The Annual Pulse of Cybersecurity: A Recap of the 2025 Verizon DBIR

It’s springtime, so that means flowers are in bloom, baseball season is well underway and Verizon released its annual Data Breach Investigations Report (DBIR).

For those who are unfamiliar with the DBIR, it is a comprehensive survey of cyber incidents and data breaches that occur annually between November 1 and October 31. The study goes beyond numbers (this year there were 22,052 incidents with 12,195 confirmed as breaches) to look at how threat actors go on the attack.

Persistent Threats: The Usual Suspects Intensify For years now, some of the biggest threats to an organization’s cybersecurity were credential abuse, ransomware and humans. According to the 2025 DBIR, these things continue to wreak havoc for security teams. Some of the key takeaways on recurring threats are:

• Credential abuse remains the most common attack vector, increasing by 34% over last year’s report.
• Zero-day exploits (meaning companies are immediately compromised) are still causing problems across networks, but are now increasingly targeting VPNs and edge devices, which are the devices most involved in managing data traffic (i.e., routers or firewalls).
• Ransomware is present in nearly half (44%) of all reviewed breaches with a rise in attacks against small and medium businesses (SMBs), but fewer organizations are paying the ransom and the amount of ransoms paid decreased.
• Human behavior continues to bypass the best security programs. The good news is that the human element’s impact isn’t getting worse, but the bad news is employees aren’t improving their actions. This year, like last year, human behavior was responsible for six in ten breaches.

Emerging and Escalating Risks While there are few new threats or attack vectors in cybersecurity, there are some situations that modified so much in the past year that they have raised concerns.

Take third parties for example. Third-party actors have always brought a level of risk to an organization. Most of the biggest or most infamous cyberattacks were caused by a third-party security failure. What’s alarming in this year’s DBIR is the dramatic increase in breaches involved a third party, doubling from 15% to 30%.

Espionage is also growing. Nation-state actors are targeting known vulnerabilities to go after data and money, and are now account for 17% of breaches. That might not seem like a lot, but this increase came before the federal cybersecurity infrastructure was significantly overhauled. It’s an area to keep an eye on.

Finally, security threats involving generative AI are ringing alarm bells. As more AI tools are introduced, so are more opportunities for generative AI to be used to launch attacks. The number of AI-generated malicious emails, the leading AI use for threat actors, doubled since ChatGPT was introduced. Employees are unwittingly facilitating insider threats by entering sensitive corporate data into generative AI systems, risking data leakage beyond corporate networks.

These are just a few key takeaways from the DBIR. Knowing where the risks are and the tactics threat actors use to infiltrate your system is the first step in building an effective defense. At Fairdinkum, we are committed to staying current on all the latest cyber threats and proactively protecting your data from breaches.