Why Ransomware and AI Demand a New Approach to Cybersecurity

Cybersecurity is evolving rapidly, with organizations facing complex threats and rising regulatory demands. From ransomware to AI-driven attacks, staying resilient is more critical than ever. In this article, Stef de Graaf from Yellowtail shares his perspective on the most pressing threats, industry trends, and practical approaches to prevention, detection, and response.

What are the most pressing cybersecurity threats today? In our opinion ransomware is still the most urgent threat, but it’s evolving. We now see double extortion: attackers not only encrypt data but also threaten to leak it.

• What specific challenges does this threat pose? A major challenge is visibility especially when attackers infiltrate via suppliers or SaaS providers, which makes detection and accountability more complex.
• Are there any recent incidents or trends related to this threat? Recently, mid-sized IT vendors have been frequent targets, with ripple effects for their clients. This highlights the need for clear third-party risk management and scenario testing. Key Control Dashboard helps organizations to stay ahead by mapping responsibilities and ensuring continuous monitoring of internal and external risks when attacks come from unexpected directions.

What cybersecurity trends are shaping the industry? One of the most significant shifts we’re seeing in the cybersecurity landscape is the move away from compliance checklists towards a focus on real operational resilience. Organizations are beginning to realize that checking boxes for audits or frameworks may provide a false sense of security. In today’s environment you must prove you’re able to detect, withstand and recover from an attack. This is caused by trends such as continuous threats, integration of cybersecurity into core business strategy, rise of resilience metrics and simulation-based testing. The future of cybersecurity lies in building adaptive and resilient systems that threat risk as a continuous business function, which makes resilience the new compliance.

• Can you highlight recent technological advancements or evolving attack strategies? Over the past year, we’ve seen a rapid acceleration in the use of AI across the cybersecurity landscape by both defenders and attackers. On the defense side AI driven threat detection systems have become more advanced, enabling real-time analysis, anomaly detection and behavior-based threat detection. This reduces response times and help mitigate threats before they cause damage. However, attackers are also leveraging AI to increase scale of their operations. AI-generated phishing campaigns produce convincing and personalized emails. Large language models are being exploited to create malicious code snippets, deepfake content and even generate chatbot-driven attacks. Also, AI is being used to identify and exploit zero-day vulnerabilities faster.
• How do these trends impact businesses’ defense strategies and risk assessments? These trends require businesses to rethink their defense strategies. Traditional controls aren’t enough, real-time insights and shared responsibility models are key. With new regulations like NIS2 and DORA, organizations must prove they’re in control. Key Control Dashboard supports this shift by linking risks to responsible roles, automating control monitoring, and providing one clear platform for oversight and accountability.

How does your organization address cybersecurity challenges and opportunities? At our organization, cybersecurity is deeply embedded in how we support companies with GRC, ISMS, and Privacy Management Systems. With our easy to customize and integral GRC-tool we help organizations design and visualize the processes they need to manage governance, security, and privacy effectively. Our focus is on a decentralized approach that promotes accountability and engagement among employees. By putting ownership of controls closer to the business, we ensure that security becomes part of the organizational culture rather than just a technical layer.

• What is your approach to prevention, detection, and response? We take a risk-based and data-driven approach. This means we prioritize actions based on the most critical risks and use insights from data to continuously improve. Organizations using our platform are better equipped to allocate resources where they have the greatest impact. For prevention, we focus on enabling organizations to set up strong policies and workflows. This includes regular risk assessments, policy updates, and control tests to minimize vulnerabilities. For detection, our application supports continuous monitoring of controls through dashboards and alerts. This allows organizations to identify deviations and emerging risks early and act on them quickly. For response, we provide structured workflows for handling incidents. Our application helps organizations manage data breaches, from detection to reporting and follow-up actions. For broader security incidents, we promote the use of playbooks and simulation exercises so teams can respond effectively under pressure.
• Can you share specific strategies, technologies, or best practices you implement? Our approach combines proven strategies and modern technologies that help organizations implement decentralized accountability, visualize key processes, and make risk-based decisions. Our GRC-tool supports functions such as risk assessments, privacy impact assessments, and real-time dashboards to give clear oversight of security and compliance status. In practice, we advise organizations to regularly update policies, train staff in security awareness, and test their incident response plans through exercises. By connecting IT, compliance, and operations in one system, we break down silos and strengthen resilience.

Why is Cybersec Netherlands an essential industry event? Cybersec Netherlands brings together the most critical voices and innovations in the cybersecurity landscape. This is essential because it creates a focused platform to engage with professionals from different sectors where compliance, risk management, and information security are under constant pressure. Besides, CyberSec Netherlands brings public and private organizations together. Only together we can make the world resilient and CyberSec Netherlands plays an essential part in this. The event gives insight on the challenges organizations are facing and which solutions are gaining traction. With increasing regulatory demands and growing threats, it’s more important than ever to share knowledge and strengthen our collective digital resilience.

• What is the value of in-person networking and knowledge sharing? In-person networking accelerates trust and understanding, especially in a domain like cybersecurity, where the stakes are high and solutions are often complex. Conversations at events like CyberSec allow us to dive deeper into the real-world challenges professionals face. Sometimes the most valuable insights or collaborations start from a casual chat over coffee or a shared interest during a presentation. Besides in-person networking and knowledge sharing stimulates ideas for innovation. For example, if you have a product like us or to create new ideas in relation to cybersecurity (threats).
• How have past industry events contributed to cybersecurity advancements? Industry events have played a key role in turning abstract concepts like “cyber resilience” and “GRC integration” into real-world practices. They’ve helped break silos between IT, compliance, and operations by showing what’s possible when technology and governance align. For us, previous events have not only sharpened our product roadmap through direct user feedback but also created long-term partnerships that helped organizations become demonstrably audit-ready and risk-aware. These events continue to push innovation forward by showcasing new frameworks, tools, and success stories that others can learn from and build upon.

As cyber attacks continue to threaten today’s tech landscape, this event is the premier platform for seasoned cyber security professionals and innovative start-ups to exchange knowledge and tackle cybersecurity challenges together. Organizations across all sectors will discover strategies to boost cyber resilience and safeguard critical assets. Don’t miss this chance to strengthen your cyber defenses.

Simultaneously with Cybersec Netherlands, the Data Expo takes place in Hall 12—the perfect spot for additional knowledge, insights, and inspiration in the field of data.