Rethinking Cyber Defence For Tomorrow's Threats

Uploaded on 2025-04-08 in TECHNOLOGY--Resilience, FREE TO VIEW

Research shows that cybercrime is expected to cost $12 trillion this year, making it more pressing than ever for organisations to review and optimise their cybersecurity strategies and budgets. Identity-based threats more specifically are proving to be a real threat, with 80% of companies worldwide experiencing an identity-related cyberattack in 2024.

As the threat landscape becomes increasingly more complex, navigating emerging threats that target identities is a colossal challenge for cybersecurity teams.

Detection Wins Over Prevention

With the increasing number of cyberattacks and data breaches that each organisation is facing, it’s becoming nearly impossible for cybersecurity teams to mitigate individual attacks. Instead, a holistic approach to cybersecurity, where prevention serves as the fundamental base layer, but is then reinforced by timely detection, is becoming more prevalent.

Detecting and responding to identity threats has become the cornerstone of modern cybersecurity strategies, playing an important role in identifying compromised accounts and unauthorised use of credentials. Unlike prevention, it allows for a proper investigation to find a suitable solution for containing an attack. Early detection then equals early detainment, which lowers the price tag that comes with today’s identity cyberattacks.
Relying on principles such as Zero Trust is imperative as businesses need to assume they’ve been breached already, and focus on detection strategies instead.

AI Shapes Cyberattacks & Defence Strategies

With the onset of AI, businesses face more sophisticated threats from highly structured syndicates who use new AI-powered tools to optimise their attacks. Phishing is a key area that has been enhanced through AI models. While it used to be possible to detect phishing attacks through grammar and spelling mistakes, and the complexity of some languages was a serious barrier to attacks, AI has transformed how phishing emails are launched and amplified. By analysing large data sets, cybercriminals use AI to create highly personalised and convincing emails that appear legitimate, mimicking writing styles of individuals or organisations.

As AI becomes increasingly more embedded in day-to-day operations, cybersecurity teams need to be utilising AI to help them combat these threats. AI-powered security tools can provide context, clarity and transparency that will enable cybersecurity teams to make faster decisions and lead to faster recovery.

While AI is still evolving, organisations are hesitant to fully entrust it with autonomous decision-making, especially in high-risk scenarios. Businesses are more comfortable using it when the potential consequences are less tangible, suggesting a need to build trust and address concerns about AI's reliability and transparency first.

Attack Surface Expands Under A Wave Of Machine Identities

New data shows that for every human identity, there are 46 machine identities, greatly expanding the attack surface and contributing to a heightened security risk that could lead to identity compromise.

To combat this challenge, organisations need to adopt a layered approach to security that includes interoperability and orchestration. Interoperability enables seamless communication and data sharing between different platforms and systems, allowing for better context and decision-making.

Orchestration, on the other hand, will provide a centralised way to manage and automate security processes, improving efficiency and reducing response times. By embracing these concepts, organisations can build more resilient security systems that are capable of detecting and mitigating the risks posed by deepfakes and other emerging threats. On a practical level, organisations can implement new security measures, such as application safe words to protect themselves from these threats.

Quantum Cryptography Needs To Evolve To Protect Persistent Data

Proclaimed as the International Year of Quantum Science and Technology by the UN, 2025 promises to be the year when people wake up not only to the potential of this technology, but also become acutely aware of the threats it opens doors to.

As cyber adversaries continue to use AI and other advanced technologies to break into systems, it will be critical for current cryptography to evolve and prevent access for unauthorised individuals. This is critical especially for persistent data, such as health or financial records, that need to be retained and protected for the next 10-15 years.
While authentication remains important, we’re seeing authorisation as an emerging and continued trend that will help organisations face the current challenges posed by new technologies. As the most critical and strongest control point for enterprises access, authorisation helps organisations define what users can do and access within a specific environment, allowing for a more precise approach.

Restricting access through identity management and authorisation will help organisations face cybersecurity challenges, with just-in-time access and multi-factor authentication being some of the most powerful tools they can use.

Spencer Young is SVP, EMEA Sales at Delinea

Image: Julee Juu

You Might Also Read:

Combating Cyber Threats In The Age Of AI:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.