Security Squawk - The Business of Cybersecurity

Listen, download, subscribe

Apple Podcasts

Spotify

Our Cyber Predictions and 2025 Proved Us Right (Mostly)

In this annual Security Squawk tradition, we do two things most people avoid: accountability and predictions. First, we break down the top cyber-attacks of 2025 and translate them into what actually matters for business owners, IT pros, and MSPs. Then we grade our predictions from last year using real outcomes. No excuses. No hand waving. No “well technically.” Why does this episode matter? Because 2025 made one thing painfully clear. Most cyber damage does not come from genius hackers. It comes from predictable failures. Unpatched systems. Over-trusted third parties. Tokens and sessions that live too long. Help desks that can be socially engineered. And organizations that still treat cybersecurity like an IT issue instead of a business survival issue. We start with the Top 10 Cyber-Attacks of 2025 and pull out the patterns hiding behind the headlines. This year's list includes ransomware and extortion campaigns, software supply chain failures, identity and OAuth token abuse, and attacks that caused real operational disruption, not just data exposure. These stories show how attackers scale impact by targeting widely deployed platforms and trusted business tools, then turning that access into downtime, data theft, and brand damage. One of the biggest lessons of 2025 is simple: identity is the new perimeter. Many of the most important incidents were not break-in stories. They were log-in stories. Stolen sessions and OAuth tokens keep working because they let attackers bypass MFA, move quickly, and blend in as legitimate users. If your security strategy is focused only on blocking failed logins, you are watching the wrong signal. 2025 also reinforced how fragile third-party trust has become. Integrations are everywhere. They make businesses faster and more efficient, but they also expand the blast radius. When a third-party tool or service account is compromised, it can become a shortcut into systems that were never directly attacked. In this episode, we talk about practical steps like minimizing access scopes, eliminating unnecessary integrations, shortening token lifetimes, and having a real plan to revoke access when something looks off. We also dig into why on-prem enterprise tools continue to get hammered. Many organizations still run internet-facing platforms that are patched slowly and monitored poorly. Attackers love that combination. In 2025, we saw repeated exploitation of high-value enterprise software where a single weakness led to widespread compromise across industries. If your patching strategy is “we will get to it,” attackers already have. Another major theme this year was operational disruption. Some of the costliest incidents were not just about stolen data. They shut down production, halted sales, broke customer service systems, and created ripple effects across supply chains. That is where executives feel cyber risk the hardest. Data loss hurts. Downtime is a business emergency. Then we grade last year's predictions. Did AI take our jobs? Not even close. What it did do was raise the baseline for both attackers and defenders. AI improved phishing quality, accelerated scams, and forced organizations to confront the risks of adopting new tools without clear controls. We also review our call on token and session-based attacks. That prediction aged well. Identity-layer abuse dominated 2025. The issue was not a lack of MFA. The issue was that attackers did not need to defeat MFA if they could steal what comes after it. We also revisit regulation. It did not arrive all at once. It crept forward. Agencies and lawmakers continued tightening expectations, especially in sectors that keep getting hit. Businesses that wait for mandates before improving controls will pay more later, either through recovery costs, insurance pressure, or lost trust. Finally, we look ahead to 2026 with new predictions that are probable, not obvious. We discuss what is likely to change around identity, help desk security, SaaS governance, and how leaders measure cyber readiness. The short version is this: 2026 will reward companies that treat access as a living system and punish those that treat it like a one-time setup. If you like the show, help us grow it. Subscribe, leave a review, and share this episode with someone who still thinks cybersecurity is just antivirus and a firewall. And if you want to support the podcast directly, buy me a coffee at buymeacoffee.com/securitysquawk.

• 

  America’s Hidden Cyber War Is Already Here

• 

  Cybercrime Economy Exposed. Billions Paid. Banks Breached

• 

  Emergency Alerts Hacked, Retailers Paying Up, And 2026 Looks Rough

• 

  Ransomware Reality Check: Inside “The Gentlemen” Gang

• 

  How a Food App, a Tech Giant and a State Attorney General All Got Hacked

• 

  Healthcare Hit Again and Nevada Falls to One Employee Mistake

• 

  Cyber Blunders: Library Locked Down & 1.2 Million Records Exposed

• 

  Qilin’s Ransomware Takeover: City Pays Up & Telco Breach Fallout

• 

  Windows 10 Dies and Hackers Are Ready for It

• 

  Airline Breach Fallout, AI Data Fails, and Ransomware on the Rise

• 

  Cyber Chaos 2025: From Airline Breaches to AI Blunders and Ransomware’s Co…

• 

  Ransomware Evolves: From Volvo’s Supply Chain to Your Own IT Tools

• 

  Insider Breach Hits 689K & Airport Chaos from U.S. Vendor Hack

• 

  AI Ransomware Is Here — And ShinyHunters Just Leaked a Nation

• 

  Jaguar Land Rover Crippled by Cyberattack + CISOs Gagged on Breaches