Humans – long acknowledged as the weakest link in cyber security – are now weaker than ever before in the face of advanced AI phishing and hacking techniques. This risk is increasing as the end of Windows 10 support looms.
This is according to Barry Neethling, Chief Technology Officer at First Technology Group, who says threat actors have adapted, many of them are now state-funded and most use AI to improve their attacks. In the face of these sophisticated techniques, traditional training and awareness campaigns are no longer enough, he says.
“The human is getting hacked because the threat actors have become adept at using AI to manipulate humans psychologically into reacting to conditions that are artificially created,” he says. “These are fabricated ‘emergency conditions’, under which if you don't respond, something's going to happen that could affect you negatively – for example, the price of an item will go up, the availability of an item will disappear, or your computer is going to crash completely.”
Neethling says: “At First Technology Group, we are working with multiple companies to up our game when it comes to the human and psychological aspects of ensuring companies don’t get hacked.
Neethling says: “We have multiple divisions and multiple initiatives running in the company in parallel, all working towards one goal: to ensure that customers are not only technologically protected but that their users are mentally empowered to act as a protective layer as well.”
Come October, the cyber security blast radius widens
Neethling says the cyber risks facing users and the companies they work for are set to increase exponentially in October this year, when Windows 10 support comes to an end.
“October 2025 is a major event. One reason for this is that many people are running computers at home that are working perfectly well on Windows 10 that don't need to be upgraded to Windows 11, and many probably can't be upgraded to Windows 11. They are likely going to continue running Windows 10 – but unsupported,” he says.
Those machines are going to become increasingly vulnerable, and will inevitably be hacked. “Those machines are sitting on your home network (which you probably trust) – the same network you connect your company laptop to, and at some point, threat actors are going to use this. So the points at which you are going to be attacked and hacked psychologically, technologically are going to steadily increase by orders of magnitude after October.”
Reducing risk
Neethling notes: “You cannot ever say that you’re 100% protected, but you can be better protected. You can be more alert, you can be more aware, and you can be more proactive and never mark your own homework!
He recommends starting with achieving visibility of the environment and embarking on a programme of innovative, ongoing employee training to improve security.
“Organisations must focus on the human element, and ensure that they have the absolute best of technology available and configured."
Share