AI Agents Are Employees Now—Here’s How To Manage Them |
Ransomware used to be a popular trend in cyberattacks, but while cyberattacks are still pervasive, attackers have simplified their methods. New research from cyber risk company Resilience found that more than half of all cybersecurity claims in 2025—57.6%—involved just data theft: No encryption threat or ransom demand for its decryption. And theft-only attacks are becoming more common, rising 16% from the first half of 2025 to the second half of the year, when data theft accounted for nearly two-thirds of all attacks.
In a blog post from Resilience Director of Cyber Threat Intelligence Andrew Bayers, he writes that ransomware is rather complex. Attackers need to obtain encryption malware, get it onto systems undetected, and manage the decryption keys. Data theft is easier, and it can have the same financial impact on a company. Instead of extorting money to decrypt data in a company’s own system, an attacker can just threaten to release sensitive data if the ransom isn’t paid.
Attackers who focus solely on data theft, Bayers writes, are highly strategic. They’ve likely stolen credentials earlier, and spent weeks or months figuring out where the enterprise’s most sensitive data lies and how to seize it. Resilience found that nearly 2 billion credentials were stolen through a variety of campaigns in 2025, and stolen credentials appeared in the logs of the majority of data ransom victims before the attack.
This means that it’s time to shift enterprise cybersecurity defenses, Bayers writes. While data backup is still important, it’s less likely to save your company from extortion by a hacker. The primary defense strategy should be to prevent credential theft. Many enterprises have turned up their focus on credentials quite a lot in recent years, and these attacks show now is no time to back down. CISOs and security staff should also pay more attention to which credentials have been compromised, keeping a close eye on how those credentials access the system—and potentially making last-minute changes to avert data theft.
Enterprises are also making shifts to deal with AI agents. Satisfi Labs has built agents for companies since 2016, and has years of experience with AI “employees” in the workforce. I talked to CEO and cofounder Donny White about how to manage AI agents. An excerpt from our conversation is later in this newsletter.
Nominations are now open for Forbes AI 50. The eighth-annual list, in collaboration with sponsoring partner Mayfield, will recognize the most promising startups deploying artificial intelligence in financing, scientific discovery, construction and more.
Apple’s Siri is reportedly getting much more than the update on the way earlier this year. Bloomberg reported that Apple is turning the voice-activated feature in its operating systems into a deeply embedded AI chatbot. The new chatbot, code-named Campos, will bring Apple into the same competitive realm as ChatGPT and Google Gemini—and take its AI-powered Apple Intelligence features farther than the summaries and emoji generator it has now.
Bloomberg writes that the Apple chatbot will be able to perform tasks similar to other chatbots: search the web, create written and image content, summarize information and analyze files. It will also be able to use personal data to locate calendar events, text messages and specific songs. Additional capabilities include analyzing open windows and on-screen content........