DirectDefense, Inc., an information security services company, today released its “2025 Security Operations Threat Report” which identifies the type and frequency of threats, offers insight into a...
Growing focus on identity compromise by bad actors requires organizations to enforce zero trust principles and employ strong identity verification
DENVER: DirectDefense, Inc., an information security services company, today released its “2025 Security Operations Threat Report” which identifies the type and frequency of threats, offers insight into attacker behavior and the evolution of security threats, and forecasts the biggest threats to be aware of for the remainder of 2025.
In 2024, DirectDefense processed more than 10 million log events, ensuring rapid detection, response, and mitigation of potential cyber threats. The company discovered that adversaries have refined their techniques, blending social engineering with AI and automation to evade detection. DirectDefense mapped these alerts to the MITRE ATT&CK® framework to identify these top five tactics:
1. Initial Access – The Gateway to Compromise
2. Persistence – Remaining Hidden in the Environment
3. Lateral Movement – Expanding Control Across the Network
4. Execution – Deploying Malicious Payloads
5. Credential Access – Harvesting Sensitive Authentication Data
These attack tactics highlight a growing focus on identity compromise by bad actors, which requires organizations to enforce zero trust principles and employ strong identity verification for all access requests. Additionally, organizations should:
Emerging threats for 2025
Based on these attack tactics, the DirectDefense team identified emerging threats that top the list for security concerns:
The report also highlights the growing threat to critical industries and the shift from ransomware to extortion tactics. The types of attack tactics vary year to year, but DirectDefense’s report reflects how the techniques and executions attackers use evolve over time.
“Attackers have honed their techniques to become faster and more powerful against a company’s defenses; conversely, security solutions are less able to withstand attacks on their own and need constant monitoring and tuning,” said Jim Broome, President and Chief Technology Officer for DirectDefense. “As adversaries refine their techniques, organizations need to stay ahead by adapting their security posture. It’s not just about responding to threats—it’s about anticipating and mitigating them before they cause harm.”
The full report can be found here.
Follow DirectDefense
LinkedIn: https://www.linkedin.com/company/directdefense/
X: https://x.com/direct_defense
Blog: https://www.directdefense.com/resources/blog/
About DirectDefense, Inc.
DirectDefense provides enterprise risk assessments, penetration testing, ICS/SCADA security services, and 24/7 managed security services for companies of all sizes. Focused on building security resiliency, the firm offers comprehensive security testing services with specialization in application security, vulnerability assessments, penetration testing, and compliance assurance testing. Its team of highly talented consultants has worked with the majority of the Fortune 100 companies, in industries such as power and utility, gaming, retail, financial, media, travel, aerospace, healthcare, and technology. More information can be found at www.directdefense.com.
Fonte: Business Wire
Alaa Abdul Nabi, Vice President, Sales International at RSA presents the innovations the vendor brings to Cybertech as part of a passwordless vision for…
G11 Media's SecurityOpenLab magazine rewards excellence in cybersecurity: the best vendors based on user votes
Always keeping an European perspective, Austria has developed a thriving AI ecosystem that now can attract talents and companies from other countries
Successfully completing a Proof of Concept implementation in Athens, the two Italian companies prove that QKD can be easily implemented also in pre-existing…
$CTEV #CTEV--Claritev Corporation (“Claritev” or the “Company”) (NYSE: CTEV), a technology, data and insights company focused on making healthcare more…
Hawk, the leading provider of AI-powered anti-money laundering (AML), screening and fraud prevention solutions, has today announced that it has been recognized…
The "B2B E-Commerce Market, Marketplaces and Payments Trends 2024" report has been added to ResearchAndMarkets.com's offering. AI, blockchain, and SaaS…
#AI--Information Services Group (ISG) (Nasdaq: III), a global AI-centered technology research and advisory firm, has launched a research study examining…