October is Cybersecurity Awareness Month, and this year’s theme—”Building a Cyber Strong America“—has never been more relevant. For over two decades, this initiative led by CISA and the National Cybersecurity Alliance has spotlighted the importance of taking daily action to reduce online risks. In 2025, the focus shifts to the government entities and small-to-medium businesses that form the backbone of our nation’s critical infrastructure—the systems and services that sustain our daily lives.
For insurance brokers and CISOs alike, this month represents more than awareness—it’s a call to action. Brokers need to understand the evolving risk landscape to better serve clients facing increasingly sophisticated threats. CISOs are navigating a complex environment where cyber risks directly impact business continuity, regulatory compliance, and personal liability. As cyber attacks grow more destructive and financially damaging, the stakes have never been higher for both groups to collaborate on comprehensive risk management strategies.
With that context in mind, let’s explore the key cybersecurity topics that matter most in 2025, drawing on insights from Resilience’s Threatonomics blog and real-world threat intelligence.
1. Recognizing and reporting phishing
The era of obviously fake phishing emails is over. Cybercriminals are leveraging artificial intelligence to create increasingly convincing phishing campaigns, complete with AI-generated content that mimics reality with alarming accuracy.
Relevant Resilience Resources:
- How MFA Can Be Hacked – Understanding sophisticated phishing tools like Evilginx that can bypass even multi-factor authentication through man-in-the-middle attacks
- AI and Misuse – How tools like FraudGPT and WormGPT are lowering the barrier for adversaries to craft convincing phishing emails at scale
- 2025 Midyear Cyber Risk Report – In Resilience’s portfolio, 1.8 billion credentials were compromised in the first half of 2025 alone—an 800% increase since January 2024
2. Using strong, unique passwords
Strong password practices remain a foundational element of cyber hygiene, but they must be part of a broader security strategy that includes multi-factor authentication and continuous monitoring.
Relevant Resilience Resources:
- Mastering Cybersecurity Risk Metrics – Guidance on maintaining consistent cyber hygiene, including patch management and strong password policies
- How MFA Can Be Hacked – Why passwords alone aren’t enough and how to implement phishing-resistant authentication
3. Turning on multi-factor authentication (MFA)
While MFA adds a vital layer of defense, sophisticated attackers have developed methods to bypass traditional MFA implementations. Organizations need to understand both the value and limitations of different MFA approaches.
Relevant Resilience Resources:
- How MFA Can Be Hacked – Deep dive into MFA bypass techniques and how to implement phishing-resistant authentication using hardware security keys and certificate-based authentication
- 2025 Midyear Cyber Risk Report – According to CrowdStrike’s 2025 Threat Hunting Report, 78% of enterprises experienced at least one AI-specific breach, with sophisticated browser-based attacks bypassing traditional MFA
4. Updating software regularly
Patch management remains critical—so many data breaches are caused by the failure to apply available patches. Regular software updates close vulnerabilities that attackers actively exploit.
Relevant Resilience Resources:
- Cybersecurity Policies and Strategies for Private Sectors – Understanding foundational security measures, including the critical importance of applying available patches
- Stabilizing Global Cyber Risk – How Resilience’s security team immediately checks clients for critical vulnerabilities like Log4Shell and provides direct remediation actions
5. Managing third-party and supply chain risk
Third-party risk has emerged as one of the most significant drivers of cyber insurance claims and material losses. In 2024, vendor-related incidents accounted for nearly a quarter of incurred claims in the Resilience portfolio—up from zero percent the previous year.
Relevant Resilience Resources:
- Why Third-Party Vendor Discovery Matters – The average enterprise relies on hundreds or thousands of vendors, yet most lack a comprehensive inventory—creating critical blind spots
- How to Locate Third-Party Vendors – Systematic approach to mining seven data streams to discover hidden vendor relationships
- Third-Party Breaches: Risk in the Supply Chain – Supply chain attacks grow 235% year-over-year, with incidents like MOVEit demonstrating the cascading impact
- Cybersecurity’s Biggest Blind Spot – Analysis showing third-party risk accounted for 31% of all claims in 2024 and 23% of incurred claims
- The Importance of Vendor Risk Reports – How vendor risk reports provide detailed assessments to evaluate and manage third-party vulnerabilities
- Third-Party Risk Management – Comprehensive strategies for assessing vendors and implementing enhanced security controls across the supply chain
6. Protecting critical infrastructure
Critical infrastructure—from healthcare and financial services to government entities and utilities—faces increasingly sophisticated and destructive attacks. The interconnected nature of these systems means that vulnerabilities in one organization can expose entire industries.
Relevant Resilience Resources:
- Stabilizing Global Cyber Risk – How threats to critical infrastructure are growing as geopolitics become more complex, with ransomware attacks on healthcare driving a 20% increase in mortality rates
- Building Cyber Resilience into the NIST CSF – The crisis in critical infrastructure cybersecurity and how the NIST Cybersecurity Framework provides a risk-based approach
- 2025 Midyear Cyber Risk Report – Analysis of incidents like Change Healthcare that demonstrate the cascading impact on critical infrastructure, with healthcare organizations facing extortion demands as high as $4 million
7. Building effective incident response plans
Organizations with well-prepared incident response teams and clearly defined processes can contain attacks quickly, reduce breach impacts, and resume business operations with minimal disruption. Resilience data shows that 78% of clients recovered without paying a ransom, and when payment was necessary, working with specialists reduced payments by approximately 70%.
Relevant Resilience Resources:
- How to Create an Effective Incident Response Plan – Seven essential elements every incident response plan needs to go from checkbox to crisis-ready
- Effective Cyber Incident Response Leadership – Modern frameworks and practical tactics for incident response, including the evolution to NIST 800-61 Rev. 3
- Focused and Targeted Incident Response – Case study showing how proactive incident response planning and privacy counsel reduce incident impact and costs
8. Understanding ransomware evolution
Ransomware remains the dominant threat, accounting for 91% of incurred losses in Resilience’s portfolio in the first half of 2025. However, the tactics are evolving dramatically—attackers now use AI-powered social engineering, double extortion demands, and even reference victims’ cyber insurance policies to calibrate ransom demands.
Relevant Resilience Resources:
- 2025 Midyear Cyber Risk Report – The average cost of ransomware attacks rose 17% to over $1.18 million, with 79% of Resilience clients successfully avoiding ransom payments
- Ransomware Costs Jump 17% in 2025 – How double extortion tactics and AI-powered phishing are fueling more destructive attacks, with 88% of incurred losses driven by financially motivated social engineering
9. Adopting risk-driven compliance
Compliance is necessary but not sufficient. Organizations that view cybersecurity only through a compliance lens leave dangerous gaps in their security infrastructure. A risk-first approach considers the changing nature of cyber threats and aligns with long-term business goals.
Relevant Resilience Resources:
- The Value of Risk-Driven Compliance – Why compliance-driven risk leaves gaps and how to implement a risk-first approach to cyber regulations
- New Rules for Cyber Security Risks – Five new rules for building cyber resilience by balancing investments to minimize material business impact
Cybersecurity Awareness Month 2025 reminds us that building a cyber strong America requires action from every organization—government entities, small and medium businesses, critical infrastructure operators, and the supply chains that support them all. For brokers and CISOs, this month is an opportunity to strengthen partnerships, align on risk priorities, and implement the proactive measures that transform awareness into resilience.
The threat landscape will continue to evolve, but with the right intelligence, preparation, and collaborative approach to risk management, organizations can build true cyber resilience. Visit Resilience’s Threatonomics blog for the latest insights on cyber risk trends, threat intelligence, and strategies to protect your organization.
