According to Infosecurity Magazine, John Eccleshare from online gambling giant bet365 says the cybersecurity threats facing his global company are consistent with any major online business like Amazon or eBay. He argues there’s no real disparity in targets between gambling, retail, or banking, noting that the scale of the threat simply grows with a company’s popularity and reach. Looking at 2025, he sees AI, particularly generative AI, significantly impacting the landscape by lowering the barrier to entry for threat actors. A key trend he highlights is “vibe coding,” where non-technical individuals can now generate functional, and potentially malicious, code using plain language prompts. While this makes threats more advanced and prevalent, Eccleshare also points out that AI provides a defensive advantage, notably in processing the vast volumes of daily security logs through SIEM technologies to identify threats faster.
The Democratization of Destruction
Eccleshare’s point about “vibe coding” is the real story here, and it’s kinda terrifying if you think about it. For years, creating effective malware required serious, niche programming chops. It was a high barrier. Now? A vaguely motivated person with a grudge and a ChatGPT subscription can probably cook up something nasty. That’s a massive shift.
It doesn’t mean we’ll see brilliant, novel attacks from these newcomers. Probably the opposite. We’ll see a deluge of crude, derivative, but still damaging scripts. It’s the cyber equivalent of handing out easy-to-use power tools. Most people might build a shelf. A few will try to take down a wall. The noise level for security teams is about to go through the roof.
The “New” Threat That Isn’t
I think Eccleshare is right to push back on the hype that AI is some totally new cyber monster. Machine learning has been in the security toolchain for a decade, doing anomaly detection and pattern matching. Generative AI is an evolution, not a revolution, on that front. The marketing frenzy just makes it feel new.
But here’s the thing: calling it an “evolution” undersells the practical impact. When a technology jumps from a specialized toolkit to a consumer-facing chat interface, the game changes. The threat landscape isn’t evolving linearly anymore; it’s scaling exponentially because the pool of potential attackers just got a whole lot bigger. That’s the core challenge.
Can Defenders Keep Up?
On the bright side, Eccleshare notes AI is a powerful ally for the good guys, especially in slogging through security logs. And he’s spot on. Analysts drowning in millions of daily log entries need all the help they can get to find the real signal. AI can correlate events and spot patterns humans would miss or take weeks to find.
But this creates a weird asymmetry. Attackers using AI are trying to create one successful breach. Defenders using AI have to be right every single time, across an entire global attack surface. The defender’s job is fundamentally harder. So while AI tools for SIEM and log analysis are getting better, it’s still an arms race where the offense often has the initiative. It’s like building a taller wall while the other side is mass-producing taller ladders.
The Real-World Squeeze
The unspoken tension in all this is the business pressure CISOs are under. Every company wants to rush and implement generative AI for competitive advantage. But from a security lead’s chair, every new AI-powered app or service is another potential vulnerability, another data leak risk, another entry point.
How do you balance “move fast and break things” with “please don’t let our customer data get stolen”? Eccleshare’s global view from bet365 is useful because they’re a huge target handling financial transactions. If they’re saying the threats are the same as for Amazon, it tells you this isn’t a niche problem. It’s the default state for doing business online now. And AI is just pouring gasoline on that fire, for better and for worse.
