What's on this blog?
National Cybersecurity Awareness Month is more than just a calendar event; it's a chance for executives to assess the true level of security in their companies. The stakes are higher than ever as attackers exploit new tactics, from deepfakes to broader applications of AI, and supply-chain compromises. A sobering reality brought to light by recent events is that readiness might be the difference between a brief setback and a major calamity.
The latest example is the cyberattack that severely disrupted Jaguar Land Rover's production and retail activities on Sept. 2, 2025. As a result, the auto giant was forced to shut down its systems and send its employees home, while showrooms closed. Consider how a single attack didn't just disrupt IT—it froze the entire operation.
The cyber landscape today
Cyberthreats are no longer rare events; they're a daily reality for every sector. A few headline figures show why cybersecurity is now a board-level priority:
- Average cost of a breach: According to IBM's 2025 Cost of a Data Breach Report, the global average is $4.4 million per incident, with U.S. breaches topping $10 million on average.
- Speed matters: IBM also found that breaches contained within 200 days cost about $1 million less than those discovered later.
- Ransomware pressure continues: According to Sophos' 2025 State of Ransomware Report, the median ransom payment fell to about $1 million, although many organizations continue to negotiate lower payments to reduce damage.
- Mass data exposures persist: According to BrightDefense's 2025 Data Breach Tracker, 184 million login credentials tied to platforms such as Google, Apple, Microsoft, Facebook, Instagram, and Snapchat were exposed in a large-scale breach, underscoring the persistence of mass data exposures.
Recent breaches and key learnings
| Company & Incident | Industry | Date | Type of Attack | What Happened | Impact | Key Lesson |
|---|---|---|---|---|---|---|
| Zscaler-Salesloft | IT | Aug 2025 | Phishing/ Credential harves ting | Attackers stole OAuth tokens from a third-party Salesloft Drift integration, exposing business contact data stored in Salesforce. | Raised phishing risks which increased the likelihood of credential compromise and unauthorized access to systems (prompted token revocation, Drift access removal, and tighter third-party monitoring) | Treat third-party SaaS integrations as privileged access points—continuous oversight and rapid response are essential. |
| Snowflake Cloud Breach | Cloud Data Platform | Mid-2024 | Credential stuffing | Hackers used stolen credentials (info-stealer malware) to access 160+ Snowflake customer instances (AT&T, Ticketmaster, Santander, Neiman Marcus). | PII, call logs, and other sensitive data stolen; ransom demands; massive reputational fallout. | Credential hygiene and MFA on cloud platforms are non-negotiable; secure configuration and third-party oversight are vital. |
| Change Healthcare Attack | Healthcare | Feb 2024 | Supply chain/Software update error (causing mass outage) | Nation-state actor disrupted claims/payment systems of Change Healthcare, halting operations nationwide, including electronic payments and medical claims processing, and causing widespread financial and operational disruption for healthcare providers. | U.S. hospitals lost ~$100M/day due to delayed claims processing; UnitedHealth advanced $6B in relief; triggered federal investigation. | Healthcare infrastructure needs operational resilience plans, not just data protection. |
| 23andMe Data Leak | Biotechnology | Oct 2023 | Ransomware and social engineering | A credential-stuffing attack exposed DNA profile data of ~6 .9 million users, particularly Ashkenaz i Jewish and Chinese users, due in part to the absence of MFA. | Sensitive genetic and identity data were compromised, resulting in a £2.3 million fine by the UK regulator, causing both trust and financial challenges. | Genetic data requires robust protection, and measures such as strong passwords, MFA, and rapid disclosure are essential. |
Quick Cybersecurity Self-Check
Is access secured?
- Turn on two-factor or MFA everywhere (email, VPN, apps).
- Clear out old accounts and permissions you don't use anymore.
Is your data safe?
- Make sure sensitive info is encrypted when it's stored or sent.
- Back it up and occasionally test the restore.
Are you up to date?
- Don’t delay updates—patch laptops, servers, and cloud apps quickly.
- Use tools that alert you if something odd pops up on endpoints.
How's your cloud third-party access?
- MFA and logging on all cloud dashboards.
- Review API keys, tokens, and what third-parties can access.
Do your people know what to do?
- Run short phishing and social-engineering employee training refreshers.
- Make it easy for staff to flag anything suspicious.
Could you handle a breach tomorrow?
- Keep an incident response plan handy and current.
- Run quick tabletop drills so you're not scrambling in a real event.
Who else accesses your systems?
- Check your vendors' security posture and contracts.
- Limit their access to only what's needed.
Are you building resilience, not just defense?
- Have draft messages ready for customers , staff , and other stakeholders if something goes wrong.
- Budget time and money for ongoing improvements.
Staying ahead of cyberthreats: Your next steps
Cybersecurity is no longer just an IT issue. It is about keeping your business, people, and customers safe. The breaches we looked at show that attackers do not care about industry lines. They go after weak points wherever they find them, whether that is a hospital, a cloud platform, or a factory floor.
National Cybersecurity Awareness Month is a good moment to pause, take a breath, and think about how ready you really are. This post is meant to give you real examples and practical ideas so you can strengthen your own defenses.
Here are a few simple actions you can start with:
- Look at your defenses: Take a fresh look at your systems, vendors, and response plans.
- Train your people: Your team is your first line of defense. Make sure they know how to spot and report threats.
- Update your playbook: Having a clear, rehearsed plan helps you act fast and limit damage.
- Talk about it: Share security tips and stories inside and outside your organization. Building a culture of vigilance helps everyone.
If we treat cybersecurity as an ongoing habit rather than a one-month campaign, we protect trust, keep customers safe, and make our organizations stronger.