Our Field CISO Phil Bindley shares his 'state of the nation' for key topics to watch in cybersecurity.
Phil Bindley is back with a new segment, his cybersecurity 'state of the nation'. Here are the top three topics to keep an eye on as we come out of August 2025.
Multiple security agencies provide update on Scattered Spider
The hacking group suspected to be behind the high-profile attacks, that had such devasting impact on UK retailers such as Marks and Spencers are still very active. The following best practice guidance to defend yourself against them has been issued.
- Maintain offline backups of data that are stored separately from the source systems and tested regularly.
- Enable and enforce phishing-resistant MFA
- Implementing application controls to manage and control software execution.
Identity is the new edge
Traditionally, security perimeters were defined by physical or network boundaries firewalls, VPNs, and on-premises infrastructure. But in today’s cloud-first, hybrid work world, those boundaries have dissolved. Users, devices, applications, and data now operate far beyond the traditional network edge.
As a result, identity has become the new control point the new "edge" for enforcing security. Every access request, whether from a human, device, or workload, is now evaluated based on identity rather than location
Steps to take are:
- Prioritising identity governance and privileged access management (PAM)
- Embedding identity into zero trust architectures
- Treating identity as the primary attack surface and defence layer
First case of Malware written to trick AI driven Anti Malware
Cyber attackers are now experimenting with ways to trick artificial intelligence (AI) systems that are used to detect malware. In a recent case, researchers found a piece of malware that included a message written in natural language, like a note to the AI trying to convince it that the file was safe. This technique, known as “prompt injection,” is a new way for malware to avoid being flagged by AI-based security tools.
Although this particular malware didn’t succeed in bypassing detection, it marks the beginning of a new kind of cyber threat. Instead of just hiding malicious code, attackers are now trying to manipulate the AI systems themselves.
Ransomware, Ransomware and more Ransomware
The ransomware landscape in 2025 has grown smarter and harder to detect. Attackers are harnessing AI to create adaptive strains that disguise themselves as legitimate processes and adjust in real time to bypass traditional security tools. These threats don’t just encrypt files anymore they steal data, extort victims, and inflict reputational damage.
AI has also supercharged phishing, making attacks faster, more precise, and dangerously convincing. No organisation is too small to be a target, and traditional defences are no longer enough. Businesses need proactive security awareness and advanced threat detection to stay ahead of these increasingly sophisticated attacks.
Cyber risks evolve daily. Stay informed, stay prepared.
