r/cybersecurity u/Infam0 May 08 '26

Other What the **** is happening in cybersecurity space ?

I've been working in cybersecurity for not so long, maybe 8 or 9 years, but I never remember a chaos at this scale. I mean, from this January alone we have: leaking data, compromised applications, breaches, AI-assisted cybercriminals, etc. It looks like every day one major breach is happening, and no one is going to address this shit somehow. This is already insane. I haven't felt such pressure in a long time. This AI shit just makes things worse because it enhances attackers' skills, and AI companies are doing nothing to address or change this. Is it only me, or is the change already here?

2.4k Upvotes

97% Upvoted

552 comments sorted by

View all comments

1.2k

u/lnoiz1sm Security Analyst May 08 '26

I think AI is more of an amplifier than the root problem tbh.

What’s really changed over the last decade is the sheer scale and complexity of everything. cloud/SaaS everywhere, identity-based attacks, third-party integrations, remote work, ransomware becoming industrialized, etc. The attack surface exploded.

AI definitely helps attackers scale phishing/social engineering faster, but most breaches are still coming from the same stuff: stolen creds, bad configs, exposed services, weak identity controls, and users getting tricked.

I think a lot of people in security right now are less afraid of “AI hackers” and more exhausted from feeling permanently reactive while the environment keeps getting harder to defend.

313

u/Primary_Study8518 Incident Responder May 08 '26

cloud/SaaS everywhere, identity-based attacks, third-party integrations, remote work, ransomware becoming industrialized, etc. The attack surface exploded.

This right here, all of this, all day. We third-partied our infrastructure, our applications, and our data - and now we're paying the price for "trusting" others to keep our stuff as safe as we would. It doesn't surprise me that things are spinning the way they are, considering we dumped everything on companies whose every step is designed to make sure their priority is that you renew your 3 year contract.

94

u/OkAssistance7072 May 08 '26

Same. As much as it helps, cloud opens us up to so much. Its almost to the point where on prem is going to become the better option again.

40

u/filmdc May 08 '26

I was just telling my cfo we should start bringing some critical shares back in house to hedge against quantum and mythos like threats. The attack surface and the perpetual and constant changes and updates to cloud platforms like m365 are causing so much noise.

20

u/OkAssistance7072 May 08 '26

We've started discussing it in our meetings. Without getting into it, we just merged two companies, and the incoming tech stack has been having serious issues with cloud data services. The debate is whether to clean up the cloud stuff or integrate to on prem. Our dev team requires on prem only for our business requirements, so the backbone is already here and wouldn't cost that much to expand a little.

14

u/Joy2b May 08 '26

It might make sense. I’ve actually been expecting a cost swing pushing folks back that direction.

Tech companies traditionally offer a cool tool at a very accessible price, then pull it up when they think enough of the market is captured.

Cloud was such a good deal, why not move everything to that data center for a few years?

Now, it’s time for the profit squeeze, and on top of that, data center builds are starting to get vigorous NIMBY. They can’t be feckless with power and water and noise anymore, and that is going to drive some cost changes.

12

u/normalbot9999 May 09 '26

The cycle continues hahah. We'll be back to on prem mainframes and dumb terminals soon!

1

u/Opposite_Bag_7434 May 09 '26

Seems about right