The biggest challenges in cyber security

The very tools meant to protect are now creating their own kind of risk
Monday, November 24, 2025 | 3 MINS
84% of major cyberattacks now utilise Living-off-the-Land (LOTL) techniques, where adversaries "log in, instead of breaking in."

With this type of attack, hackers leverage legitimate system tools (like PowerShell and WMI) and stolen credentials to blend into target environments and evade detection, making traditional detection-focused security insufficient.

The report also highlights pervasive issues such as misaligned priorities, a lack of internal security skill sets, and the challenge of managing tool complexity.

A forward-looking view

The Bitdefender Official 2025 Cybersecurity Assessment Report provides a critical, forward-looking analysis of the evolving threat landscape, based on a global survey of 1,200 IT and security professionals and an analysis of over 700,000 cyber incidents.

This report is essential reading for its detail of the critical shift needed toward proactive security and attack surface reduction. It provides an in-depth view of the challenges security teams face, including difficulties in balancing security with usability and integrating legacy systems.

Critically, the report offers a roadmap for modern defense, advocating for granular, adaptive control and the establishment of individualised baselines for user and endpoint behavior. By moving beyond blanket restrictions and focusing on "what's normal," organisations can free up EDR/XDR tools to focus on genuinely novel threats. The report also addresses emerging risks like AI-powered malware and AI-enhanced social engineering, making it a vital resource for fortifying defenses against the stealthiest and most sophisticated threats of 2025 and beyond.

Get the report

The 2025 findings reveal that proactive security is no longer optional. Organisations are overwhelmingly looking to reduce their attack surface in addition to relying on detection and response.

The survey data also confirms ongoing concerns around AI: worry about usage by attackers, yes, but also the risk created by organisations themselves as they increasingly utilise the immense number of AI tools flooding the market.

>Get the report
More in Antivirus and Endpoint Detection and Response (EDR)
How device choice impacts your AI adoption strategy
How device choice impacts your AI adoption strategy

Make sure your devices are optimised for AI.

Modern Workplace
Saturday, November 23, 2024 | 3 MINS
Secure your data and operations across every device
Secure your data and operations across every device

How AI helps track risks at every layer and laying the foundation for adoption

Devices
Tuesday, July 30, 2024 | 3 MINS
IT Security as a Managed Service
IT Security as a Managed Service

Considerations for the SME

Managed Security Services
Wednesday, March 23, 2022 | 2 MINS

Share this story

Reading Progress

We're a community where IT security buyers can engage on their own terms.

We help you to better understand the security challenges associated with digital business and how to address them, so your company remains safe and secure.

Interested in what you see? Get in touch, and let's start a conversation Get in touch
Register for the Next Level Cyber Security Book
If you’d like to know more about any of the technologies mentioned in this article please get in touch.