Given the recent spate of high-profile cyber breaches such as attack on Jaguar Land Rover which stopped production and required government assistance, Microsoft by 2025 Digital security report calls on IT departments to ensure cyber risk management is at the board level.
Microsoft recommended that IT leaders treat cybersecurity as a business risk, on par with financial or legal issues. “It is important that corporate boards and CEOs understand their organization’s security vulnerabilities,” the report states.
The company encouraged IT leaders to track and report metrics such as multi-factor authentication coverage, patch latency, number of incidents and incident response times to gain a complete understanding of both the organization's potential vulnerabilities and its preparedness in the event of a cybersecurity incident.
Other recommendations include ensuring compliance Phishing-resistant multi-factor authentication for all accounts, including administrative, and audit perimeter access provided to trusted partners.
Over the past year, Microsoft said it continues to see actors ramp up the development of new and innovative techniques to challenge defense organizations that deploy them for detection and prevention. He noted that the daily threats organizations face remain largely the same, and that attacks tend to be opportunistic in nature, with threat actors targeting known security holes.
“While users around the world are at risk, we have seen the majority of attacks over the past six months targeting the US, UK, Israel and Germany,” Microsoft said.
The report found that governments and the public sector were hit the hardest by cyberattacks. Microsoft warned that many local governments are running on legacy systems that are difficult to patch and secure, while budget constraints and small IT teams often mean delayed updates, minimal threat monitoring and limited incident response capabilities. This makes them valuable targets for both nation-state actors and financially motivated cybercriminals.
A Microsoft study found that the main attack vectors for hackers were web perimeter assets (18%) and external remote services (12%), and, to a lesser extent, supply chains (3%).
However, Microsoft said it continues to monitor attackers targeting trusting relationship with upstream managed service providers, remote access services such as virtual private network or virtual private server systems, remote monitoring and management tools, cloud backups, continuous integration and continuous delivery pipelines, and third-party deployment software providers to gain access through trusted or commonly deployed IT systems.
Microsoft warned that these intrusions typically compromise privileged vendor accounts, use unpatched software, or insert malicious code into legitimate components. The report's authors recommended that organizations check access rights, review software specifications, maintain dependency hygiene, and perform run-time integrity checks.
In a blog post discussing the findings, Amy Hogan-Burney, corporate vice president of security and customer trust at Microsoft, said, “Organizational leaders must view cybersecurity as a core strategic priority, not just an IT issue, and build the resilience of their technology and operations from the ground up.”
She also warned that the use of artificial intelligence speeds up the development of malware and creates more realistic synthetic content, making activities such as phishing and ransomware attacks more effective. “Opportunistic attackers are now targeting everyone – big and small – making cybercrime a universal, omnipresent threat that permeates our daily lives,” Hogan-Burney said.
