Understanding the modern cybercrime landscape

Provided byHPE

Throughout 2025, HPE observed significant changes in how cybercriminals operate. Analyzing real-world threats, our HPE Threat Labs highlighted an industrialization of the cyber criminals’ methods in its new In the Wild Report, enabling greater scale, speed and structure in their campaigns. They typically use automation and AI to exploit longstanding vulnerabilities, and many have adopted a professional, corporate hierarchy to optimize their efficiency.

Cybersecurity threats today are as menacing as ever for enterprises, as any CISO or CIO can probably confirm. But, digging behind that straightforward statement, there is a much more nuanced, complex cybersecurity landscape at play. This can make it significantly harder to plan, execute, and sustain effective strategies and solutions to protect the network—plus the often valuable—sometimes priceless—data, apps, and assets it transports and stores.

But it can be done, with the right philosophy and strategy, and the right tools and insights.

We must first understand the contemporary cybersecurity landscape. This understanding can unlock the right strategy and then onward to identify the tools and insights necessary to protect an enterprise’s network effectively.

There are five primary factors influencing the landscape, some old, some new, all dynamic. These factors are distinct but often interdependent, both within themselves and with one or more of the others. Another meaningful way of looking at them is “internal” and “external”; as ever, understanding and dealing with what is in your control can also help to navigate and mitigate what is beyond your control.

Five key factors influencing today’s dynamic cybersecurity landscape

1. Expectations

The first factor is predicated on the fundamental reality of an enterprise’s reliance on its network. Most enterprises have already undergone some form of digital transformation and are reaping the day-to-day benefits. This means that the number of people, devices, and things using the network continues to grow; it also means that people’s expectations of the network are higher than ever before – they demand that it does exactly what they need it to do, typically across a proliferation of devices and from multiple locations. Conversely, many employees might not be fully aware of cyber threats and infiltration methods, so their skillsets can easily be the weak point that admits bad actors into the network.

Equally, senior management and board members have high expectations at a meta level. Embracing digital transformation and network reliance means the enterprise’s function and reputation are inextricably tied to that. Loss of reputation due to a security breach is a chilling prospect, as is the threat of financial penalty and revenue loss. So, in the minds of leadership, the network has to be safe from cyber threats and be compliant.

2. Financial pressures

The first factor arguably contradicts its neighbor in the landscape: general financial constraints and the pressure on CISOs and CIOs to achieve more with less. Despite the strategic reliance on the network and the expectation that it will be protected from cyber threats regardless, the appropriate latticework of defenses (e.g., skilled and right-sized IT teams using progressive tools and meaningful data insights, plus constant workforce education) is not always properly funded and sustained, particularly in the current tough economic climate.

3. Complex infrastructure operations

The ongoing pursuit of digital transformation and consequent network reliance also drives the third factor. Ironically, there is another facet of enterprise protection and financial control wrapped up in this. The widespread move from one-stop shops (avoiding IT vendor lock-in in favor of more competitive pricing and autonomy) has created a more complex, multivendor environment. This is coupled with multiple IT domains required to handle many diverse functions and layers of IT infrastructure (e.g., cloud, on-prem), all connected to the network. Complex, mission-critical IT operations now need to be monitored and protected from increasingly sophisticated cyber breaches.

4. Unpredictable geopolitics and economics

Shifting from the first three factors—all internal to an enterprise—the fourth is unquestionably external and without doubt the most intractable risk for any enterprise, individual, or industry group. Global uncertainty and tension are unavoidably putting even greater pressure on already-tight IT budgets, component supply chains and power costs. This can easily exacerbate existing constraints on cybersecurity budgets when vigilance and protection are more needed than ever. Unfortunately, in cyberspace one cannot always point a finger in one direction to identify an adversary. Geopolitical alliances in cyberspace are much more difficult to track, and defending against an escalating tension becomes an all-out fight to secure the network.

5. Evolving cyber threats

The fifth factor is obviously the epicenter of today’s cyber security landscape. According to the HPE Threat Labs’ report, governments were the most frequently targeted sector globally in 2025, followed by finance, technology, defense, and manufacturing. The prevailing global geopolitical and economic situation may further accelerate the twin motivations of nation state-linked espionage and organized crime for extortion and theft.

Use the network to protect the network… and beyond

The current cybersecurity landscape calls for a re-think of the network’s pivotal role and how it can manage an enterprise’s digital defenses effectively, dynamically, and comprehensively. Overall, the network can be an excellent security sensor and enforcement point, using built-in security capabilities rather than being a collection of devices with an inflexible, bolted-on security layer.

Much as cybercriminals use agentic and generative AI to intensify their campaigns, CISOs can stay ahead more easily by leveraging AI-driven network platforms for 24x7 automated management of security policy enforcement (e.g., zero trust), threat monitoring, and mitigation, encompassing devices, things, and users. Meaningful data insights can be harvested, analyzed, and recycled back into secure networking management tools for dynamic protection.

This approach helps the progressive enterprise to overcome increasingly sophisticated, multi-step, and prolific attacks, while better managing IT costs and simplifying oversight of IT operations. It can also significantly improve the user experience, going a long way to meet and even exceed those rising expectations consistently. 

As a strategy in today’s uncertain world, embracing this self-driving network paradigm enables flexibility, visibility, and consistency in an enterprise’s frontline digital defenses.

For more, read the “In the Wild” report.

This content was produced by HPE. It was not written by MIT Technology Review’s editorial staff.