The New Frontlines of Cybersecurity: Lessons from the 2025 Digital Defense Report

Oct 22, 2025

Crane Hassold, a Principal Security Researcher at Microsoft, and Chloé Messdaghi, Senior Reporting Manager leading the Microsoft Digital Defense Report, dive into the evolving landscape of cybersecurity threats. They discuss how AI is shaping both attacker strategies and defensive measures, highlighting that over 99% of attacks begin with identity compromise. The duo explains the fusion of nation-state operations and cybercrime, as well as the risks posed by AI-enhanced phishing and the significance of emerging threat intelligence from expansive telemetry.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

Attackers Pivot Beyond Email

Threat actors are using AI and pivoting away from email to platforms like SMS, Teams, and WhatsApp to evade legacy detections.
This shift forces defenders to expand detection beyond email to newer communication channels.

INSIGHT

Cybercrime Is Regional And Industrialized

Financially motivated cybercrime dominates daily attacks and is highly regionalized in tactics and structure.
Eastern Europe produces structured, technical campaigns while West Africa drives high-volume social-engineering fraud.

ADVICE

Enable MFA Everywhere

Protect identity as the primary defense by enabling multi-factor authentication across accounts.
Chloe Messdaghi states having MFA prevents about 99% of observed attacks.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by Chloé Messdaghi and Crane Hassold to unpack the key findings of the 2025 Microsoft Digital Defense Report; a comprehensive look at how the cyber threat landscape is accelerating through AI, automation, and industrialized criminal networks.

They explore how nation-state operations and cybercrime have fused into a continuous cycle of attack and adaptation, with actors sharing tooling, infrastructure, and even business models. The conversation also examines AI’s growing impact, from deepfakes and influence operations to the defensive promise of AI-powered detection, and how identity compromise has become the front door to most intrusions, accounting for over 99% of observed attacks.

Listeners will gain perspective on:

How AI is shaping both attacker tradecraft and defensive response.

Why identity remains the cornerstone of global cyber risk.

What Microsoft’s telemetry—spanning 600 million daily attacks—reveals about emerging threats and evolving defender strategies.

Questions explored:

How are threat actors using AI to scale deception and influence operations?

What does industrialized cybercrime mean for organizations trying to defend at scale?

How can defenders harness AI responsibly without overreliance or exposure?

Resources:

Download the report and executive summary

View Chloé Messdaghi on LinkedIn

View Crane Hassold on LinkedIn

View Sherrod DeGrippo on LinkedIn

Related Microsoft Podcasts:

Afternoon Cyber Tea with Ann Johnson

The BlueHat Podcast

Uncovering Hidden Risks

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Get the latest threat intelligence insights and guidance at Microsoft Security Insider

The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.