The takeaways
AI has accelerated both the speed at which security issues are detected and the rate at which new ones emerge, driving the need for an always-on, adaptive cybersecurity posture. The shift from managing cyber to cyber engineering with managed services makes this new posture possible. You’ll be able detect, contain, and remediate cyber vulnerabilities in real-time without the need for ever-larger Security Operations Centre (SOC) teams. By minimising disruptions and strengthening stakeholder trust, the step-up in capabilities will transform cybersecurity from defensive necessity to a key source of competitive advantage. How can your organisation transition to cyber-managed engineering, and how can you realise the benefits?
Cybersecurity has entered a new era as frontier AI enables vulnerabilities to be identified and exploited more quickly and efficiently than ever before. Working around the clock, AI agents are evolving to detect potential vulnerabilities within IT environments. Many of these flaws have only recently been detected by new models, but date back decades. The priority for your organisation is using the same frontier AI capabilities to patch, close vulnerabilities, and fix code, with far greater speed than ever before.
In this increasingly exposed and fast-shifting threat environment, identifying vulnerabilities and drawing up lists of issues are no longer enough. The real test of effectiveness is how quickly the AI agent can determine the right response—patch, segment, or fix the flaw as appropriate—so you can contain the impact, get systems back up-and-running, and remediate the root causes. People play a crucial role—implementing a change to fix a coding vulnerability, for example. The agent’s job is to evaluate the options and get you to the right path as fast as possible.
“For many years, organisations have focused on identifying vulnerabilities without always fixing them. In today’s threat environment, that’s no longer enough—the real test is how quickly you can determine the right options and resolve issues at speed and scale.”
Rich Kneeley,US Managed Services Leader, PartnerToday’s cyber challenges bring opportunities to bolster resilience and trust. An optimised, outcomes-driven cybersecurity function can help prevent financial losses and reputational damage that could result from prolonged operational interruptions.
Cyber resilience is also becoming a cornerstone for the operational agility and stakeholder confidence needed to drive enterprise innovation and transformation. One of the clear findings from PwC’s AI Performance Study 2026 is that AI leaders don’t move faster despite effective governance, risk management, and cybersecurity—they move faster because of it. In that sense, cybersecurity is like the brakes on a racing car, engineered to function safely and seamlessly at ultra-high speeds.
“Cybersecurity is ultimately a trust business. Organisations that succeed will be the ones that can build trust internally with leadership and externally with regulators and customers.”
Sangram Gayal,Global Cyber Managed Services Leader, PartnerAre you ready to deal to deal with these evolving and escalating threats? Our 2026 Global Digital Trust Insights survey highlights the growing investment in cybersecurity. But only 6% of organisations are confident about their ability to withstand cyberattacks across all vulnerabilities. The survey also highlights an overly reactive cyber posture within many organisations, rather than the proactive and comprehensive defences needed to safeguard the business.
“We’ve reached a tipping point. Organisations can now see their vulnerabilities clearly, but visibility without action doesn’t reduce risk. The real challenge is finding a trusted partner who can help you close those gaps in a way that works for the business.”
Petr Špiřík,EMEA Managed Services Leader, PartnerHow are you responding to this pressure? Many are looking to increase their SOC headcount. But the shortage of cybersecurity analysts makes this difficult. Even with bigger teams, the scale of today’s threats and vulnerabilities still created gaps when you reply on an ‘eyes on glass’ approach to detection and response.
The outlook and skills needed are also shifting. The real challenge isn't just today's threats; it's what's coming next. The future of cyber conflict will be driven by AI. To get ahead, companies will need a new generation of future-ready talent, a fusion of deep cyber expertise, AI fluency, and the creative engineering skills to build novel defences with the necessary speed and agility.
With the strains on in-house SOC’s increasing, a growing number of organisations are outsourcing their cybersecurity to conventional managed service providers. However, more people won't guarantee better outcomes. In what are often highly commoditised offerings, remediation is also often passed back to the client.
The latest agentic AI tools provide part of the answer by enabling organisations to anticipate, monitor and respond to cyber threats in real time. But making the most of the agentic potential requires a high level of design and engineering skills. The organisations taking part in our 2026 Global Digital Trust Insights survey cite knowledge and skills gap as one of the two biggest challenges to implementing AI for cyber defence.
Cybersecurity realities have changed and conventional approaches are no longer fit for purpose; how can your organisation get up to speed?
The starting point is a fundamental shift in cyber posture from managing operations at scale to engineering outcomes at scale. This means continual automation and the integration of on-demand custom engineering into a process to pre-empt attacks and fix vulnerabilities. It also means future-proofing security within rapidly transforming tech estates.
We apply this engineering-led cyber posture within our cyber managed services operations. From banks to logistics companies, we work with you to provide security optimisations that deliver higher success rates in fixing root causes and preventing and responding to threats, while reducing reliance on large analyst teams. With automated defences and precise intel at their fingertips, SOC teams can spend more time focusing on real threats, while being able to reduce risk faster and more effectively.
By focusing on business outcomes, cyber engineering managed services also embeds cybersecurity as a core operational capability and source of advantage. The optimised outcomes include more assured operational resilience and effective protection of your data, without compromising either customer experience or the pace of commercial innovation.
Automation and AI are the foundations. But the key is being able to tailor these capabilities to the business’ specific risk environment, operational, and regulatory demands. Security capabilities and environments are also continually adapted and fine-tuned for changing risks and business needs as part of an ‘engineering-as-a-service’ approach.
How can your organisation make the most of the new engineering-led cybersecurity model? Three priorities stand out:
Cybersecurity has always been critical. But now more than ever it’s a core driver of enterprise continuity, confidence, and value. It can no longer be seen as simply a systems issue or discretionary spend.
The organisations that are best equipped to deal with today’s highly complex and threatening risk environment won’t be the ones with the most analysts—they’ll be those with the best-engineered security. We run your operations with tech and talent so you can run faster, scale smarter, and lead stronger.
If you’d like to know more about how our engineering-led managed services can help you to strengthen resilience and trust, please get in touch.
Visit our managed services page
Building a secure digital society with Chatham House