What's Happening?
Red Canary, a Zscaler company, has released a midyear update to its 2025 Threat Detection Report, revealing a sharp increase in cloud and identity threats. The report notes a nearly 500% rise in cloud account detections compared to 2024, driven by enhanced detection capabilities in identity-based threats. New cloud-related techniques, such as 'Data from Cloud Storage' and 'Disable or Modify Cloud Firewall,' have emerged as significant risks. The report also highlights the evolving nature of phishing tactics, with only 16% of suspected phishing emails being genuinely malicious.
AD
Why It's Important?
The findings from Red Canary underscore the growing complexity of cybersecurity threats as organizations increasingly adopt cloud-based identity providers and infrastructure. The dramatic rise in cloud account detections indicates a need for more sophisticated security strategies that address both explicit threats and subtle risky behaviors. As phishing remains a prevalent attack vector, the report emphasizes the importance of continuous improvement in threat detection and response capabilities. Organizations must adapt to these evolving threats to protect sensitive data and maintain operational integrity.
What's Next?
In response to these emerging threats, organizations are likely to implement stronger identity security controls, such as multi-factor authentication and conditional access policies. Regular audits of cloud infrastructure configurations and enhanced phishing awareness training will be crucial in mitigating risks. Red Canary's report suggests that security teams will need to evolve their strategies to include more nuanced risk assessments across dispersed environments, leveraging AI and advanced detection technologies.
Beyond the Headlines
The report highlights the ethical and operational challenges posed by the increasing reliance on AI and cloud technologies in cybersecurity. As adversaries employ sophisticated techniques to bypass traditional security measures, organizations must balance the need for robust security with concerns about data privacy and the potential for AI-driven surveillance.
