With ransomware-as-a-service kits going for less than the price of a team lunch, it’s no longer surprising that even non-technical bad actors are launching sophisticated cyber-attacks. Security has become less about guarding the perimeter and more about managing risk from the inside out, and across every layer of an organisation.

Speaking at a recent DVT Insights session, Emil Munro, senior engineering lead at Silicon Overdrive, brought some clarity to a field cluttered with jargon and false confidence. His message? Security today is a people problem, not just a technology one, and AI has a role to play, but it’s not the hero.

The business of ransomware

Munro didn’t hold back when addressing how cheaply and easily digital extortion can be carried out. “You can buy a ransomware kit for two grand, no skills needed,” he said. “It’s industrialised. It’s scalable. And it’s built to exploit the weakest links—usually people.”

The targets aren’t always the big brands. Small firms, SMEs, and even hospitals are finding themselves cornered by attackers who know they can’t afford downtime or data loss. And without proper backups or a response plan, paying the ransom often seems like the only way out.

Why zero trust isn’t about paranoia

One of the session’s key themes was the much-misunderstood concept of zero trust. “It’s not about distrusting your employees,” Munro clarified. “It’s about not assuming their devices or credentials are clean, because often, they’re not.”

He unpacked the three basic principles: verify explicitly, limit privileges, and assume a breach is already underway. It’s a pragmatic shift that calls for cultural change as much as technical controls, especially in environments where performance often trumps security.

Microsoft Copilot: Useful, but not magic

Munro offered a grounded view of Microsoft Security Copilot, describing it as a “highly capable assistant” that can ease the burden on under-resourced security teams. It can summarise incidents, surface suspicious patterns, and suggest queries for proactive threat hunting, all without needing deep technical skills.

But there’s a caveat: “It’s not autopilot. It doesn’t act on your behalf. You still need the expertise to ask the right questions and interpret the results.” He sees Copilot not just as a tool, but as a subtle way to upskill internal teams, particularly in organisations lacking dedicated security staff.

Accidental breaches: The AI risk nobody talks about

While much of the conversation centred on defences, Munro didn’t shy away from one of the more awkward truths: sometimes it’s well-meaning staff who create the most risk. “We’re seeing sensitive documents being pasted into public chatbots like ChatGPT, just for formatting help or summaries. That’s data leakage, plain and simple,” he said.

His advice? Put guardrails in place before productivity tools become liabilities. That includes restricting access to unmanaged AI and rolling out internal solutions like Microsoft Copilot in controlled environments.

Plan like you’ve already been breached

For Munro, the baseline assumption isn’t that an attack might happen, it’s that it probably already has. “Start with the mindset that something’s already broken, and work backwards from there,” he advised.

His closing call to action was blunt but practical: have a response plan, review your data governance, educate your teams, and get the basics right. And if you’ve invested in Microsoft 365, use what you’re already paying for. Many organisations haven’t even turned on Defender.

To watch the full DVT Insights session with Emil Munro, visit DVT’s YouTube channel and hear firsthand how practical security strategies and AI tools can be combined to strengthen your organisation’s defences.

About DVT Insights

DVT Insights is a regular webinar series designed to share expert perspectives, practical advice, and emerging opportunities in the tech landscape. Hosted by DVT’s Strategic Digital Services team, each session brings forward relevant, real-world insights into the technologies shaping digital transformation today, from AI and automation to cloud, data, and software innovation.