IBM X-Force 2025 Threat Intelligence Index
Be confident in your security with threat intelligence
Understanding attackers’ tactics is crucial to protecting your people, data and infrastructure. Explore the IBM® X-Force® 2025 Threat Intelligence Index, based on insights and observations obtained from monitoring over 150 billion security events per day in more than 130 countries.
Empower yourself by learning from the challenges and successes experienced by security teams around the world. Grow your future by strengthening your organization and better protecting its business interests.
Know your threats
Abusing valid accounts remained the preferred entry point into victim environments for cybercriminals in 2024, representing 30% of all incidents X-Force responded to.
Phishing emerged as a ‘shadow’ infection vector for identity attacks. While the share of successful phishing compromises has dropped by nearly 50% since 2022, X-Force observed an 84% uptick in phishing emails delivering infostealers on a weekly basis.
Attackers exploited vulnerabilities in more than one-quarter of incidents X-Force responded to across critical sectors last year, with outdated systems and slow patching cycles proving to be an enduring challenge.
Limit exposure
- Know what the bad guys know about you: monitor the dark web to gather real-world threat intelligence about your organization, employees, networks and data on the dark web, before threat actors do.
- Keep your employees current on the most effective security practices: educate your employees about the risks associated with phishing attacks and poor password hygiene and regularly update your people about ways to protect themselves and your organization.
- Enhance ecosystem-wide incident response planning: work with stakeholders in your organization and with partners across your ecosystem to develop and regularly update incident response plans.
Safe and scalable AI
- Secure your AI development and deployment pipeline: secure each stage of the AI pipeline including the data used to train, test, and tune models and the AI models themselves.
- Establish AI governance and ethics: set clear guidelines for AI usage; regularly audit AI systems for fairness, bias, and drift; and help ensure that AI outputs align with broader organizational values and ethics.
- Use security frameworks to infuse trust into systems: use standardized frameworks that offer structured approaches to securing AI systems.
Protect credentials by reining in data and identity sprawl
- Consolidate identity solutions: work toward eliminating disconnected data and identity silos. This involves weaving identity management systems together into a unified, holistic framework—often referred to as an "identity fabric" approach.
- Turn the tables on adversaries with AI-powered, proactive threat detection: as threat actors step up the use of AI to develop and scale credential-based attacks, step up the use of AI and machine learning to detect threats faster and respond to attacks more effectively.
- Implement robust data protection: protect sensitive data wherever it resides, whether in on-premises, in the cloud, or in hybrid environments. To protect data in motion use encryption, implement strong access controls, and monitor data transfers.
Patch authentication gaps before attackers can sneak in
- Significantly expand MFA use: prioritize MFA for all employees and partners accessing systems. This provides an extra layer of protection for applications and network services, even if passwords are compromised.
- Reduce IT and IS complexity: to counteract complexity, invest in tools and technologies, such as identity fabrics, for simpler and more cohesive identity platforms.
- Modernize identity strategy: along with expanded MFA usage, develop and implement a comprehensive, adaptive, and scalable identity strategy.
Related solutions and services
IBM team of hackers, responders, researchers and analysts that help defend and protect organizations against cyber attacks
Comprehensive and critical protection for enterprise data, applications and AI
Comprehensive, secure and compliant identity and access management for the modern enterprise
Build a strong, vendor-agnostic identity fabric with a trusted IAM solution
Secure enterprise data from both current and emerging risks, wherever it lives
Direct, manage and monitor your AI using a single toolkit to speed responsible, transparent, explainable AI