Rethinking Cyber Defence For Tomorrow's Threats

Uploaded on 2025-04-08 in TECHNOLOGY--Resilience, FREE TO VIEW

Research shows that cybercrime is expected to cost $12 trillion this year, making it more pressing than ever for organisations to review and optimise their cybersecurity strategies and budgets. Identity-based threats more specifically are proving to be a real threat, with 80% of companies worldwide experiencing an identity-related cyberattack in 2024.

As the threat landscape becomes increasingly more complex, navigating emerging threats that target identities is a colossal challenge for cybersecurity teams. 

Detection Wins Over Prevention 

With the increasing number of cyberattacks and data breaches that each organisation is facing, it’s becoming nearly impossible for cybersecurity teams to mitigate individual attacks. Instead, a holistic approach to cybersecurity, where prevention serves as the fundamental base layer, but is then reinforced by timely detection, is becoming more prevalent. 

Detecting and responding to identity threats has become the cornerstone of modern cybersecurity strategies, playing an important role in identifying compromised accounts and unauthorised use of credentials. Unlike prevention, it allows for a proper investigation to find a suitable solution for containing an attack. Early detection then equals early detainment, which lowers the price tag that comes with today’s identity cyberattacks. 
Relying on principles such as Zero Trust is imperative as businesses need to assume they’ve been breached already, and focus on detection strategies instead. 

AI Shapes Cyberattacks & Defence Strategies

With the onset of AI, businesses face more sophisticated threats from highly structured syndicates who use new AI-powered tools to optimise their attacks. Phishing is a key area that has been enhanced through AI models. While it used to be possible to detect phishing attacks through grammar and spelling mistakes, and the complexity of some languages was a serious barrier to attacks, AI has transformed how phishing emails are launched and amplified. By analysing large data sets, cybercriminals use AI to create highly personalised and convincing emails that appear legitimate, mimicking writing styles of individuals or organisations. 

As AI becomes increasingly more embedded in day-to-day operations, cybersecurity teams need to be utilising AI to help them combat these threats. AI-powered security tools can provide context, clarity and transparency that will enable cybersecurity teams to make faster decisions and lead to faster recovery. 

While AI is still evolving, organisations are hesitant to fully entrust it with autonomous decision-making, especially in high-risk scenarios. Businesses are more comfortable using it when the potential consequences are less tangible, suggesting a need to build trust and address concerns about AI's reliability and transparency first.

Attack Surface Expands Under A Wave Of Machine Identities 

New data shows that for every human identity, there are 46 machine identities, greatly expanding the attack surface and contributing to a heightened security risk that could lead to identity compromise.  

To combat this challenge, organisations need to adopt a layered approach to security that includes interoperability and orchestration. Interoperability enables seamless communication and data sharing between different platforms and systems, allowing for better context and decision-making. 

Orchestration, on the other hand, will provide a centralised way to manage and automate security processes, improving efficiency and reducing response times. By embracing these concepts, organisations can build more resilient security systems that are capable of detecting and mitigating the risks posed by deepfakes and other emerging threats. On a practical level, organisations can implement new security measures, such as application safe words to protect themselves from these threats.

Quantum Cryptography Needs To Evolve To Protect Persistent Data 

Proclaimed as the International Year of Quantum Science and Technology by the UN, 2025 promises to be the year when people wake up not only to the potential of this technology, but also become acutely aware of the threats it opens doors to.  

As cyber adversaries continue to use AI and other advanced technologies to break into systems, it will be critical for current cryptography to evolve and prevent access for unauthorised individuals. This is critical especially for persistent data, such as health or financial records, that need to be retained and protected for the next 10-15 years.
While authentication remains important, we’re seeing authorisation as an emerging and continued trend that will help organisations face the current challenges posed by new technologies. As the most critical and strongest control point for enterprises access, authorisation helps organisations define what users can do and access within a specific environment, allowing for a more precise approach.

Restricting access through identity management and authorisation will help organisations face cybersecurity challenges, with just-in-time access and multi-factor authentication being some of the most powerful tools they can use.

Spencer Young is SVP, EMEA Sales at Delinea

Image: Julee Juu

You Might Also Read: 

Combating Cyber Threats In The Age Of AI:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Vishing - The Voice Scam You Need To Know About
Staying Secure, Skilled & Sustainable »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Portnox

Portnox

In 2007, Portnox set out to create one of the world’s easiest to use, most loved, value-driven network security solutions — and our customers will tell you we’ve succeeded.

Stott & May

Stott & May

Stott & May is a specialist cyber security recruitment agency.

Orange Cyberdefense

Orange Cyberdefense

Orange Cyberdefense is the expert cybersecurity business unit of the Orange Group, providing managed security, managed threat detection & response services to organizations around the globe.

Romanian Accreditation Association (RENAR)

Romanian Accreditation Association (RENAR)

RENAR is the national accreditation body for Romania. The directory of members provides details of organisations offering certification services for ISO 27001.

DCX Technology

DCX Technology

Recognized as a leader in security services, DXC Technology help clients prevent potential attack pathways, reduce cyber risk and improve threat detection and incident response.

OwnZap Infosec

OwnZap Infosec

OwnZap Infosec aims to digitally shield the cyberspace by offering services like Penetration Testing and Red Teaming, Infrastructure Security Testing, and Vulnerability Assessments.

Wayra

Wayra

Wayra connects Telefónica and technological disruptors around the world. As their preferred strategic partner, we scale them up to accelerate their business and ours.

Digital Identification & Authentication Council of Canada (DIACC)

Digital Identification & Authentication Council of Canada (DIACC)

DIACC is a non-profit coalition of public and private sector leaders committed to developing a Canadian framework for digital identification and authentication.

gener8tor

gener8tor

The gener8tor Cybersecurity Accelerator offers a cutting-edge program in San Antonio, home to the second-largest concentration of cybersecurity experts in the United States.

Proximus Ada

Proximus Ada

Proximus Ada is the first Belgian center of excellence combining artificial intelligence and cybersecurity.

Benchmark IT Services (BITS)

Benchmark IT Services (BITS)

BITS is a leading cyber security company in Australia. Our certified professionals work with you to keep your data assets safe and secure.

coc00n

coc00n

coc00n secures the devices of high-value and high-interest individuals against cyber attacks.

Two99

Two99

Two99 provide tailored excellence in the areas of E-Commerce, Marketing, Consulting, and Cyber Security.

Intelidata Techedge Pvt. Ltd.

Intelidata Techedge Pvt. Ltd.

Intelidata are a Global Cyber Security Consultancy and Services firm that helps companies drive growth by minimizing risk and maximizing potential.

Cynclair

Cynclair

Cybersecurity is a complex beast. And we're the beast-tamers. Our team thrives on deciphering the latest threats, building cutting-edge defenses, and making your digital world much safer.

Vivid Computing Solutions

Vivid Computing Solutions

At Vivid Computing Solutions we provide comprehensive solutions that keep your business running efficiently and securely.