From "AI Assist" to "AI Agents": The New Baseline for Enterprise Defense

Executive Snapshot

2025 didn't "arrive with AGI." It arrived with something more operationally dangerous: agentic capability everywhere—in the enterprise (copilots, automations, bots) and in the attacker economy (phishing factories, credential stuffing at scale, deepfake-enabled fraud, and faster ransomware negotiations).

The 2025 Security Landscape

The result is a security landscape where:

• Ransomware is still present in ~44% of breaches, with median ransom paid ~$115K, while 64% of victims didn't pay (a sign of improving resilience).
• The human element remains involved in ~60% of breaches.
• Identity is the frontline: >97% of identity attacks are still password spray / brute force, and modern MFA can reduce identity compromise risk by >99%.
• Dwell time is collapsing: global median 205 days (2014) → 11 days (2024); 45.1% of intrusions are discovered within 1 week.
• The board-level risk theme is "AI oversight gap": $4.4M average breach cost; 63% lack AI governance; 97% of orgs with AI-related incidents lacked proper AI access controls.

What Changed as We Cross into 2026

1) The Attacker Playbook Got "Agentic," Not Magical

ENISA's 2025 landscape calls out AI used to automate social engineering and accelerate malicious tooling, plus AI-supply-chain targeting (poisoned models, trojanized packages, and config-rule abuse).

WEF adds the macro signal: 72% of respondents report increased cyber risks; 47% cite GenAI-powered adversarial advances as a primary concern; 42% reported phishing/social engineering incidents.

Enterprise implication: your "AI program" and your "security program" can't be separate workstreams anymore.

2) Identity is Still the Cheapest, Fastest Intrusion Path

Microsoft's 2025 data shows identity attacks remain overwhelmingly password-spray / brute-force dominated (>97%), while "harder" identity tactics (token theft, AiTM, etc.) are a small fraction—but high impact.

Also note the concentration effect: 20 ASNs (0.04%) account for >80% of malicious password spray activity.

Enterprise implication: blocklists, reputation controls, and conditional access can be disproportionately effective when paired with phishing-resistant MFA.

3) "Perimeter Exploitation" is Accelerating—Especially Where Patching is Slow

Verizon's 2025 snapshot highlights vulnerability exploitation as an initial access step up 34%, accounting for ~20% of breaches, and a patch reality: only 54% of perimeter device vulns were fully remediated, with median 32 days to fix.

Enterprise implication: your edge devices + SaaS + cloud identity plane = your real perimeter.

4) Cyber Warfare and Hacktivism Keep Raising the Noise Floor

WEF reports nearly 60% of organizations say geopolitical tensions affected cybersecurity strategy; supply chain risk is a top ecosystem concern (e.g., 54% of large orgs cite it as the biggest barrier to resilience).

ENISA's dataset shows incident-type distribution dominated by DDoS (~76.7%), often associated with hacktivism dynamics.

Enterprise implication: resilience (traffic engineering, incident comms, third-party readiness) is now a core security capability, not an add-on.

Facts & Figures Board Pack

2025 Breach Reality Check (Verizon DBIR)

• Ransomware present in ~44% of breaches
• Median ransom paid: ~$115K
• >64% of victims didn't pay (improving resilience)
• Human element involved in ~60% of breaches
• Vulnerability exploitation up 34% as initial access
• Only 54% of perimeter device vulns fully remediated
• Median 32 days to fix vulnerabilities

Identity Attack Mix (Microsoft Digital Defense Report 2025)

• >97% of identity attacks are password spray / brute force
• Modern MFA can reduce identity compromise risk by >99%
• 20 ASNs (0.04%) account for >80% of malicious password spray activity
• Token theft, AiTM are small fraction but high impact

Speed of Compromise (Mandiant M-Trends 2025)

• Global median dwell time: 205 days (2014) → 11 days (2024)
• 45.1% of intrusions discovered within 1 week
• Dwell time collapsing due to improved detection

Initial Infection Vectors (ENISA Threat Landscape 2025)

• DDoS dominates incident-type distribution (~76.7%)
• Often associated with hacktivism dynamics
• AI used to automate social engineering
• AI-supply-chain targeting (poisoned models, trojanized packages)

Economics & AI Oversight Gap (IBM Cost of a Data Breach 2025)

• $4.4M average breach cost
• >63% lack AI governance
• >97% of orgs with AI-related incidents lacked proper AI access controls

Modern Hacking Techniques That Matter Most in 2026 (Defender-Focused)

• Credential-first intrusions (password spray, infostealers, session/token theft).
• AiTM and "helpdesk social engineering" to bypass MFA—still "small share," but high leverage.
• Edge/perimeter exploitation (VPNs, appliances, exposed admin planes) where patch cycles lag.
• Double/triple extortion ransomware with faster negotiations; meanwhile, payments fell to ~$813.6M in 2024 (down from $1.25B in 2023)—more victims posted, fewer pay.
• Supply chain + ecosystem propagation (third parties as the "unwitting partner").
• AI-lure and AI-supply-chain abuse (fake "AI tools," trojan packages/models, poisoned instructions/config).
• DDoS and disruption campaigns as geopolitical/hacktivist pressure tools.

2026 Enterprise Playbook (What to Do Monday Morning)

A) Make Identity Phishing-Resistant

• Move high-risk roles to phishing-resistant MFA and modern auth (passkeys where possible).
• Add ITDR signals (impossible travel, abnormal token use, consent grant anomalies).
• Use network/ASN intelligence to blunt password spray concentration.

B) Treat AI Agents Like Privileged Identities

• Inventory: AI tools, copilots, plugins, automations, and "shadow AI."
• Enforce: least privilege, scoped tokens, logging, approval gates, and DLP around prompts/data.
• Measure: "% of AI tools assessed before deploy" (WEF shows only 37% have processes).

C) Collapse Patch Windows on the Real Perimeter

• "Edge SLA" faster than general patching (Verizon's median 32 days is too long for exposed devices).
• Add EASM/ASM: continuous discovery + exposure scoring + owner assignment (this is where proactive security wins).

D) Prepare for Disruption (Not Just Breach)

• DDoS playbooks, upstream coordination, and crisis communications drills.
• Supply chain assurance: vendor access boundaries, SBOM/third-party monitoring, and incident notification clauses.

Conclusion

The cybersecurity landscape in 2026 demands integrated AI and security programs, phishing-resistant identity controls, accelerated patch cycles, and resilience planning. The data shows clear trends: agentic attacks are the new baseline, identity remains the primary attack vector, and organizations that treat AI agents as privileged identities while collapsing patch windows will have a significant defensive advantage.

Source: Based on analysis from ENISA Threat Landscape 2025, WEF Global Risks Report, Microsoft Digital Defense Report 2025, Verizon DBIR 2025, Mandiant M-Trends 2025, IBM Cost of a Data Breach 2025, and Chainalysis ransomware payment data.