There have been 35 billion cybersecurity events this year, according to the 2025 Comcast Business Threat Report.
The report breaks out the 34.6 million cybersecurity threats as 19.5 billion resource development events; 9.7 billion drive-by compromise events; 4.7 billion phishing events attempting to compromise credentials or deliver malware; and 44,000 DDoS attacks attempting to test or overwhelm defenses.
“Cybersecurity is inseparable from business resilience,” Comcast said in the report. “A successful breach is not just a technological event. It can disrupt operations, impact revenue, and damage reputation.”
Therefore, the company recommends a multi-layered defense, saying it “is no longer simply an IT best practice. It is a cornerstone of organizational resilience.”
The recommendation is nothing new for security concerns. Going back to the days of check kiting, security experts have recommended layered defenses.
Resilient cybersecurity anticipates that some defenses will fail, the Comcast report notes. “By layering protection across the network, cloud, endpoints, and people, businesses can detect and contain threats more quickly, minimizing downtime and recovery costs. This approach hardens operations while enabling faster recovery when incidents occur.”
Cybersecurity relies on more than just security, the report says, again echoing a long-held maxim. “AI-powered monitoring and automated response provide speed, but skilled analysts and threat hunters are critical to interpret signals, prioritize risks, and act decisively. The combination of human expertise and adaptive technology ensures attacks do not spiral into crises.”
AI is an increasing part of the cybersecurity fight and is being used by cybersecurity firms as well as hackers.
The ongoing cybersecurity battle between the attackers and companies and governments doing their best to defend against cyberattacks has entered a new and potentially more dangerous phase. Both attackers and defenders now have access to artificial intelligence (AI). Attacks are becoming more sophisticated, but could new AI cybersecurity defensive tools do a better job of anticipating what is coming?
An April Semperis report revealed that, although 96% of companies across all industries covered in the study said they have a cyber-crisis-response plan, 71% experienced at least one high-impact cybersecurity event last year that halted critical business functions.
