Cybersecurity in 2025 moved decisively from “advanced persistent threat” to “always-on, AI-enabled risk,” especially for regulated, security‑sensitive sectors. Executives planning for 2026 should treat cyber as an integrated business risk discipline, not a series of point technology decisions.

The holidays are a time to slow down, reconnect, and recharge, but cyber threats don't take time off. While many teams are on vacation or operating with reduced staff, attackers see opportunity in distracted users, rushed processes, and unattended systems.

As we close out 2025, the cybersecurity landscape continues to evolve rapidly—with new regulatory guidance, intensified phishing threats, and an increasing convergence between IT and operational technology (OT). Below is our bi-weekly summary of key developments impacting cybersecurity leaders, risk professionals, and compliance officers across industries.

Ransomware readiness means putting the people, processes, and controls in place so that when, not if, a ransomware event occurs, your organization can contain the damage, recover quickly, and meet regulatory obligations with confidence.​

The evolving threat landscape highlights the convergence of nation-state actors, AI-driven tools, and trusted platforms, all of which contribute to increased cyber risks for organizations. Security leaders should view these developments as opportunities to strengthen controls related to identity, endpoints, and third-party vendors.

As the holiday season approaches and families gather around the table to share gratitude and turkey, it’s easy to forget that cyber threats are at their peak during the holiday season. While Thanksgiving marks a time of togetherness, reflection, and generosity, it also presents unique cybersecurity challenges for organizations and individuals.

This week’s developments reinforce the need for proactive risk management, robust incident response, and the continuous alignment of cybersecurity programs to emerging risks and regulatory requirements.

Insider threats have emerged as a top concern for small businesses and organizations, posing complex risks that technology alone cannot solve. Recent CISA advisories underscore a troubling pattern: attackers misuse legitimate credentials, often without triggering suspicion until significant damage has occurred.

Explore the latest cyber threats and trends, from FCC telecom rule changes and AI-driven insurance risks to ransomware crew hacks and critical infrastructure challenges in the JANUS Associates Cyber Threat Report.

Generative AI is changing the game in cybersecurity for everyone, both those looking to protect systems and those who might exploit vulnerabilities. As we see the rise of deepfakes, automated phishing schemes, and unpredictable AI hallucinations, companies are quickly trying to update their risk management strategies to align with the latest NIST Cybersecurity Framework 2.0 and AI guidelines.  

The cybersecurity landscape is evolving rapidly, with AI-driven social engineering, DDoS automation, and advanced threat collaboration dominating the headlines. JANUS Associates analyzes the top cybersecurity incidents and trends shaping Q4 2025; drawing from CISA, FBI joint advisories, and trusted cybersecurity intelligence agencies and other trusted public sources.

In the modern world, businesses operate in an environment full of cyber threats. In this regard, cyber security management is more important than ever. Although conventional approaches are still relevant, new approaches are appearing to enhance the effectiveness of the protection against the constantly emerging  threats.

Law firms are prime targets for cyberattacks given their proprietary sensitive information, including client data, intellectual property, and confidential business transactions. Now more than ever, law firms must prioritize cybersecurity measures to protect their businesses and maintain the confidence of their client base.

In today’s digital age, businesses are dependent on the internet. From internal communication amongst employees to fielding queries from customers and processing payments and payroll, the web is a crucial part of conducting business in the 21st century.

CISA has released CISA Analysis: Fiscal Year 2023, Risk and Vulnerability Assessments, an analysis detailing the findings from the 143 Risk and Vulnerability Assessments (RVAs) conducted across multiple critical infrastructure sectors in fiscal year 2023 (FY23).

We all have memories that are forever etched in our minds, events that were life-changing and we can still vividly recall. I was 10 years old when JFK was assassinated and remember the day clearly. I can also tell you where I was and everything about the day 23 years later when Challenger exploded. 23 years after Challenger we faced September 11, and all of us can share where we were, how we heard about it, and what transpired in the following hours, days, and weeks.

With smaller teams, older technology and fewer resources, small businesses face an increased risk of cyber attacks. In fact, 50% of cyber attacks target small businesses. Small businesses also have a more difficult time recovering from a cyber attack - 60% will close within six months following a cyber security incident. Here are some common tactics cyber criminals use, and ways to strengthen your business’ cyber security: 

Cybersecurity incidents can have extensive and far-reaching impacts on businesses, extending well beyond financial losses.

Here are some of the key areas where businesses might experience significant costs due to cybersecurity breaches:

Law firms are a primary target for ransomware attacks, with cybercriminals targeting legal practices with sophisticated assault techniques.

Law firms are valuable targets for a multitude of reasons, but most recently they have been targeted as law firms are increasingly transitioning data to cloud-based platforms and web-based apps. While these technologies facilitate data accessibility, they also expand the attack surface and significantly increase the probability of vulnerabilities.

Cybersecurity frameworks act as the backbone for organizations, providing a structured set of rules and procedures to shield against cyber threats. Their primary goal? Safeguarding an organization's digital assets with precision and efficiency.

As technology becomes more intertwined with every organization, the risk of a successful cyber-attack also grows. Without a clear understanding of where your security measures may fall short, your operations remain vulnerable to potential threats, disruptions, and other detrimental outcomes.

In the ever-evolving digital realm of today, it is imperative for stakeholders to enforce robust security measures and implement innovative protocols to protect sensitive information and strengthen their infrastructure.

As the digital landscape evolves, so do the threats facing all organizations, especially as they move their operations to the cloud. Projections indicate that by 2025, a staggering 85% of organizations will rely on cloud-native platforms.

With this shift comes increased interest from malicious actors looking to exploit vulnerabilities and gain access to sensitive data of all types. In light of this, advanced penetration testing techniques are necessary to counter the ever-changing cloud security threat landscape.

In this article, we will explore seven key strategies through which penetration testing can fortify your cloud infrastructure, ensuring its resilience against potential threats including data exfiltration.

With the digital landscape constantly changing, it's crucial to stay ahead of cybersecurity threats, and advanced penetration testing is a key strategy for strengthening your organization’s defenses.

As businesses grapple with increasingly sophisticated cyber threats, the field of penetration testing continues to evolve, giving rise to new and innovative methodologies.

Attack surface discovery is a crucial component of any organization’s cyber security strategy, allowing teams to identify potential entry points – also known as attack vectors – that could present a cyber threat. Without proper attack surface management, organizations risk exposure to breaches in systems, devices, and the overall network.

Organizations today are in a relentless battle against cyber threats, a challenge magnified by the ever-expanding digital landscape. Companies in a risky environment must protect against both known and unknown threats to their digital infrastructure.

This is where the critical roles of attack surface management (ASM) and vulnerability management (VM) come into play. Imagine navigating a complex network of digital assets, each a potential gateway for cyber attacks. Securing gateways is challenging as organizations depend more on digital operations, making the stakes higher than ever.

This article explains the difference between ASM and VM and advises on what to do during an attack.

In our increasingly interconnected world, the importance of cybersecurity cannot be understated. Every October, we observe Cybersecurity Awareness Month, a timely reminder of the significance of safeguarding our digital lives. As technology evolves and cyber threats continue to proliferate, it's crucial to stay informed and proactive in defending against these digital adversaries.

Let's explore the significance of Cybersecurity Awareness Month and how you can participate in promoting a safer online environment.

Every 39 seconds, a cyber attack occurs with an estimated 30,000 websites globally attacked every day. Cybersecurity threats can quickly become a reality and if this happens, your organization needs to be prepared with an incident response plan, or IRP.

In the realm of cybersecurity, technology remains an ever-shifting cornerstone. As the digital world continues to evolve, it comes as no surprise that progressive organizations are readily embracing a multitude of technological tools including Artificial Intelligence (AI)

Third-Party Risk Management (TPRM),  is the process of identifying, assessing, and mitigating potential risks that can arise from the involvement of external parties in an organization's everyday operations and data handling.

Attack surface discovery refers to the process of identifying and mapping all potential entry points or vulnerabilities that an attacker could exploit to gain unauthorized access to a system or network.

Cyber attacks are on the rise, with one happening roughly every 39 seconds. No organization is immune to these risks, however, some are more commonly targeted than others, such as law firms.

Artificial Intelligence (AI) is revolutionizing the field of cybersecurity. AI can be used to detect and prevent cyber threats, automate security processes, and increase the overall efficiency of an organization's IT security operations.

Are you concerned about your company's security footprint? In the first half of 2022, cybercrime affected more than 53.35 million Americans.

As the threat of cyberattacks continues to grow, businesses must take proactive steps to protect their data and systems.

Compliance with regulatory requirements is a key aspect of this, but navigating the complex landscape of regulations can be challenging. That's where cyber insurance comes in.

As cyber threats become increasingly prevalent, organizations are looking for ways to protect themselves against potential data breaches and cyber threats.

Background

Gaming and casino operators require top-notch IT security due to the sensitive nature of their operations, high revenue generated, storage of personally identifiable information, and regulatory compliance requirements. The most profitable area in a casino is the electronic gaming machines as they account for over 80% of gaming revenue according to research by the UNLV Center for Gaming Research Studies.

Phishing is the most common form of cybercrime, with over 3 billion phishing emails sent every day, scammers are constantly looking for new and innovative ways to steal your sensitive data.

By 2025, cybercrime will cost the world an estimated $10.5 trillion annually. As internet use grows, so does the threat of cyberattacks. For organizations, such attacks can result in devastating losses. As such, you want to make sure that you're always taking the proper measures to reduce the risk of your organization falling victim to hackers.

There are various methods of increasing cybersecurity. One of them is through the use of penetration testing. It's important to know what this is, and when to do it.

Want to know when you should perform a penetration test? keep reading to find out more.

The global market for cyber security awareness training is expected to grow by more than 45% in the next five years. This record growth highlights the importance that organizations place on improving cyber security.

In 2021, the ransomware industry in the United States alone resulted in over $1 billion in payments to cyber criminals. Given the ever-evolving nature of technology, there's no doubt that criminals will try to capitalize on the latest trends in cyber-attacks to make even more money.

Last year, healthcare and manufacturing were some of the most targeted industries for cybercriminals to attack. Other industries followed not far behind, with bad actors focusing on banks and insurance companies, public/state administrations, educational institutions, professional and organizational services, and more. 

Background

A regional medical center had a segmented network design whereby different departments within the center (Administration, Radiology, Facilities, etc.) were separated from each other within the overall network as part of a relatively secure environment. But no matter how much security is in place, clicking on a malicious link or attachment in a phishing email can bypass that security. 

The healthcare industry is full of acronyms. ACA, HIPAA, HHS, CHIP, and MARS-E are just a few. Understanding them is critical to your organization's success.

Keep reading for a MARS-E guide that tells you what you need to know about these important standards.

When it comes to disaster recovery, planning is essential. In reality, however, each emergency situation can differ. No matter how organized the plan may be, it is not always possible for an organization to cover each and every variable or extended outlier during an attack.

When it comes to cyber-attacks, in-house IT professionals are working hard on implementing tools and strategies to protect their organizations, while cyber criminals and nation states are hard at work becoming more sophisticated in their approaches.

As technology continues to advance, so does the threat of cyber-attacks on organizations. According to recent reports done by the University of North Georgia, only 38% of global organizations claim they are prepared to handle a sophisticated cyber-attack.

Preparedness helps organizations effectively manage and mitigate the operational, legal, and reputational consequences of an event. In this article, we will take a look at some of the major steps your organization should take to protect its network and personal data.

A CISO, (Chief Information Security Officer) or a vCISO, (virtual Chief Information Security Officer) are common practices offered by cyber security experts when providing organizations with security management. The question is, which one is more effective in providing protection to your company? 

In our final installment for the Kaplan e-learning web series, JANUS Associates takes an in-depth look at some of the ways an organization can prevent internal cyber threats along with how a ransomware attack can have major repercussions against your company's infrastructure and confidential data.

A company's cyber security plan can make all the difference in protecting against a data breach, but when a record 60% of all data breaches are internal, it can be hard to know who to trust. In this article, we will go through potential approaches you can take to protect your company's confidential and intellectual property.

As technology continues to advance and organizations transition into a completely digital space for their private information and data, cyber insurance has become a commonality among numerous industries.

Every organization, regardless of what you do, is at risk for a ransomware attack. This blog will give you some insight into best practices to minimize the risk of a successful attack.

Background

A commercial enterprise had a common, shared drive-type of network setup. Documents were shared by a multitude of employees throughout different departments and saved in a centralized manner. This common practice of centralizing data was the primary catalyst for the attack on their network.

Ensuring that you keep your personal identifiable information (PII) safe and protected should be your number one priority. With these tips below, JANUS provides insight on how you can prevent fraud from occurring.

Proper on/offboarding policies and procedures can protect your data and streamline your operations. JANUS’ 8 cybersecurity best practices will help you create a hardened yet more resilient enterprise.

Data security is critical and incidents of data exfiltration result in unwanted attention to organizations, which can lead to financial losses and reputational damage.

IT challenges have never been greater. Protecting your assets, operations, clients, and employees has never been a more complicated and difficult task. You may have a thorough understanding of your IT compliance requirements or you may not, and the security partner that you choose may be the key to the success or failure of your initiatives.

Analysts predict that cyber security will continue to be a top priority of enterprises around the world in 2022 and beyond. As of this published post, cyber attacks in 2022 are on track to greatly outnumber attacks that occurred in 2021.

Cyber security attacks are on the rise in schools. More technology means more potential threats. Unfortunately, some educators and students are unaware and unprepared for the repercussions posed by these cyber threats.

Due diligence is a process that confirms facts or details of something being purchased, or a contract for services. Due diligence examines all aspects of the deal to confirm that everything is as represented verbally and in writing by the offeror. It’s undertaken to prevent misrepresentations and to uncover potential fraud.

Whether you’re a small company or one as large as Colonial Pipeline or T-Mobile, not having any cyber incident response plan will cause major problems and disruptions. When you’re hit with a breach, without a plan in place, your security and management teams will be scrambling and likely to make expensive mistakes. 

Patricia Fisher, President and CEO of JANUS Associates, Inc. is one of the Founding Partners of the Connecticut Technology Council (CTC) and continues on the board in addition to leading the Cyber Security Task Force. Ms. Fisher is also involved in other technology-oriented associations.

Data breaches, insider threats, loss of client trust—these are all security and privacy threats all organizations face today. Learn more about what action Privacy and Security Professionals are taking today. #PSR21

Looking at the cybersecurity headlines from the past few years, we’ve seen significant data breaches happening more frequently and increasing in severity. At the same time, the cost of cyber insurance is rapidly rising, coverage limits are shrinking, and loss exclusions are more so than ever.

The Connecticut (CT) State Legislature has enacted major changes to CT Data Breach Notification Laws, effective October 1, 2021. These changes are a direct result of the worsening threat landscape, and it is safe to say that regulations will most likely continue to be enacted at both the state and federal levels.  

From January 2020 through May 2021, New York State Department of Financial Services (NYDFS) regulated companies reported in excess of 70 Ransomware attacks ranging from costly shutdowns to disruptions in business operations. Successful Ransomware attacks continue to escalate in total numbers and overall severity, with no sector safe from an attack. Government agencies, companies, educational institutions, and nonprofits are all targets. 

Approximately 66% of hacked organizations expressed uncertainty that they could ever fully recover. Getting hacked or falling prey to Ransomware is a big deal—for you, your business, your customers, and your employees!

Ransomware and hacking is a major problem and effective cyber security is the only way to safeguard your operations and assets. The risk of not taking care of business is losing your business.

Cyber attacks are now a routine business risk, not an edge case. Recent industry reporting shows the global average cost of a data breach reached about $4.45 million dollars in 2023, a roughly 15% increase since 2020, with the United States averaging close to $9.5 million dollars per incident. At the same time, many organizations continue to underinvest in cybersecurity, often spending only a few hundred dollars a year on basic protections, while remaining attractive targets for attackers.