“I’ve always been into data and analytics,” says Colin Mahoney, the company’s CEO. Recorded future. “That’s one of the things I love about Recorded Future: the incredible data intelligence and the mission of using that intelligence to combat the cyber threats we all know too much about.”
Indeed, Mastercard saw the potential of these threat intelligence capabilities to counter cyber threats. which acquired Recorded Future for $2.65 billion in 2024.
Mahoney, who became CEO of Recorded Future in September this year after initially taking over as president in 2023, was in London for Predict Europe 2025, the company's client event in King's Cross, one of the city's biggest tech hubs.
The area is home to many tech startups and leading European offices of tech giants such as Meta and Google. Alan Turing Institute – The UK's National Institute for Data Science and Artificial Intelligence (AI) is just a stone's throw away. So perhaps it's not surprising that AI came first for many of those attending the two-day event at King's Place.
“The combination of artificial intelligence and automation is really exciting for customers,” Mahoney says. “We spend a lot of time making sure we can expand and accelerate the actions we take through threat intelligence, using automation and artificial intelligence to eliminate threats as quickly as possible.”
These tools automate the creation of personalized threat intelligence that customers can use to detect and analyze threats or vulnerabilities in real time, helping them protect their networks from cyber threats. However, the responsibility for patching still lies with the customer – Mahoney thinks automating updates may be a step too far, at least for now, adding: “We still leave it up to the customer – I don't think people are comfortable automating everything.”
The rise of cyber threats based on artificial intelligence
But, as with any new Internet-connected technology, Cybercriminals are already using artificial intelligence tools to facilitate attacks and fraud.. They also don't have to think about data privacy or ethical considerations when using or misusing the technology.
“Bad guys are definitely using it. They're not limited in how they use it – and it's almost zero cost for them to have some very sophisticated capabilities to pretend to be someone else or run interactive hacking programs,” Mahoney says.
One example of how AI is being used by attackers is what he calls the “huge rise in synthetic identities,” especially in North Korea. In these campaigns, North Korean citizens—at the direction of the regime in Pyongyang—use artificial intelligence tools. apply for remote work from technology providers, cryptocurrency firms and even cyber security companies. Not only do they use AI to send out resumes and cover letters for their initial applications, but they also use live deepfake technology to change their image and voice during video calls to hide who they really are.
“They want these synthetic identities to get jobs and money. They also want to use these identities to infiltrate places and get information,” Mahoney says.
But where cyber threat operations are taking place at the nation-state level, cybercriminal groups are not long in coming – and they are already abusing artificial intelligence to make money illegally. Just look how cybercriminals used deepfakes to impersonate company executives who are stealing millions through wire fraudor use voice cloning for impersonate high-ranking persons to facilitate fraud against the public.
“Commercialization of these tools is already happening. You don't necessarily need nation-state support or money – you can do it with tools that are virtually free to use,” Mahoney says.
But while cyber attackers can—and do—use the latest technology to launch campaigns, Mahoney notes that so many hacks still happen using tried and tested tools, techniques and procedures. especially those that focus on cloud services and login credentials..
“When we look at exposed corporate credentials, when you track where the exposure occurred, most often it's from a person's home computer that doesn't have modern security installed,” he says.
This could be as simple as someone using their personal laptop to quickly check their email. But their personal computer is unlikely to have the same strong security controls as their company device, making it easier for them to accidentally click a phishing link or install malware. But this could put the entire company at risk.
“There's nothing intentional about it, but somebody made a decision about what to do and that decision could have compromised the information,” Mahoney adds.
The importance of properly understanding the basics of cybersecurity
Mahoney recommends that organizations follow standard cybersecurity procedures to ensure their accounts, employees, customers and partners are protected from cyber threats.
“Sometimes people forget the basics, but it needs to be done,” he says. “Enable two-factor authentication for everything—you won’t be able to log into anything without it.”
Mahoney also emphasizes the importance Regular backup of important data and store them offline: “It seems so simple, but if you have a clean backup, if you get attacked by ransomware, you still have your data—you can still work.”
“2025 was the year of mid-market ransomware. You don't hear about all these big companies – ransomware gangs are targeting mid- and lower-market victims.”
Colin Mahoney, Recorded Future
Ransomware remained a major cybersecurity issue throughout 2025, with major incidents affecting large companies including Marks and Spencer And Jaguar Land Rover. But while these attacks on high-profile corporations have generated headlines and had significant economic impacts, Mahoney argues that more attention needs to be focused on ransomware attacks on smaller targets.
“2025 was the year of ransomware for the midmarket. You don't hear about all these big companies – ransomware gangs are targeting midmarket and lower market victims, extorting even small amounts of money from them,” he says.
While these attacks may not be as profitable as “big game hunting” campaigns, they still cause significant damage and destruction. Small businesses may be more tempted to pay the ransom since the alternative is bankruptcy. Mahoney expects this trend to continue into 2026. “I think we will see more attacks like this,” he warns.
It is clear that protecting networks and preventing hacking by unauthorized attackers is a key area of cybersecurity. But as attackers increasingly resort to social engineering and deepfakes to obtain legitimate login credentials, active intrusions are becoming increasingly difficult to detect.
“There's a realization that the bad guys are here,” Mahoney says. “The next 12 months will be about working with different environments and technologies to use autonomous capabilities to get ahead of them – finding what's in systems and rooting them out.”
He believes that scenarios should be prepared to help identify and eliminate threats that are already inside the network. “One of the best things organizations can do is conduct different exercises and training. capture the flag drills to detect threats and know what they will do when a threat arises.”
Mahoney argues that incident response is not something that just the information security team should be prepared to do: business operators and management need to be involved to ensure that everyone knows their role in the event of a cyber attack, as this can save the business.
“Conducting simulations and exercises to ensure that the governing body can function well can be the difference between a company that is closed and a company that remains in operation,” he says. “It's not just a question of technology, it's a question of, 'Do we have a properly functioning crisis capability?' thing. This is great to practice in the event of a cyber attack, but if you practice it, it is great practice for any crisis situation you may encounter. Every organization should do this.”
:quality(85):upscale()/2025/10/28/729/n/49350580/0afa62e96900efb70c5485.88002972_.jpg?w=150&resize=150,150&ssl=1 "What Is Silent Book Club? All About the Introvert-Led Trend")
