At the same time, companies must strengthen their AI models and data security to reduce exposure to manipulation by AI-enabled malware. Such risks could include, for example, immediate injections, where a malicious user prompts an AI model to perform an unintended action, bypassing its original instructions and security measures.
Agentic AI adds, hackers are able to use AI agents to automate attacks and make strategic decisions without constant human supervision. “Agentic AI has the potential to eliminate the cost of the assassination chain,” says Bailey. “This means that everyday cybercriminals can begin to execute campaigns that today only well-funded espionage operations can afford.”
Organizations, in turn, are exploring how AI agents can help them stay ahead. Nearly 40% of companies expect agent AI to augment or support teams in the next 12 months, particularly in cybersecurity. Cisco’s 2025 AI Readiness Index. Use cases include AI agents trained on telemetry, which can identify anomalies or signals from machine data that are too varied and unstructured to be understood by humans.
Calculating quantum risk
As many cybersecurity teams focus on the very real AI-driving threat, Quantum is waiting for the opportunity. Nearly three-quarters (73%) of US organizations Survey conducted by KPMG He says he believes it’s only a matter of time before cybercriminals use quantum to decrypt and disrupt today’s cybersecurity protocols. And yet, the majority (81%) also admit they could do more to ensure their data remains secure.
The companies are fine. Threat actors are already performing Harvest now, decrypt attacks laterstoring encrypted data sensitive to cracking once quantum technology matures. Examples include state-sponsored actors to intercept government communications and cybercriminal networks that store encrypted Internet traffic or financial records.
Big tech companies are among the first to ditch quantum defenses. For example, Apple is using the cryptography protocol PQ3 To defend against harvesting, later decrypt decryption attacks on its iMessage platform. Google is testing post-quantum cryptography (PQC).which is resistant to both quantum and classical computer attacks in its Chrome browser. And Cisco has made “significant investments in quantum-proofing our software and infrastructure,” Bailey says. “You’ll see more enterprises and governments taking similar steps over the next 18 to 24 months,” he added.
Just like the US rules and regulations Quantum Computing Cybersecurity Readiness Act Describe requirements for mitigating against quantum risks, including standard PQC algorithms National Institute of Standards and Technologya wide range of organizations will begin building their own quantum defenses.
For organizations embarking on this journey, Bailey outlines two key steps. First, establish visibility. “Understand what data you have and where it lives,” he says. “Take inventory, assess sensitivity, and review your encryption keys, rotating those that are weak or outdated.”