Advancing digitalisation and the rapid deployment of artificial intelligence (AI) are fundamentally changing the IT landscape. Particularly in the area of cybersecurity, the question arises as to how the interplay between AI and human expertise can be optimally designed. On Safer Internet Day 2025, we asked leading experts how companies can proactively fend off attacks and respond effectively in an emergency. The result: a clear message – automated systems and human judgement are two sides of the same coin.
The invaluable human expertis
Kristian von Mejer, Director, Central and Eastern Europe at Forescout Technologies, emphasises:
“AI-based attacks are increasingly putting pressure on IT and OT environments. Right now, human expertise is essential when it comes to analysing the overall security situation. This is because complete visibility across all connected systems – from cloud workloads to industrial control systems – requires an in-depth understanding of the specific risks and dependencies in the entire digital ecosystem. While automated systems ensure continuous monitoring and protection of all assets, it is the security experts who, through their holistic understanding of the infrastructure, can set the right priorities and distinguish critical from non-critical alerts.”
The statement emphasises that while AI is capable of monitoring a wealth of data in real time and identifying potential threats, ultimately evaluating the actual risks remains a human domain. Only experts can make crucial decisions based on an in-depth understanding of complex IT infrastructures.
Human intuition as a counterbalance to machine precision
Michael Heuer, VP Central Europe (DACH) at Keepit, adds:
“In the age of AI-based cyber attacks, the human ability to understand complex relationships and make security-critical decisions is becoming more important than ever. Our automated systems for device protection work autonomously, but defining security policies and evaluating exceptions requires human intuition. The integration of human intuition and machine precision creates the necessary balance for a robust cybersecurity strategy.”
Heuer emphasises that the strength of AI lies in its ability to perform rapid, data-driven analysis. However, without the human component, which is able to incorporate context and nuance, a central dimension of cybersecurity would remain unaddressed. Combining both approaches results in a security concept that reacts flexibly yet precisely to constantly changing threats.
Context-sensitive threat assessment
Christian Borst, CTO, EMEA at Vectra AI, sees the decisive added value in context-based analysis:
“While AI-based attacks are becoming increasingly sophisticated, human judgement remains the key to context-based threat analysis. Our AI systems detect anomalies and patterns, but the final evaluation of relevance and strategic decision-making is in the hands of experienced security experts. The combination of AI-based detection and human expertise enables us not only to detect threats, but also to holistically assess and manage their potential impact on the business.”
Borst sums up that automated detection of security anomalies is only the first step. The final assessment and prioritisation of incidents still requires humans who are able to recognise complex relationships and make strategic decisions. This hybrid method enables comprehensive threat analysis that is both reactive and proactive.
Challenges posed by new AI-based attack methods
Ingo Lalla, Chief Sales and Marketing Officer (CSMO) of SpaceNet, points out how AI is also used as a tool in the hands of cybercriminals:
“The use of AI enables new methods of attack because it processes large amounts of data, generates higher-quality texts and dynamically controls attacks. In this context in particular, human judgement is indispensable for detecting and averting threats at an early stage. Effective use requires a great deal of experience and judgement on the part of experts. The combination of human expertise and technology is optimal when it comes to detecting anomalies, real-time monitoring and threat intelligence.”
Lalla emphasises that AI is not only used for defence, but also to carry out attacks. The ability to recognise complex and dynamic attack patterns relies heavily on the critical thinking and experience of experts. The use of AI in threat defence must therefore always go hand in hand with a well-founded, human understanding of the current security situation.
Phishing in the age of AI – protection through phishing-proof authentication
Alexander Koch, SVP Sales EMEA at Yubico, discusses the changing dynamics of phishing attacks:
“The impact of AI has fundamentally changed the cyber threat landscape. Phishing attacks in particular are evolving and have taken on a whole new dynamic. They deliberately target human judgement. It is no wonder, then, that phishing attempts and stolen credentials are often the starting point of a successful cyber attack. This is why it is essential not to rely solely on your own judgement, but to use phishing-resistant authentication tools – including Passkey options such as security keys that cannot be bypassed by phishing even if human decision-making capabilities fail.”
Koch’s assessment makes it clear that in the fight against sophisticated phishing methods, technological solutions, such as phishing-proof authentication methods, are essential. The automation of security processes can help to compensate for human weaknesses, without completely disregarding the valuable contribution of human intelligence.
Conclusion
The experts’ statements on Safer Internet Day 2025 paint a clear picture: the future of cybersecurity lies in the synergetic combination of AI and human expertise. While automated systems excel at continuous monitoring and rapid response to security incidents, the human component remains indispensable – whether it’s evaluating complex relationships, prioritising alerts or making strategic decisions in the event of a crisis.
Companies should therefore invest in technologies that optimally combine AI and human expertise. Only in this way can a robust and future-proof cyber defence be ensured in a threat landscape increasingly characterised by AI-supported attacks. Safer Internet Day 2025 makes it clear: it is the interaction between humans and machines that makes the crucial difference.
