Building resilience in an age of increasing cyberattacks

Something I’m seeing more as part of my role at Polpeo is the growing concern about how a business would fare if it was hit by one of the new methods of cyberattacks The post Building resilience in an age of increasing cyberattacks appeared first on Elite Business Magazine.

Apr 10, 2026 - 19:22

Building resilience in an age of increasing cyberattacks

We’re living in a time when the threat of cyberattacks is higher than ever before, artificial intelligence is relatively cheap and easy to use, and things like deepfake scams are now happening on an industrial scale as a result.

So many leaders we speak to, in organisations of all sizes, are worried about how their business would handle these newer forms of cyberthreats.

The rise of AI poses opportunities and risks

AI can be amazing for business. But it has a dark side too and we all need to train our employees on how to protect the organisation from its risks, particularly deepfakes.

The World Economic Forum says disinformation (including deepfakes) is number two on the list of concerns of global CEOs in the next two years.

Just recently, we’ve heard about Meta’s AI leaking confidential company data to an employee. And this is following an incident in 2025 when AI deleted an entire database.

As leaders, we need to put safeguards in place to prevent these sorts of issues and train our teams on how to protect themselves and the wider business.

Employees can be a point of vulnerability

People are fallible.

We’re vulnerable to social engineering attacks, deepfakes, phishing, and being persuaded to spread mis and disinformation.

We’ve seen cases like the finance worker at Arup Engineering transferring $25m of company money to a deepfake scammer (thinking it was the CFO).

And from Polpeo’s work with several organisations, I know that cyberattacks are using increasingly sophisticated social engineering scams to get access to company systems.

There are things you can do

The scale and number of threats out there can feel overwhelming and impossible to defend against, but there are things we can all do to minimise the risk.

Social engineering attacks are harder to carry out when employees feel supported, psychologically safe and listened to at work. When they feel that it’s less risky for them to be seen to ask a silly question or challenge authority than it is to give someone information when they suspect something isn’t quite right. Focus on company culture, psychological safety at work and running education programmes, for example the NPSA It’s Ok to Say programme.
Deepfake technology is improving, but on less sophisticated attacks there may still be some giveaways that help you identify fakes. It could be the way someone talks, or body language inconsistencies, or issues with the AI rendering the human’s appearance (although this is getting harder to spot). But one of the things about these attacks is they put pressure on the target to act quickly, often not giving them time to analyse what they’re seeing. Training people to challenge anything that feels off is really important, particularly if they are new to the company or if you have a strict hierarchy in place where someone might not feel comfortable challenging a more senior member of the team.
You can also minimise risks by using multiple approvals for things like financial transactions and having procedures in place that put extra barriers between employees and the action they’re about to take – especially if it involves transferring funds or giving out confidential information. Everyone should follow these processes – that way no one feels uncomfortable challenging someone.

Technology continues to develop at a rapid pace, and cyber criminals will always find ways to use this new technology to cause harm and disruption.

But there are things we can all do as leaders to improve resilience and minimise the risks that these methods pose to our organisations and people.