Human + AI the next frontier in cyber defence

From left: Sysco LABS Cyber Security Director, APAC Business Information Security Officer Shanthi Rajesh, Brandix/Fortude IT Infrastructure and Security General Manager Prageeth Kapuruge, Cargills Bank Group Chief Information Officer Druvi Vaidyakularatne, MillenniumIT ESP Managed Security Services Director Mushtaq Mukthar and Moderator Nations Trust Bank Chief Information Security Officer Chamath Malinga  

• Experts at Daily FT-CICRA 11th annual Cyber Security Summit discuss how the human–AI alliance will redefine speed, precision, and judgment in cybersecurity

By Hiyal Biyagamage

The second session of the 11th Annual Daily FT–CICRA Cyber Security Summit explored the rapidly evolving relationship between human expertise and artificial intelligence in strengthening cyber defences. Delivering the keynote address on “The Human–AI Partnership: Augmenting Cyber Teams with Intelligent Automation,”, Sysco LABS Director of Cybersecurity and Sysco’s Business Information Security Officer (BISO) for APAC, Shanthi Rajesh outlined how intelligent automation can bridge the widening talent and response gaps in modern cybersecurity.

A new era of human–AI synergy

Rajesh opened by noting that the global AI cybersecurity market is projected to reach USD 134 billion by 2030, underscoring how         organisations are moving from manual, reactive operations to AI-augmented ecosystems that respond to threats at machine speed. She emphasised that cyberattacks are now increasing by 13% annually, even as the global cybersecurity workforce gap expands to 3.4 million professionals. This imbalance, she explained, makes intelligent automation not optional but essential to sustaining business resilience.

“AI doesn’t replace the human element. It enhances it,” Rajesh remarked. “We need both the speed of machines and the intuition of people to stay ahead of evolving adversaries.”

She described humans as excelling in abstract thinking, creativity, empathy, and adaptability, while AI contributes speed, precision, pattern recognition, and scalability. The most effective cybersecurity strategy, she argued, lies in fusing these strengths into a cohesive, symbiotic defence framework.

Rajesh also detailed how AI is already transforming key security functions, from email filtering and threat hunting to endpoint protection and anomaly detection. Machine learning models now identify phishing emails, automate the hunt for hidden threats, and protect individual devices through continuous monitoring.

According to Sysco’s internal analytics, integrating AI in cyber operations has achieved up to 90% faster threat detection, 60% reduction in false positives, and 75% shorter response times. AI systems now analyse 3.1 billion monthly transactions to identify anomalies that human analysts might overlook, allowing cyber teams to focus on strategic decision-making rather than repetitive alert triage.

“AI enables human analysts to work smarter, not harder. By automating low-value tasks and providing contextual intelligence, we empower our teams to focus on what truly matters, which is anticipating the next breach, rather than cleaning up after the last one,” said Rajesh.

The double-edged sword of AI in cybersecurity

However, Rajesh cautioned that the rise of adversarial AI and data manipulation attacks presents a new layer of risk. Threat actors are now using automated bots, model poisoning, and prompt injection to manipulate AI systems themselves. “We must remember that AI can be weaponised,” she warned. “As defenders adopt AI to strengthen their systems, attackers are doing the same to outsmart them.”

She called for stronger AI governance frameworks, referencing standards such as NIST AI RMF 1.0 and ISO/IEC 42001, which provide guidelines for risk management, bias reduction, and transparency. Ensuring human oversight in automated systems, she said, remains critical to preventing unintended consequences.

Rajesh also highlighted that 65% of AI users are Millennials or Gen Z, reflecting how younger, digital-native professionals are driving adoption across industries. Today, 72% of companies worldwide use AI in at least one business function, with 90% reporting significant efficiency gains. “This generational shift means AI is the present, not the future. The challenge now is ensuring that this adoption happens responsibly and inclusively,” she noted.

In closing, Rajesh reminded participants that the future of cybersecurity is not robotic but relational. Quoting Google CEO Sundar Pichai, she said, “The future of AI is not about replacing humans, but about augmenting human capabilities.” The next frontier, she concluded, will depend on organisations’ ability to build feedback loops where AI provides raw intelligence and humans apply strategic insight.

“The best cybersecurity strategies still begin and end with people. It’s about people who can think critically, adapt quickly, and ask better questions than any algorithm ever could. That’s the future we must build together,” concluded Rajesh. 

The AI-human partnership

Delivering the guest address during the second session of the Daily FT–CICRA Cyber Security Summit 2025, Fortude General Manager – IT Infrastructure & Cyber Security, Prageeth Kapuruge explored how AI-driven automation is redefining the efficiency and scalability of modern cyber operations. Speaking on “The Human–AI Partnership: Augmenting Cyber Teams with Intelligent Automation,” Kapuruge described how intelligent AI agents are emerging as the next evolution of cybersecurity operations, augmenting human decision-making with speed, accuracy, and continuous learning

Kapuruge began by asking a simple but critical question: “What’s your biggest challenge in cybersecurity operations today?” The answer, he said, is the widening gap between detection and response. Traditional Security Operations Centres (SOCs) are overwhelmed by the volume of alerts, false positives, and data silos, slowing down incident triage and escalating operational fatigue.

Introducing Fortude’s Sentinel AI architecture, Kapuruge explained how AI agents can triage, investigate, and respond to incidents within seconds, far surpassing human capacity. These autonomous yet guided systems, powered by Retrieval-Augmented Generation (RAG), continuously learn from historical incidents and adapt to new attack patterns. “Our Sentinel AI doesn’t just analyse; it reasons,” he said. “It never sleeps, never gets tired, and never misses a correlation.”

The power of unified AIOps 

Kapuruge described Sentinel AI as a unified AIOps platform designed for both cybersecurity and Site Reliability Engineering (SRE). It integrates monitoring, detection, and automation into a single console with natural language interfaces, allowing analysts to interact conversationally rather than through complex dashboards. This simplification, he explained, eliminates silos between security and infrastructure teams while reducing mean time to detect (MTTD) and mean time to respond (MTTR).

Through examples drawn from simulated operations, Kapuruge demonstrated how Sentinel AI can instantly triage suspicious processes such as detecting an anomalous executable or flagging malicious code injection in a software repository, then autonomously cross-reference the event against threat intelligence databases, verify hashes, and trigger response workflows.

Despite the sophistication of AI, Kapuruge emphasised that automation should augment, not replace, human analysts. “AI agents can take over repetitive, time-critical work, freeing analysts to focus on strategic tasks like root-cause analysis, threat hunting, and policy design. The system’s design principle is human-in-the-loop oversight, ensuring transparency, accountability, and contextual awareness even as machine speed drives response,” he said. 

Kapuruge also noted that AI governance and explainability are central to Fortude’s deployment model. Each AI-driven decision is logged, auditable, and traceable, ensuring compliance and preventing model drift. “In cybersecurity, blind trust in automation is as dangerous as no automation at all,” he cautioned.

Concluding his presentation, Kapuruge underscored that the future of cybersecurity lies in AI-augmented resilience, where humans and intelligent systems operate symbiotically to predict, prevent, and respond to threats. “We’re entering a new chapter where SecOps becomes cognitive where AI agents amplify the instincts of human defenders. It’s not man versus machine, but man with machine, protecting what matters most,” said Kapuruge. 

Human intelligence at the core of AI-led cyber defence

The panel discussion following the keynotes brought together Cargills Bank PLC Group Chief Information Officer Druvi Vaidyakularatne, Millennium IT Director – Managed Security Services Mushtaq Mukthar, and moderator Chamath Algawatta, Chief Information Security Officer at Nations Trust Bank PLC, for an in-depth exchange on how human expertise continues to anchor AI-driven cybersecurity transformation.

Chamath Algawatta noted that while AI has redefined the speed and scale of cyber response, “the true differentiator remains human judgment.” He pointed out that as organisations embrace automation, leadership must ensure that ethical oversight, accountability, and contextual awareness remain firmly human-led. “You can automate detection,” he said, “but context, consequence, and corrective action still demand people who understand the business.”

From a banking and financial sector perspective, Druvi Vaidyakularatne underscored the importance of collaboration and contextual intelligence. He explained that banks now face hybrid threats that combine AI-powered fraud, phishing, and social engineering. To counter these, banks are investing in predictive analytics, secure data lakes, and federated AI models that allow institutions to learn collectively without compromising customer privacy. “Cyber resilience is no longer built in isolation. It’s about shared vigilance and trusted ecosystems,” he emphasised.

Mushtaq Mukthar brought a technology service provider’s view, stressing Sri Lanka’s potential to become a regional managed security hub. He outlined how AI-driven security operations and real-time telemetry from diverse industries could feed back into continuous learning loops. “Our goal is to build an ecosystem where every breach, every anomaly, teaches the network to defend better,” he said.

Strategic partners of the 11th annual cyber-security summit were Visa and Sysco LABS, Platinum partner was South Asia Technologies, Community Impact Partner was Meta, Payment network partner was LankaPay. Other partners included platform partner #HashX, podcast partner Techtalk, hospitality partner Cinnamon Grand, Colombo, Creative partner Mullenlowe Sri Lanka and electronic media partner Yes101, TV1 and News1st.

Pix by Upul Abeysekara and Ruwan Walpola