Arctic Wolf 2025 Cybersecurity Trends: Xalient's Expert Take

The latest release from Arctic Wolf Labs is now out, summarizing responses from 1200 IT and security decision makers worldwide, into The Arctic Wolf State of Cybersecurity: 2025 Trends Report. The research looks at the major trends in threats, mitigation and readiness and as ever, has some interesting findings.

AI & LLMs: The New #1 Cyber Concern

It comes as no great surprise that Ransomware has been knocked off the top spot of the list of Cyber concerns by AI/LLMs and associated privacy concerns.

Identity is the New Perimeter – And the New Target

At Xalient, our view is that the concerns listed in the report by Security Leaders can largely be mitigated with (among other things) a strong Identity programme, especially with regards to privacy concerns with AI, where people have specific worries about:

• Entitlement to content both consumed and/or created by LLMs, and;
• How AI Agents can behave.

Non-Human Identities & the AI Risk Landscape

Non-Human Identity (NHI) and Data Security Posture Management (DSPM) will become hugely significant in how we manage what Generative AI and AI Agents can/can't do on our behalf. A written, official, or acceptable usage policy isn't sufficient to protect a business from losing core assets!

Effective management of entitlements to discovered, classified, and secured data is currently the single biggest consideration organizations face when implementing AI within the business. Two main AI adoption approaches risk a loss of business value:

• We're going for it! Organizations risk breach and data loss at scale – remember, automation amplifies mistakes!
• We're too scared! The business value of integrating AI into the business is lost due to fear of surrounding data loss.

While we now acknowledge that 'Identity is the new perimeter', it also makes that perimeter a significant target for attackers for a couple of key reasons:

• Identity is often the least mature capability in an organization's security stack – normally consigned to a 'nice to have' (or 'too difficult/slow/expensive') bucket for any leftover budget.
• It's widely acknowledged that bad actors aren't hacking in – they're logging in. It's far easier to compromise an identity and log in to perform malicious activity, than it is to find and exploit vulnerabilities in products/platforms.

This makes it even more valuable for an organization to have its ducks in a row from an identity perspective.

Ransomware, Disclosure & Regulatory Pressure

Arctic Wolf has commented in its report that breaches are still all too common, hinting that perhaps disclosure obligations are driving a perceived rise in attacks that have been happening anyway but have previously gone unreported.

There is clear guidance on ensuring response capability is appropriate – while prevention is, of course, important, there are diminishing returns at a point, and detection/response are what really help when the inevitable happens. From a regulatory/disclosure perspective, it can be argued that a business is more likely to survive an event with effective response than having focused solely on trying to prevent a breach. Of course, it's a fine balance – and a CISO's nightmare. While some businesses have previously taken the approach of purely transferring risk, via Cyber Insurance policies, rather than taking preventative steps, this is no longer an acceptable strategy – both insurers and regulators are mandating a blend of prevention and response capability.

Why Preparedness Still Trumps Prevention Alone

Arctic Wolf report businesses are paying out on ransoms far more often than was previously thought, but the scale of the payout is often mitigated by professional negotiation services included in Incident Response retainer plans.

Breaches happen; they're inevitable. As long as you've taken reasonable steps to prevent it and to prepare for when it happens, there's no shame in admitting it happened. The more we hear about it, the more we can all learn lessons from it. Download the full Arctic Wolf's 2025 Trends Report now and stay ahead of the curve.