The industry buzz on recent data breaches and ransomware attacks points to integrated (not fragmented) and preemptive (not reactive) cyber strategies.

On 5 November 2025, the Qilin ransomware group claimed responsibility for breaching Switzerland-based Habib Bank AG Zurich, claiming to have exfiltrated over 2.5TB of sensitive data, including internal source code.

On 28 October 2025, a cyberattack on Merkle had resulted in the leak of personal and sensitive data of around 16,000 employees.

In September 2025, malware infiltrating the Nikkei Slack platform had breached data of over 17,000 individuals.

Cyber experts and industry observers have observed the common vectors and goals:

  1. Data theft, credential theft, ransoming and double-threat objectives
  2. Exploitation of supply chain weaknesses, including identity management and privileged access management lapses
  3. State-sponsored and/organized cybercrime attempts to inflict strategic damage and espionage with an intent to remain undetected for as long as possible

Various cyber experts and spokespersons quoted in the media have zoomed-in on the lapses that had led to the breaches:

  • IAM expert Ofer Friedman of AU10TIX has noted: “… An effective identity verification service must be built with paranoia. It’s no longer about identity verification; it is about managing identity risk.”
  • The recent attacks underscore a “widening truth that identity is now the most valuable target in the enterprise-threat landscape”, according to Takanori Nishiyama, SVP (APAC) and Country Manager (Japan), Keeper Security.
  • Bill Dunnion, CISO, Mitel, has been quoted for his view that enhanced observability “enables organizations to detect anomalies, assess risk exposure, and prevent breaches before they occur. Governance frameworks that consolidate data across environments eliminate blind spots and provide a single view of activity.”

Together, these perspectives highlight a crucial reality for 2025: cybersecurity resilience hinges on relentless vigilance across identity management, supply chain oversight, and comprehensive system observability. This may signal a trend in adopting an integrated defense posture — balancing paranoia in identity verification, eliminating operational blind spots through unified visibility, and rigorously managing access privileges — to build holistic cyber defence strategies vital for fending off or limiting attacks.