AI in Cybersecurity: What Swiss SMEs Need to Know Amidst New Threats

The alarm rings at six in the morning. You reach for your smartphone to check the first emails. A message from your CFO: "Urgent! Suspicious transfer of CHF 150,000 to an unknown account." The recipient of the transfer is a supplier you actually work with – but the bank details are new, and the request for a quick payment came from an email address that looked remarkably similar to your CFO's. A deepfake call seemingly confirmed the urgency. Scenarios like these are no longer science fiction. They are the new reality, shaped by artificial intelligence.

Indeed, 48% of cybersecurity experts classify so-called "agentic AI" – autonomous AI agents that can independently plan and execute attacks – as the top attack vector for 2026. This is a worrying forecast, especially for Swiss SMEs. While 34% of companies in this country are already using AI applications, the priority for cybersecurity is paradoxically declining. Only 42% of Swiss SMEs feel adequately protected in the event of an attack.

This gap between growing threats and declining awareness of protection creates a dangerous void. As digitalisation continues to advance and AI permeates more and more areas, our defence systems are often neglected. This is a strategic mistake that can prove costly.

How can Swiss SMEs effectively enhance their cybersecurity in the face of new AI threats like agentic AI and LLMs?

The answer lies in a proactive strategy that combines technical and organisational adjustments with a clear focus on AI governance.

The threat landscape has fundamentally changed. In the past, static firewalls and virus scanners were often sufficient. Today, we face attacks generated by Large Language Models (LLMs) – phishing emails that are grammatically perfect and culturally tailored to the recipient. Or we are confronted with "agentic AI," which independently seeks vulnerabilities in systems, generates exploits, and orchestrates attacks. As someone who works with Python, ML models, and LLM fine-tuning myself, I know: these tools are extremely powerful – and in the wrong hands, dangerously so.

To protect themselves effectively, Swiss SMEs must sharpen their environmental analysis. A PESTEL analysis can help systematically assess external influences – from political regulations to technological developments – and identify specific AI risks for their own business model. This is the first step towards building a solid AI strategy and readiness. It's not just about buying software, but about making the entire system – people, processes, technology – resilient.

Another critical area is the human element. Even the best technology is of little use if employees are not trained. Deepfakes are now so convincing that they are barely distinguishable from reality. A call from the supposed CEO urgently requesting a transfer can have devastating consequences. Regular security awareness training, specifically addressing AI threats like deepfakes and LLM-generated social engineering attacks, is essential. This training must empower employees to question critically and consistently adhere to established verification processes, even under pressure.

For IT managers, this means delving deeply into the technical aspects of AI-driven attacks. This includes understanding how LLMs can be misused for prompt engineering to generate malicious code or exfiltrate data. It also requires knowledge of how "agentic AI" functions to anticipate its behaviour and potential attack paths. Only those who understand the attackers' tools can develop effective countermeasures. It's a continuous evolution that we cannot ignore. The era of static defence is over.

What concrete measures should Swiss SMEs take to protect themselves from AI-driven cyberattacks, especially when the priority for cybersecurity is declining?

A holistic strategy based on sound risk assessment, prioritising investments in AI-based defence systems, and ensuring consistent employee awareness is essential.

It's an alarming trend: while AI threats are growing, the priority for cybersecurity is declining in many Swiss SMEs. Only 42% of companies now consider their protection adequate. This decline is often due to short-term cost considerations and a lack of awareness of the invisible but real dangers. Many management teams view cybersecurity purely as a cost factor, not as a strategic investment in business resilience.

Specifically, Swiss SMEs should conduct a comprehensive risk assessment. A SWOT analysis, supplemented by Porter's Five Forces, helps identify internal weaknesses and external threats in the context of AI development. Where is the most critical data? Which systems are most vulnerable? How could attackers influence my supply chain? These questions must be answered to take targeted action.

Investments in modern cybersecurity technologies are not optional but necessary. This includes not only the aforementioned AI-powered email filters and EDR solutions but also multi-factor authentication (MFA) for all critical systems, regular backups stored offline and redundantly, and the implementation of zero-trust architectures. These measures create multiple lines of defence, making it difficult for attackers to penetrate and spread within the system.

Compliance with the Swiss Data Protection Act (DSG) is not only an obligation but also an advantage. A strong data protection framework requires robust security measures, which in turn increase resilience against cyberattacks. Those who are DSG-compliant have already met a large portion of the organisational and technical requirements for good cybersecurity. This not only protects data but also the trust of customers and partners.

The integration of AI into cybersecurity in 2026 will be marked by significant concerns about the potential for AI-driven attacks, as reported by govtech.com at RSAC 2026. This underscores the urgency of understanding AI not only as a threat but also as a powerful tool for defence. We must leverage the same technologies that attackers use to protect ourselves. This is an arms race that we can only win with intelligence and foresight.

Why is cybersecurity less of a priority for Swiss SMEs despite rising AI risks, and what are the implications for their resilience?

Short-term cost considerations, a lack of internal expertise, and an underestimation of potential damages lead to dangerous security gaps and dramatically reduced resilience.

It's a familiar pattern: many SMEs are not flush with cash, and investments are made where the return on investment (ROI) is most quickly visible. Cybersecurity is often viewed as a type of insurance whose value only becomes apparent in the event of a loss. This is a fatal misconception. The 34% of Swiss SMEs already using AI applications benefit from efficiency gains and new opportunities. However, many overlook the downsides of this development.

A primary reason for the declining priority is the lack of specialised expertise. Small and medium-sized enterprises often cannot afford their own cybersecurity experts who are familiar with the latest AI threats. This leads to overwhelm and the feeling of being unable to solve the problem themselves. The complexity of the subject matter, from LLM fine-tuning to MLOps frameworks, deters many. Here, as Lukas Huber, founder of schnellstart.ai, I see a clear task: knowledge transfer and practical support. You don't need your own army of data scientists, but a fundamental understanding and the right partners.

The consequences of this negligent attitude are severe. Lower resilience means that in the event of a cyberattack, a company not only suffers financial damage but also faces long-term negative consequences. Data loss can destroy customer trust, operational disruptions lead to revenue losses, and reputational damage is often irreversible. The costs of an attack that could have been prevented by a lack of preparedness usually far exceed investments in cybersecurity. This is the core message that needs to be understood: Don't cut corners where it matters most.

The reality is that AI-driven attacks are not just a matter of technology, but also a matter of strategic leadership. Management that does not take the threat seriously and fails to allocate resources endangers the entire company. It's like building a fortress and leaving the gates open. The time for a reassessment of cybersecurity as a strategic priority is not tomorrow, but now.

Cybersecurity is evolving rapidly, and AI plays a dual role: it is both a powerful weapon for attackers and an indispensable tool for defence. Swiss SMEs must not be deterred by the complexity or ignore the risks. The declining priority for cybersecurity is a dangerous trend that needs immediate correction.

Those who act now are investing not only in technology but in the future viability of their company. It's about building resilience and protecting themselves from the financial, reputational, and operational damage that a successful AI-driven cyberattack can cause. Only in this way can Swiss SMEs leverage the benefits of AI without paying the price of negligence.

✅ **Takeaway 1:** AI-driven cyberattacks are real, sophisticated, and increasing. Ignoring them is not an option.

✅ **Takeaway 2:** Proactive measures, including AI-powered defence and comprehensive employee training, are essential.

✅ **Takeaway 3:** Cybersecurity must be viewed as a strategic investment, not just a cost factor, to ensure company resilience.

Have questions about how to secure your company against the latest AI threats? Get in touch with us to discuss your specific situation and develop a tailored strategy. Contact us today.