attacks on major companies like Jaguar Land Rover and Marks & Spencer. Cheryl Martin, a forward-thinking industry leader and CISO at COMPANY86, pointed out that while these attacks are becoming alarmingly common, the root cause is often misunderstood.
“What it comes down to, nine times out of 10… it’s not necessarily the technology, it’s the people. 98% of all of those instances that we hear are down to someone doing something that they shouldn’t.”
— Cheryl Martin
Martin explained that the biggest shift isn’t just the technology itself, but the public’s awareness of it. Attacks that were once hidden are now “big headline news,” forcing companies to confront the massive business impact, which can range from stalled production lines to a simple, but costly, inability to sell “Percy Pigs.”
AI as the Attacker
Dr. Naveen Thomas, a Partner at EY Technology Consulting practice specialising in AI and Cloud technologies, detailed the “good vs. evil” nature of AI in cybersecurity. He explained that AI is making cyber threats exponentially more dangerous by automating and perfecting attacks. Using an analogy from the film Catch Me If You Can, Thomas described how attackers no longer just “break in.” They now use AI to trick their way in, sit and learn the system, and then strike. This is supercharged by AI tools that can clone voices for deepfake social engineering and craft flawless phishing emails.
“The phishing attacks have become much more sophisticated and automated… There is even, like ChatGPT, there’s a ‘FraudGPT’ now that you can use to develop all of these phishing attacks.”
— Naveen Thomas
On the “good” side, Thomas noted that AI is also the new frontline of defense. It’s being used to detect anomalies and suspicious patterns in user behavior—like an employee suddenly accessing files they’ve never touched before—that human security teams would almost certainly miss.
A New Mandate for Leaders: “Secure Your AI, Not Network”
So, how should business leaders handle this new reality? Anju Tiwari, who leads the Banking Industry for the Consult business at Kyndryl, offered a clear directive for any CTO or program manager overseeing a major transformation. She argued that resilience and security can no longer be an afterthought or a problem left solely to the IT department. In the age of AI, security is a core business problem that must be addressed from day one of any new project.
“I would be very surprised if there is no resiliency discussion, reliability discussion, and observability discussion. These are no more IT guys’ problems, these are business problems.”
— Anju Tiwari
Tiwari concluded with a powerful new mantra for the modern, AI-driven business: the focus must shift from building walls around a network to securing the AI and data itself.
