**Third-Party Risk and AI Gave Cyberattacks the Upper Hand in 2025**

The year 2025 was marked by a relentless wave of cyberattacks that shattered traditional security models, pushed insurance companies to retrench, and left even the most sophisticated global brands reeling. The perpetrators exploited third-party relationships, cloud complexity, and social engineering tactics, leveraging AI to move faster and scale impact with unprecedented ferocity.

**Cyber Risk Becomes a Persistent Condition**

Cyber risk became an omnipresent threat in 2025, driving massive losses, insurance retrenchment, and breaches across the globe. The attacks ceased being episodic crises and instead became a persistent condition of doing business. This led to one of the world's largest cyber insurance firms, Beazley, announcing a reduction in its U.S. cyber business last month due to unsustainable rates in the market following several high-profile breaches.

**The UK Cyber Insurance Crisis**

In the UK alone, cyber insurance claim payouts soared by 230% from the previous year. The $2.5 billion-plus Jaguar Land Rover cyberattack this fall is thought to be the most economically damaging attack in the UK's history. High-profile breaches across airlines, crypto platforms, cloud providers, and blue-chip firms like Apple, Google, and McDonald's further underscored the growing threat.

**The Consequences of Traditional Models**

For CFOs and CISOs, the lesson was clear: traditional models such as annual audits, static controls, perimeter-focused defenses, and siloed ownership of risk are no longer aligned with how modern attacks unfold. The most consequential incidents revealed common fault lines:

* **AI-powered adversaries exploiting cloud complexity**: Attackers used AI to navigate the complexities of cloud infrastructure, making it increasingly difficult for defenders to keep pace. * **Fragile supply chains riddled with third-party exposure**: Compromised vendors provided a pathway into target firms, allowing attackers to exploit trust relationships and infiltrate networks. * **Organizations unable to see risk in real-time**: The inability to monitor risk in real-time left organizations vulnerable to attacks that evolved faster than human-led processes could track.

**The Role of Third-Party Vendors**

Findings from the PYMNTS Intelligence report, "Vendors and Vulnerabilities: The Cyberattack Squeeze on Mid-Market Firms," highlighted the critical role of third-party vendors in facilitating attacks. In 38% of invoice fraud cases and 43% of phishing attacks, compromised vendors were the entry point.

**The Freight Economy and Cargo Theft**

In the freight economy, cargo theft losses estimated at $35 billion annually in the US highlight the scale of the problem. Attackers used sophisticated social engineering to impersonate legitimate carriers, freight brokers, and shipper contacts, tricking them into downloading remote monitoring and management (RMM) tools under false pretenses.

**Third-Party Data Breaches**

A TransUnion third-party data breach affected over 4.4 million customers this summer, following a series of cybersecurity incidents at big companies involving third-party vendors. The luxury retailers Pandora and Chanel were also the victims of third-party data breaches in August, while Allianz Life was impacted by a system breach that compromised most of its US customers' personal data.

**The Cryptocurrency Sector**

The cryptocurrency sector has long been a canary in the coal mine for cybercrime, with 2025 being no exception. The crypto exchange Bybit suffered an estimated hack worth nearly $1.5 billion in February, while Coinbase faced a cybersecurity incident that could cost it as much as $400 million.

**The Rise of AI-Powered Cyberattacks**

What stood out was the speed at which attacks unfolded: AI-assisted reconnaissance compressed attack cycles from weeks to hours. Defensive teams found themselves responding to threats that evolved faster than human-led processes could track.

**The Need for Real-Time Risk Monitoring**

Across nearly every major incident of 2025, one theme recurred: organizations lacked real-time visibility into how risk was evolving. Whether it was delayed detection of lateral movement, slow recognition of third-party compromise, or uncertainty about which assets were affected, time proved to be the most expensive variable.

The relentless wave of cyberattacks in 2025 highlights the urgent need for organizations to adopt more proactive and adaptive approaches to cybersecurity. This includes implementing continuous, real-time risk monitoring and leveraging AI-powered measures to stay ahead of emerging threats.