This week, three of the most influential reports in cybersecurity were released; Google Cloud’s M-Trends, Verizon’s Data Breach Investigations Report (DBIR) and the FBI’s Internet Crime Report. Together, they offer a sobering look at how attackers are adapting—and where defenders are still struggling to catch up.
Here are the key insights security leaders need to know:
📉 Dwell time is down, but so is subtlety
Attackers are being detected more quickly, thanks to improved monitoring and detection services. But this is not necessarily good news. Many are switching to faster, more disruptive attacks or selling access before being discovered. Phishing, credential theft, and exploitation of edge devices remain common entry points.
🔐 Supply chain weaknesses are being exploited
Verizon reports that 30% of breaches now involve third-party vendors, a significant uptick. Poor visibility into supplier environments and over reliance on trust continue to create blind spots. Meanwhile, many compromised devices were not even managed by corporate IT teams, highlighting the persistent risk of BYOD and shadow IT.
💸 Ransomware still dominates the threat landscape
Ransomware featured in 44% of breaches, according to DBIR. While the median ransom paid has fallen, the volume and speed of attacks continue to rise. Attackers are moving quickly—often aided by access purchased from infostealer markets.
📉 Investment scams are outpacing BEC
The FBI report reveals a dramatic rise in crypto-based investment scams, overtaking Business Email Compromise (BEC) in financial impact for the third year in a row. These scams are increasingly run by organised criminal groups operating large-scale fraud operations—often out of poorly regulated regions.
What this means for security leaders
The core issues have not changed: weak credentials, unpatched systems, and human error still drive most breaches. What has changed is the speed, scale and structure of the attacks. Automation is playing a greater role on both sides, helping defenders detect faster, but also helping attackers scale.
The fundamentals still matter: patching, access controls, detection and response are far more impactful than any new tool or AI model. So is understanding where your organisation is exposed, especially via third parties and unmanaged assets.
Turn Intelligence into Action.
As a key Google Cloud MSSP Partner, Reliance Cyber delivers expert-led managed services that help organisations detect and respond to threats faster. For more information on how we can help, book a consultation.