British boardrooms are placing cybersecurity at the forefront of their agendas following a series of devastating breaches that have exposed critical vulnerabilities across multiple sectors.
Over the past eighteen months, organisations from retail and finance to automotive supply chains have faced sophisticated attacks, with Jaguar Land Rover becoming the latest high-profile victim. The automotive giant was forced to suspend production for five weeks in late 2024 after a cyberattack disrupted operations, affecting approximately 5,000 organisations and costing the UK economy an estimated £1.9 billion.
The new face of cyber threats
According to Mark McClain, founder and chief executive of SailPoint, today's cybercriminals have fundamentally changed their approach. "The bad guys don't break in anymore, they log in," McClain told City AM.
He explained that attackers now use valid credentials to access systems quietly, exploiting excessive permissions while remaining undetected for months. "They use valid credentials, move quietly through systems, and exploit excessive permissions," McClain said. "The consequences are far more damaging because they can remain undetected for months."
Identity security takes centre stage
Identity security has emerged as the critical frontier in protecting businesses against modern cyber threats. While traditional measures like firewalls remain important, McClain argues that sophisticated attacks now leverage stolen credentials or compromise non-human identities including bots, service accounts, and AI agents.
"It's not just employees anymore," he emphasised. "Contractors, seasonal workers, and machine identities all present unique risks. And now we're adding AI agents, semi-autonomous software that can adapt, learn, and act independently. From a security standpoint, that's a whole new level of complexity."
UK retailers including Marks & Spencer and Co-op have reported breaches linked to compromised credentials, while the Jaguar Land Rover incident involved lateral movement that allowed attackers to access multiple systems before detection.
The National Cyber Security Centre (NCSC) reports that nearly half of all nationally significant incidents in the past year were linked to advanced persistent threat actors, including criminal groups and state-affiliated operatives.
AI presents both opportunity and risk
The rapid adoption of artificial intelligence has added another layer of complexity to cybersecurity challenges. While businesses invest heavily in AI tools to drive productivity, uncontrolled adoption creates significant vulnerabilities.
The MIT State of AI in Business 2025 study revealed that while employees in over 90% of companies use personal AI tools, only 40% of organisations maintain official subscriptions, and a mere 5% report meaningful returns.
"Every business wants AI to work for them," McClain noted. "But security teams are right to be cautious. AI doesn't just accelerate legitimate work, it accelerates attacks, too. The sophistication of deepfakes and AI-powered social engineering is growing at an unprecedented pace."
SailPoint has developed what it describes as "industry-first" controls to ensure AI agents operate safely within enterprise environments, focusing on monitoring behaviour, enforcing policy compliance, and maintaining auditability.
Regulatory response and business resilience
High-profile breaches have compelled boards to treat cyber risk with the same seriousness as financial or operational risks. McClain observed a shift in governance, with companies increasingly recruiting CISOs or cybersecurity experts to non-executive roles.
"Boards are asking, 'Where are we exposed, and what's in place?'" he said. "Cybersecurity is no longer just an IT issue, it's central to risk management."
Government initiatives are also shaping the cybersecurity landscape. Tech Secretary Liz Kendall has emphasised the importance of national cyber resilience, while the proposed cyber resilience bill would require regulated companies to report incidents within 24 hours.
Meanwhile, plans for the UK's digital ID system, the 'Brit Card', highlight the intersection of citizen identity and national security. McClain cautioned that "centralising identity increases risk" and stressed the need for "distributed, adaptive controls to ensure that access is granted only when appropriate."
As businesses navigate the combined pressures of AI adoption, identity complexity, and regulatory expectations, the message from cybersecurity experts is clear: organisations must balance innovation with robust defence mechanisms to prevent rapid deployment of new technologies from inadvertently opening doors to attackers.
