The Coming Wave: Why AI-Fueled Cyber Crime Demands a New Layer of Risk Management

IRM Navigator™ Maturity CurveAutonomous IRMCybersecurity
Written By John A. Wheeler

In June 2024, a ransomware attack on Synnovis—an NHS diagnostics provider—led to thousands of canceled surgeries, long-term patient harm, and yet barely registered in the headlines. A year later, an attack on Marks & Spencer, which temporarily left Percy Pig sweets and Colin the Caterpillar cakes off supermarket shelves, wiped £600 million off the company’s market cap and triggered nationwide panic.

This juxtaposition, as Misha Glenny eloquently observes in his Financial Times Weekend article, reveals something uncomfortable about both society’s perception of cyber risk and our structural ability to respond to it. But it also points to a larger and more pressing reality: AI is about to turn every cyber threat vector into a force multiplier—and the defensive tools most organizations rely on are no longer fit for purpose.

As AI matures into autonomous, agentic forms, we’re not just dealing with more attacks—we’re dealing with smarter, faster, and more scalable ones. The solution isn’t just better cybersecurity. It’s Integrated Risk Management (IRM)—and it must evolve as rapidly as the threat landscape.

John A. Wheeler

John A. Wheeler is the founder and CEO of Wheelhouse Advisors, a global risk management strategy and technology advisory firm. With over three decades of experience spanning executive management, finance, risk management, audit, and IT, John is a world-renowned expert in integrated risk management technology, executive leadership, and corporate governance.

https://www.linkedin.com/in/johnawheeler/
Sign up to read this post
Join Now
Previous

The IRM50 All-Stars Take the Field
Next

Where Autonomous IRM Begins—And Where It Must Go Next