At the start of 2024, a Hong Kong finance worker at a multinational firm joined what appeared to be a routine video call with senior leadership.
The call included people who looked and sounded like the company’s UK-based CFO and other executives, but they were actually AI-generated deepfakes.
This employee was ultimately tricked into authorising several transfers to different bank accounts to the value of around $25 million dollars.
This incident showcases that AI isn’t just a theoretical threat, it is actively being weaponised by cybercriminals to automate fraud and create highly convincing scams.
Lucas Molefe, Cybersecurity expert at ESET Southern Africa, describes AI as a driver of one of the fastest transformations the cybersecurity industry has ever seen.
Today, attacks are unfolding at machine speed, which allows malicious actors to operate far quicker and more efficiently than was previously possible.
This demands that organisations rethink long-standing assumptions about how attacks start and spread, and how they can be mitigated.
The business case for MDR
Managed Detection and Response (MDR) transforms cybersecurity from a reactive function into a continuous, intelligence-driven capability.
At its core, MDR combines advanced threat detection technology with human expertise. Instead of simply generating alerts, MDR providers actively monitor environments around the clock, investigate suspicious activity, and respond to incidents in real time.
“When you think about the number of threats the average organisation faces each week, having a solution that monitors and protects your environment 24/7 is a must for CIOs and CEOs who want to sleep easily at night,” he says.
With a prevention-first cyber strategy like MDR, the idea is to stop attacks before they can infiltrate systems or cause damage, rather than relying primarily on detection and response after a breach occurs, Molefe explains.
By focusing on blocking attacks early, MDR dramatically reduces the time between intrusion and containment, which is critical because the longer attackers remain undetected, the greater the potential damage and disruption.
One of MDR’s biggest advantages is access to scarce skills. According to the World Economic Forum, the global cybersecurity talent shortage could reach 85 million workers by 2030. Given these realities, building a fully staffed, 24/7 security operations centre is beyond the reach of many organisations.
“By providing on-demand analysts, threat hunters, and incident responders, MDR helps businesses overcome the cybersecurity skills shortage without the cost and complexity of hiring in-house experts.”
The need for speed
MDR also delivers the critical need for speed in incident containment.
He says,
“When a cyber incident happens, the board is typically less focused on the technical details of the attack and more worried about possible financial loss, reputational damage and regulatory penalties; all of which increase the longer the breach goes undetected and uncontained.”
Boards and business executives just want to get everything back to normal again, he explains. If you’re in charge of a big mining operation or you run a large manufacturing facility, even a few hours of downtime can translate into millions of rands in lost revenue. The faster you detect and contain an attack, the easier it is to reduce downtime and safeguard your organisation’s reputation.
“In cybersecurity, time is the ultimate currency,” stresses Molefe.
By turning cybersecurity into a continuous service rather than a collection of tools, MDR empowers organisations to stay ahead of attackers and protect the business’ assets, operations, and reputation in a world where every second counts.
