The cybersecurity environment changes so quickly, we can literally do a new report every month on what’s developing on this issue. In fact, that’s exactly what we intend to do.

This month we look at three issues:

• Agentic AI and the problems it presents • Possible threats from online add-ons to familiar platforms • The skill gap in cybersecurity

Here’s a quick look at each:

Agentic AI. A report from SailPoint calls AI agents “the new attack surface,” and that should come as no surprise. AI agents have almost free reign to access your most sensitive information, and there’s really no controlling what they do or where they go. Indeed, that’s rather the point of AI agents – that you don’t need to manage them. They just learn and do.

But an entity with information that sensitive is a risk to grant access where it isn’t warranted, or to leak sensitive information, or to give away credentials. A clever enough hacker might even direct an AI agent to wreak havoc on your digital operations.

The AI agent won’t do any of this on its own, of course. But that’s why it’s a concern as an attack surface. If a hacker can get to the AI agent, and you don’t have a method of protecting it, it’s like turning loose an enemy agent within your own company. We have tools in our tech bundle to secure AI agents, and our team is trained in recognizing the threats.

Add-In Threats. An add-in is something you download and install to augment an existing program. Most people are familiar with Chrome extensions, or Word Press plug-ins. There are also add-ins for things like Microsoft Outlook. Recently an Outlook add-in known as AgreeTo was abandoned by its developer, but the link to download it remained on the Microsoft Store. A clever hacker commandeered the URL and built a fake website that looked just like the original one for AgreeTo. More than 4,000 people entered their log-in credentials, leaving their Microsoft accounts exposed.

We can help train your team on how to spot fakes like this, and we can also help you recover if your people end up with their accounts exposed.

Most of all, be careful what you download. The AgreeTo fake was very clever and even very experienced professionals might have been fooled by it. We can give you some tips on how to spot such a trap, though.

The Cybersecurity Skills Gap. This is a very big problem in the industry. Universities are only just now starting to recognize the need for cybersecurity curricula, and even then it’s hard to find people who are qualified to teach it. (They really need to tap adjunct professors who work in the field. Our evenings are usually free.)

Adding to the problem is the fact that cybersecurity moves so quickly, there is fresh training required just about every week.

We’re glad to say UBX Cloud has a full and well-trained cybersecurity team to go with an excellent tech bundle, and we train our people regularly on the latest developments.

Too many companies figure that if they have an IT department, they must be up to speed on cybersecurity. That is not necessarily true at all. And you’re better off working with a company like ours that maintains the knowledge and the training than looking in vain for an internal person who only knows so much.