The evolving threat landscape

Cybersecurity is changing rapidly, with threat actors becoming increasingly sophisticated in their approaches. According to Unit 42’s latest report, initial access methods are shifting, with phishing re-surging as a primary attack vector.Attackers are now leveraging AI to create more convincing phishing messages, making traditional detection methods obsolete.The use of legitimate file-sharing sites, cloud platforms, and even Google AdWords has become a common strategy for malware distribution and data exfiltration.

Race against time

One of the most alarming trends is the dramatic reduction in dwell time — the period between an attacker’s initial breach and detection. In 2025, data exfiltration can begin within hours, sometimes even minutes of initial access, Chapman said.Nearly 20% of cases saw data theft occurring less than one hour after intrusion, with the average dwell time dropping to just seven days.This compressed timeline means organizations must implement rapid detection and response mechanisms.

Strategic defense and intelligent monitoring

Effective cybersecurity now requires a multi-layered approach. Chapman recommends comprehensive log management across all systems, including cloud environments, SSO providers, and enterprise applications. Key strategies include:

Organizations must also focus on breaking down technological silos, creating unified systems that can correlate data across different platforms.AI can play a crucial role in helping identify anomalies, test automated responses, and reduce mean time to detection, he said, adding that the future of cybersecurity lies in proactive, intelligent monitoring that can quickly identify and respond to threats across increasingly complex technological landscapes.By embracing advanced threat intelligence and automated response capabilities, Chapman said organizations can stay one step ahead of increasingly sophisticated cyber attackers.