At the Cybersecurity Summit in Atlanta, during the session “Emerging Threats and Security Trends,” RedSeal’s Joseph Ward, SVP of Product, joined peers from Xage Security, Recorded Future, and Infoblox to explore how the threat landscape is evolving. The discussion highlighted two critical shifts: the rise of ransomware as a business model and the way AI is amplifying attacks. Together, these trends are exposing gaps in traditional defenses and raising the stakes for security leaders.
Read on for key takeaways from the conversation — and why organizations must rethink their approach to resilience and defense.
Ransomware is no longer just about file encryption.
With Ransomware-as-a-Service lowering barriers to entry, active groups have surged 41% in the past year. Affiliates now use double and triple extortion tactics, exfiltrating and leaking sensitive data to pressure victims. Attackers are also spending more time inside environments, with median dwell time now stretching up to two weeks — long enough to map high-value assets. Meanwhile, phishing remains the most common entry point, but AI has made it more convincing than ever. Add to that the sharp rise in supply-chain attacks, and it’s clear why ransomware has matured into a business model.
AI is also raising the stakes across the board.
Large language models generate flawless spear-phishing lures, while voice and video deepfakes drive business email compromise losses into the billions. Generative AI enables polymorphic malware that mutates to evade detection, and adversaries are using AI-powered reconnaissance to map networks faster than ever. Even supply-chain attacks are being accelerated by AI, with fake supplier communications and automated vulnerability discovery becoming the norm.
This is where RedSeal makes the difference. By creating a digital twin of your hybrid environment, RedSeal shows which assets are reachable, which systems connect externally, and where sensitive data is most exposed. Its attack path analysis reveals the same lateral movement routes adversaries would exploit during dwell time, so teams can close them in advance. Even if an attacker gains a foothold through phishing or AI-enhanced social engineering, RedSeal validates segmentation and limits the blast radius. And by modeling third-party connections, RedSeal helps organizations uncover hidden supply-chain risks before they’re exploited.
Contact RedSeal today for a demo — and see how you can turn the attacker’s map of your hybrid environment into your strongest line of defense.
