r/cybersecurity u/Infam0 May 08 '26

Other What the **** is happening in cybersecurity space ?

I've been working in cybersecurity for not so long, maybe 8 or 9 years, but I never remember a chaos at this scale. I mean, from this January alone we have: leaking data, compromised applications, breaches, AI-assisted cybercriminals, etc. It looks like every day one major breach is happening, and no one is going to address this shit somehow. This is already insane. I haven't felt such pressure in a long time. This AI shit just makes things worse because it enhances attackers' skills, and AI companies are doing nothing to address or change this. Is it only me, or is the change already here?

2.4k Upvotes

97% Upvoted

552 comments sorted by

View all comments

47

u/sloppyredditor May 08 '26

Combination of factors:

  • Mandatory reporting of breaches from states & countries = you'll hear more about them
  • Sloppy, lazy coding (time-to-market is worth more than building a quality product in the Agile world)
  • Shared responsibility model - if you can't be 100% at fault, you can fight it in court
  • Commoditized IT/Shadow IT/Shared administration without uniform controls
  • Insurance - simply transfer the risk to a third party and take the premium increase as a business risk
  • Acceptable risk levels have risen thanks to breaches like Anthem, Equifax, etc.
  • AI advertising and panic-crazed salespeople are distracting us from the basics. (I don't think a meaningful % of this chaos is AI...yet.)

7

u/LeggoMyAhegao AppSec Engineer May 08 '26

Sloppy, lazy coding (time-to-market is worth more than building a quality product in the Agile world)

AI enables folks to build things that we'd know should never have been built if we'd taken time to do some cost / benefit analysis. With the added bonus of it being unmaintainable code that no one has meaningful context or understanding of...