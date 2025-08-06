Building Stronger Security by Thinking Like an Attacker
London (ots) - - Cyber threats in the UK are escalating. Attackers are faster,
more automated, and increasingly AI-driven, outpacing traditional defences like
firewalls and vulnerability scans.
- Many organisations still rely only on passive, defensive security leaving them
uncertain whether their systems would withstand a real attack.
- Proactive, autonomous penetration testing is a key cornerstone of a modern
Cyber Security strategy, as part of a Continuous Threat Exposure Management
(CTEM) approach.
- Cybersecurity expert Keith Poyser urges regular, attacker-style testing to
uncover weaknesses early, fix before exploited, build customer trust, and
prepare for stricter regulations.
Cybersecurity has never been more critical in the UK, as organisations face a
rapidly evolving threat landscape impacted by geo political tensions in the
region, cyber focused organised crime and hybrid conflict. Today's attackers are
becoming faster, more automated, and increasingly powered by artificial
intelligence, making traditional defensive strategies less effective on their
own. At the same time, regulatory pressure is intensifying, with businesses
expected to demonstrate measurable risk management. Recent high-profile cyber
incidents at multiple flagship retailers have provided a stark reminder that
conventional approaches are no longer enough.
While most organisations claim to prioritise security, few put their defences to
the test. Too many rely on conventional, passive measures such as checklists,
audits, and the assumption that layered systems will hold when challenged. This
approach is like installing an elaborate alarm system in a home without ever
checking if it will actually trigger during a break-in. What organisations truly
need is offensive security
(https://horizon3.ai/intelligence/blogs/what-is-offensive-security/) :
continuous testing that probes every possible entry point to uncover weaknesses
before attackers do. Keith Poyser, Vice President for EMEA at cybersecurity
company Horizon3.ai (http://horizon3.ai) , recommends running such a "break-in"
at least once a month through regular autonomous penetration testing, to
identify any exploitable weaknesses, with prioritised remediation, rather than
be left waiting to be exploited. Rather than relying on manual, human
penetration testing, which may look at around 5% of a company's attack surface
and can take weeks, Horizon3.ai operates an offensive security platform called
NodeZero. It delivers 100% coverage, operates 18 times faster than humans, and
enables organisations to conduct production-safe cyberattacks on their own IT
infrastructure ('penetration tests') to show how to fix, and test the fix, on a
