The New Frontlines of Cybersecurity: Lessons from the 2025 Digital Defense Report [Microsoft Threat Intelligence Podcast]

42 snips

Dec 30, 2025

Crane Hassold, a Principal Security Researcher at Microsoft focusing on cybercrime and threat actors, joins Chloé Messdaghi, Senior Reporting Manager leading the Microsoft Digital Defense Report. They discuss the merging of nation-state operations with cybercrime, revealing that identity compromise is at the heart of 99% of attacks. The conversation delves into AI's dual role in enhancing attacks and bolstering defenses, while also unpacking trends in credential-based assaults and the rise of phishing. Their insights provide a valuable roadmap for organizations navigating today's complex cybersecurity landscape.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

Cybercrime Is Industrialized And Regional

Cybercrime is industrialized with regionally distinct specialties: Eastern Europe often supplies technical ransomware actors while West Africa drives high-volume social-engineering scams.
These different ecosystems create specialized roles like mule operators, spam senders, and access brokers.

ADVICE

Enable MFA Everywhere

Protect identity aggressively by enabling multi-factor authentication across accounts.
Chloé Messdaghi notes MFA prevents roughly 99% of observed identity-based attacks.

INSIGHT

Old Breaches Become New Fuel

Large historical breach datasets gain new value because AI/LLMs make searching and extracting actionable information trivial.
Old breach data can be weaponized faster now, increasing long-term risk from past incidents.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

While our team is out on winter break, please enjoy this episode of The Microsoft Threat Intelligence Podcast from our partners at Microsoft.

In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by Chloé Messdaghi and Crane Hassold to unpack the key findings of the 2025 Microsoft Digital Defense Report; a comprehensive look at how the cyber threat landscape is accelerating through AI, automation, and industrialized criminal networks.

They explore how nation-state operations and cybercrime have fused into a continuous cycle of attack and adaptation, with actors sharing tooling, infrastructure, and even business models. The conversation also examines AI’s growing impact, from deepfakes and influence operations to the defensive promise of AI-powered detection, and how identity compromise has become the front door to most intrusions, accounting for over 99% of observed attacks.

Listeners will gain perspective on:

How AI is shaping both attacker tradecraft and defensive response.

Why identity remains the cornerstone of global cyber risk.

What Microsoft’s telemetry—spanning 600 million daily attacks—reveals about emerging threats and evolving defender strategies.

Questions explored:

How are threat actors using AI to scale deception and influence operations?

What does industrialized cybercrime mean for organizations trying to defend at scale?

How can defenders harness AI responsibly without overreliance or exposure?

Resources:

Download the report and executive summary

View Chloé Messdaghi on LinkedIn

View Crane Hassold on LinkedIn

View Sherrod DeGrippo on LinkedIn

Related Microsoft Podcasts:

Afternoon Cyber Tea with Ann Johnson

The BlueHat Podcast

Uncovering Hidden Risks

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Get the latest threat intelligence insights and guidance at Microsoft Security Insider

The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.

Learn more about your ad choices. Visit megaphone.fm/adchoices