The fluid nature of cybersecurity creates a non-stop race to protect enterprise assets from threat actors.
The Verizon 2025 Data Breach Investigations Report (DBIR), an examination of 22,052 security incidents, 12,195 of which were verified to be data breaches, noted a 37% rise in ransomware versus last year. Ransomware is an element in 44% of the breaches Verizon assessed. Verizon reported that in 20% of all breaches, vulnerabilities were the entryway for a breach. This makes it the second most common initial avenue for a breach, just behind credential abuse.
The distributed design of the digital enterprise, in combination with the interconnected nature of organisations with their suppliers and partners, can translate into more potential points of exposure. The DBIR reported that the percentage of breaches associated with a third-party doubled, increasing to 30% from 15% in 2024.
Cybersecurity breach time lag
There is a genuine element of frustration in the industry. While machine learning and analytics have come a long way toward expediting and improving the accuracy of threat identification, there is often a significant lag time in detecting a breach. This kicks the door open for additional attacks and puts enterprise assets at greater risk.
In Cisco’s 2025 State of Security report, the surveyed security professionals flagged several issues as impeding their efficacy. Some 49% observed that, despite progress in threat detection, they are still contending with alerting issues. Their mélange that makes up so many security infrastructures itself can be a big part of the problem.
In addition 46% percent said they spend more time maintaining tools than shielding their enterprise from threats. Meanwhile 27% noted that managing multi-vendor environments populated with solutions that don’t communicate with each other is a barrier to effective security.

US Tariffs are shifting - will you react or anticipate?
Don’t let policy changes catch you off guard. Stay proactive with real-time data and expert analysis.
By GlobalDataStaffing, or the lack thereof, remains a major impediment to effective security, with 49% flagging it as an issue. Skills limitations are also problematic. The State of Security respondents called out some of the areas where they have the biggest deficits currently – detection engineering, DevSecOps, and compliance management will be some of the most important for security operations centers (SOCs) in the future.
The SOC of the future
What ideally will this SOC of the future look like, and how will organisations get there? Increasingly, the discussion centres on platformisation, a consolidated approach to protecting enterprise assets from threats. Respondents who are adapting a unified security platform are already seeing benefits.
Some 59% said the consolidated platform has led to accelerated threat identification, while 53% said they are spending less time in tool maintenance mode. Just under 50% said they are also seeing better threat coverage through a unified platform.
The move to a unified security platform obviously requires resources and careful planning. But it is clear from the current state of cybersecurity operations that something needs to be done. Enterprises are pressing vendors for a more streamlined architecture with better integration between and among disparate solutions. A platform could be the unifying element in this model.