Cyber Security

Human error remains cybersecurity’s weakest link, warns Aryaka’s Dr Aditya Sood

28 October 2025
2 minutes
Dr Aditya Sood, VP of security engineering and AI architecture at Aryaka, has blamed human error for many of today’s most damaging cyber attacks, warning that even as AI transforms both attack and defence, “the basics remain the hardest to conquer.”
Jasdip Sensi

Digital Editorial Lead, Capacity

​Speaking to Capacity, Sood said that despite years of investment in cybersecurity tools and training, human errors are continuing to open doors for attackers.

​“Human error continues to be a key vulnerability,” he says. He also noted that phishing attacks have evolved far beyond traditional credential theft.

​“Phishing has existed since 2004 and despite countless solutions, it remains unsolved because attackers exploit protocol weaknesses.

​“Phishing has evolved from simple credential theft to drive-by downloads and malicious attachments executing payloads through PowerShell or in-memory processes. These ‘living off the land’ attacks are stealthy and hard to detect.”

​Additionally, beyond user behavior, Dr Sood warned that poor coding practices, insecure APIs and unprotected cloud environments are also leaving organisations vulnerable, as cyber criminals are no longer focusing only on financial gain but on disrupting key industries.

​“We’re seeing increased targeting of critical verticals. For example, ecommerce environments are vulnerable due to IoT integration. Attackers compromise weak network points, move laterally and can disrupt entire payment systems,” he stated.

​Meanwhile, the Aryaka exec described today’s cybersecurity environment as an “arms race” between attackers and defenders, both increasingly turning to AI.​

“From an attacker–defender standpoint, it’s an arms race. Both sides are leveraging AI. Attackers use it for phishing, exploit generation and reconnaissance, while defenders must use AI and ML to counter them,” he said.

​However, despite enthusiasm around AI, Dr Sood warned that many leaders still misunderstand the tool.

“The main challenge with AI is that adoption is happening faster than understanding. Many people equate AI only with tools like ChatGPT, but true AI operates largely behind the scenes.

To defend against AI-driven threats, organisations must build comprehensive taxonomies and threat models,” he concluded.

Related stories

AI now lies, denies, and plots: OpenAI’s o1 model caught attempting self-replication

AI in cybersecurity: Tool or a hacker’s ally?

Jasdip Sensi

Digital Editorial Lead, Capacity

Top Articles