Business & Technology
Cybersecurity has a speed problem
When Anthropic unveiled Claude Mythos in April, the reaction across the cybersecurity industry was immediate. Boards demanded answers, tech leaders called urgent meetings, and a familiar narrative began to take hold: AI is changing the rules of cybersecurity.
But while this is partly true, it misses the real point. AI hasn’t changed the rules. It has simply sped up the game and exposed that the rules were already broken.
For years, cybersecurity operated on a relatively stable assumption. If attackers discovered a vulnerability, it would take time to exploit it, and defenders would have a window to respond. That window was never perfect, but it made the system workable.
That time is now gone. In 2018, the average time between discovering a vulnerability and exploiting it was measured in years. Today, it is measured in hours, so this isn’t a gradual shift, it’s a fundamental change in how cyber risk behaves.
What tools like Mythos show is not a leap in technical capability, but a breakthrough in execution. Vulnerabilities that have existed for decades can now be found and exploited almost instantly. The bottleneck is no longer discovery. It is deciding what to fix and doing it fast enough.
So, this is where the real challenge begins.
On the defensive side, organisations are increasingly overwhelmed. AI systems can surface huge volumes of vulnerabilities, but they are far less effective at identifying which ones are actually exploitable. Security teams are left with growing backlogs, trying to prioritise risk while the cost of delay continues to rise.
Attackers, meanwhile, face a much simpler problem. They do not need to fix anything. They only need one viable path. AI gives them the ability to test multiple options and select the most effective route at machine speed.
This imbalance sits at the heart of the issue.
It is also being reinforced by a deeper structural problem. Many organisations still manage cybersecurity as if time is on their side. Annual penetration tests, slow patch cycles and retrospective reporting are all built on the assumption that vulnerabilities can be addressed before they are exploited.
That assumption no longer holds, especially as at the same time, the attack surface continues to expand. Every new integration, cloud service or legacy system creates another potential entry point. In many cases, the greatest risks do not come from well-tested core systems, but from overlooked suppliers or outdated components that no one wants to touch.
This is why the Mythos moment is about more than software flaws. It is about digital exposure. Most organisations do not fully understand what is exposed or how it could be exploited.
Therefore, the response cannot be to simply do more of the same, and this isn’t a problem that simply hiring more analyst can solve. The scale and speed of modern threats have already outgrown what humans can handle alone.
What is needed is a shift in approach, from reacting to incidents to continuously validating risk.
That shift depends on three things: visibility, validation and speed. Organisations need to understand what is exposed, prove what is actually exploitable, and act before attackers do.
But even that is not enough on its own.
We are now entering a phase where cybersecurity becomes an AI versus AI problem. Attackers are already using automated systems to scan, test and exploit vulnerabilities at scale. Defenders will have to respond in kind, using AI to continuously probe their own systems, simulate attacks and prioritise real risk.
The difference will come down to how effectively that technology is directed. AI can generate possibilities at scale. It can surface thousands of potential weaknesses. But it still lacks context. It cannot reliably decide what matters most, or what a real attacker would do next, and that responsibility still sits with humans.
Which means the real battleground in cybersecurity is shifting. It is no longer about who can find vulnerabilities first. It is about who can make better decisions, faster.
AI will continue to uncover weaknesses. That is inevitable. The question is who can turn that information into action before it is exploited.
Because cybersecurity is no longer just a technical challenge, it is a race, and right now, most organisations are running behind.
AR Property Partners unveiled their Oxford office at The Old Police House, Old Botley, on May 1.
Twilight the unicorn was in attendance to help the team spread their unique brand of magic.
Guests at the opening enjoyed drinks, nibbles, and a cake made by Happy Cakes.
The firm also involved children from Botley, North Hinksey, and West Oxford Primary in creating a community garden.
The garden project was done in collaboration with Bunkers Hill Plant Nursery.
Botley Primary’s Eco Warriors came to the opening to see their garden and meet Twilight.
AR Property Partners offers a unique approach to sales, lettings, and mortgage services, with their new office set to aid the Oxford community.
The Midcounties Co-Operative in Dorchester, near Wallingford, has been a much-valued food shop in the High Street of the village.
But the company has confirmed it will be closing the store and selling the building in the near future, after it became ‘financially unsustainable’ to continue trading.
READ MORE: Oxford drug dealer caught with more than £17k in cash jailed
No other store location could be found and the village is going to be left without a supermarket.
A spokesperson for Midcounties Co-Operative said: “As a Co-operative Society owned by our members, we regularly review our estate to ensure our stores are profitable and provide an essential purpose within the communities they serve.
“As part of this process, and after careful consideration, the society has made the difficult decision to close our Dorchester-on-Thames store.
“Unfortunately, despite the best efforts of all of our colleagues, the store has been financially unsustainable for some time and there is no viable opportunity to improve the financial position of the store.
“We have also explored other options in the local area to potentially relocate but regrettably have been unable to secure any other suitable location on this occasion.
“Our first priority is to offer our support to all colleagues during what we recognise will be a difficult time.
READ MORE: Abingdon woman ‘shocked’ after cat killed by neighbour’s dog
“We have now entered a formal consultation period with those colleagues affected and, where possible, will look to identify suitable alternative roles within our wider society.
“At this time, the store remains open for trading as usual and we will keep colleagues and the wider community informed about potential timelines for the closure.
“We look forward to continuing to welcome our members and customers at our food stores across the region, including our Berinsfield food store, just over one mile away.”
A statement from Dorchester Parish Council made shortly after the announcement said: “This clearly raises a number of questions for us as a community, which values its shop.
“In response to this news, we can let you know that the parish council is already discussing behind the scenes with parties’ ways of keeping a store on site but at this stage it is not possible to share more details on this.”
The council said one option is registering the shop as an asset of community value, which will be discussed at the next parish council meeting, and further information will be shared when possible.
READ MORE: Closed UK private school sells off minibuses and equipment
Freddie van Mierlo, MP for Henley and Thame (Liberal Democrat), said: “I’ve written to the co-op to ask why they plan to close this vital shop for the community.
“Residents have shared with me their concerns who are worried about the impact this will have on the village.”
No closure date for the shop has yet been announced.
KAREN JOY BACUDO
Finance Editor
CBI reported a 14% rise in 2025 revenue and an EBITDA margin of 21%. The group’s shareholders approved the results.
Growth was driven by a mix of payment and data services used by banks, payment service providers and public bodies. CBI also published its 2025 Impact Report alongside the annual results.
Among the main contributors was CBI Name Check, a verification-of-payee service that checks whether a beneficiary’s name matches an IBAN before a payment is made. The service has averaged 150 million checks a month since going live across the European Economic Area in October 2025.
Check IBAN also expanded during the year. The service, which verifies matches between IBANs and VAT numbers in real time, recorded 36% growth from 2024 and passed 28 million cumulative checks.
CBILL, CBI’s platform for online bill and tax payments, processed more than 100 million transactions, up 9% year-on-year. CBI Globe – Active Functionality, which allows payment service providers to operate as third-party providers under PSD2, posted more than 70% year-over-year activity growth.
The group also highlighted the launch of Request to Pay, a system for handling digital collections. The service forms part of a broader push to expand CBI’s role in open finance and payments infrastructure.
CBI serves more than 400 financial institutions and payment service providers and has operated in the sector for more than three decades. The Bank of Italy supervises it and acts as a critical provider of infrastructure or services within the country’s financial system.
The results come as financial groups across Europe face tighter regulatory requirements and continued demand for digital payment tools, account verification services and shared infrastructure. CBI’s business model centres on providing common platforms that banks and other providers can use across payments, transaction banking, electronic bill presentment and open finance.
At the shareholders’ meeting, CBI also set out its strategic direction for the coming years. It aims to strengthen its international presence, broaden its open finance offering, and participate in broader industry changes, including digital identity services and European payment projects.
Salvatore Maccarone, President of CBI, linked the latest performance to that strategy.
“In 2025, not only did CBI ensure continuity in its planned activities, but it also broadened its scope of action, laying the foundations for developments that will guide us over the medium to long term,” said Salvatore Maccarone, President of CBI.
“In line with the 2025-2028 strategic plan approved last year, our objective is to strengthen our international footprint, broaden our range of solutions in the open finance space and play an active role in system-wide transformations, such as digital identity services and European payment initiatives. These include the Digital Euro, an ambitious project representing one of the most significant efforts in financial harmonisation and innovation currently underway in the European Union,” he added.
Clearing system
Another part of the plan is the development of CBI-Comp, a multilateral clearing system for domestic retail payments. The platform will handle cheques, commercial collections and card transactions.
The project would move CBI deeper into the core of Italy’s banking system, extending its role from overlay services such as bill payments and account checks to transaction processing. It reflects the group’s focus on operational continuity and governance in critical banking infrastructure.
Liliana Fratini Passi, Managing Director of CBI, said the clearing system marked an important step in that effort.
“The development of the new CBI-Comp multilateral clearing system shows our ability to manage a critical infrastructure for the operational continuity of the banking system, ensuring resilience, reliability, and full industrial governance,” said Liliana Fratini Passi, Managing Director of CBI.
“In recent months, we have further reinforced our role as a key enabler of innovation within the financial system. The results achieved by mature services such as CBILL, as well as open finance initiatives including CBI Name Check, confirm the effectiveness of a strategy based on coopetition, responsible technological innovation and international expansion. At the Shareholders’ Meeting, we also presented our Impact Report, which clearly outlines CBI’s commitment as a Società Benefit and the value we have delivered to the banking sector in terms of measurable ESG impact for the banks we collaborate with,” she added.
Impact report
The 2025 Impact Report outlines the company’s work since adopting Società Benefit status, a legal form in Italy that combines profit-making aims with public benefit objectives. It is intended to show how CBI seeks to create long-term value for the financial sector and other stakeholders through social and environmental goals, as well as commercial activity.
For CBI, that adds a governance and reporting layer to a year defined mainly by expansion in transaction volumes and verification services. The latest figures show rising usage across several core products, led by account and payee checks as fraud controls and payment confirmation tools become more common across European financial markets.
Oxford, and the ongoing appeal of the literary canon
Middle East crisis live: Iran reviewing peace proposal as Trump says a deal ‘very possible’ | US-Israel war on Iran
Oxford estate agent office opening attended by unicorn
-
Crime & Safety2 weeks agoBicester man denies sexually assaulting two young girls
-
Oxford News3 weeks agoBanbury cake company with 400 year history shut down
-
Crime & Safety3 weeks agoBicester crash: Motorcyclist ‘seriously injured’ in hospital
-
UK News2 weeks agoStarmer says it ‘beggars belief’ he wasn’t told about Mandelson vetting failure as he faces Commons – UK politics live | Politics
-
UK News2 weeks agoTV tonight: Shetland meets CSI in a new drama about a disgraced cop | Television
-
Crime & Safety3 weeks agoLorry overturns on Oxfordshire A43 roundabout with driver trapped
-
UK News3 weeks agoV&A faces calls to become living wage employer on eve of Stratford opening | V&A
-
UK News3 weeks agoFears over rogue parking by sunrise-chasers at national park after overnight ban