Top Cybersecurity News Stories From January 2025

Cyber threats aren’t slowing down. And neither are the efforts to stop them.  

Governments are tightening their grip on cyber resilience, attackers are getting more sophisticated, and companies are racing to stay ahead.  

With so much happening, it can be tough to keep up. That’s why we’re breaking down the biggest cybersecurity stories from January.

This month's news features advice from cybersecurity experts about:

• How the EU’s DORA mandate is reshaping cybersecurity standards with stricter rules for financial services.

• What a new Ponemon Institute study reveals about ransomware trends and why security pros feel more prepared than ever.

• Why Illumio’s CloudSecure innovation earned a spot on CRN’s Cloud 100 and 20 Coolest Cloud Security Companies.

Ransomware hits harder than ever despite confidence from security pros

Ransomware isn’t slowing down. In fact, 88% of IT and security pros dealt with at least one ransomware attack in the past year. But despite the constant barrage, there’s a twist: many feel more confident than ever in handling these threats.

Connor Jones featured the new Global Cost of Ransomware Study conducted by Ponemon Institute in The Register article, Security pros more confident about fending off ransomware, despite being battered by attacks.

The research revealed that ransomware is still rampant, but fewer security teams think their organization is a target. Only 64% believe they’ll be hit, down from 68% in 2021. Even worries about supply chain risks (56% vs. 75% in 2021) and data leaks (52% vs. 73%) are dropping.  

But is this confidence earned, or are we just getting numb to the attacks?

One of Jones’ biggest takeaways from the report was that the real cost of ransomware isn’t just the ransom. It’s the hit to a company’s reputation and, ultimately, their bottom line.  

Brand damage was ranked as the most painful consequence of an attack, even more than lost revenue, legal troubles, or hiring outside security experts. If sensitive data gets exposed, trust evaporates fast.

The good news? Jones noted that more security teams believe their defenses are actually working. This year, 54% of respondents said their tools can stop ransomware, a huge jump from just 32% in 2021. But ransomware tactics are evolving, and phishing remains the top way attacks get in, with insider mistakes making things worse.

And then there’s AI. Jones highlighted that 51% of security pros are worried about AI-powered ransomware, and for good reason. AI can quickly automate attacks for threat actors, letting them quickly adapt and customize ransomware in ways that make it harder to stop.  

The question we’re left with is if the growing confidence in ransomware defense is justified — or are we letting our guard down as attacks become commonplace?  

Jones spoke with Trevor Dearing, Director of Critical Infrastructure at Illumio, who believes today’s security professionals are overconfident. They need to be prepared for ransomware with breach containment strategies, not just prevention.

"Organizations need operational resilience and controls like microsegmentation that stop attackers from reaching critical systems,” Dearing explained. “By containing attacks at the point of entry, organizations can protect critical systems and data, and save millions in downtime, lost business, and reputational damage.”

Download the full Global Cost of Ransomware Study today to learn more.

Europe is setting the rules for tech — again

Europe is leading the way with another major tech regulation. And if history is any guide, the rest of the world will follow.  

Starting January 17, any company offering financial services in the EU or working with EU-based financial firms must comply with the Digital Operational Resilience Act (DORA). Think of it as a cybersecurity stress test, making sure one attack doesn’t bring down an entire system.

In Fortune’s recent article, Why US tech ends up being controlled by European regulation, Diane Brady spoke with Andrew Rubin, CEO of Illumio, about what this means for global businesses.  

The pattern is familiar: Before GDPR, companies could collect, sell, and share data however they wanted. Then Europe changed the rules. Now, even U.S. companies follow stricter privacy standards.  

DORA could potentially do the same for cyber resilience. And Rubin thinks it’s poised for success.

Instead of focusing only on stopping cyberattacks, it prioritizes operational resilience. This makes sure businesses can recover fast when, not if, an attack happens.  

“We are pivoting to a world where we’ve decided that the core strategy for cybersecurity is Zero Trust and recovery,” Rubin explains.

Some U.S. leaders worry that Europe is making the rules for everyone. But DORA’s focus on resilience could push companies worldwide to rethink their cybersecurity. In a world where hackers, ransomware, and supply chain attacks are constant threats, staying resilient isn’t just about following regulations — it’s about survival.

Are you ready for DORA? Read our ebook, Strategies for DORA Compliance: The Key Role of Microsegmentation, to get prepared.

Illumio named to CRN’s Cloud 100 and 20 Coolest Cloud Security Companies of 2025

Illumio is starting the year strong, landing a spot on The CRN 2025 Cloud 100 and being named one of CRN’s 20 Coolest Cloud Security Companies. These recognitions prove what security pros already know—Illumio is leading the way in Zero Trust Segmentation (ZTS) and cloud security innovation.

A big reason for the spotlight? Illumio CloudSecure, the company’s latest move into cloud-native microsegmentation. Unlike traditional agent-based solutions, CloudSecure is completely agentless, making it easier for organizations to reduce risk, contain breaches, and strengthen cloud security without installing software on every workload.

With CloudSecure, Illumio is making segmentation simpler and more scalable across hybrid and public cloud environments. That means security teams can enforce Zero Trust anywhere their applications and workloads run — without the hassle.

CRN’s recognition highlights Illumio’s ability to stay ahead of evolving cyber threats while making security easier for organizations worldwide. And in today’s fast-changing threat landscape, that’s exactly what businesses need.

Contact us today to learn how Illumio can help you contain the spread of breaches and ransomware attacks.