Experienced a Breach?
|
Support
|
Contact Us
|
+1 855 426 3983
Blog
/
Cyber Resilience
Charlie Bedell
Content Marketing Manager
Illumio Editorial
December 31, 2025
23 min. read

Top Cybersecurity News Stories From December 2025

As 2025 wrapped up this month, the cybersecurity landscape delivered a familiar mix of pressure and possibility.  

Incidents underscored how fast threats can spread across shared environments, while industry leaders weighed in on why foundational strategies such as Zero Trust and breach containment still matter more than ever.  

At the same time, organizations continued to rethink how AI, infrastructure, and security teams must work together to stay resilient. It was a month that reinforced both the challenges ahead and the momentum driving the industry forward into 2026.

This month’s news features insights from top security experts on:

  • London’s newest critical infrastructure cyberattacks
  • Zero Trust stumbling blocks organizations still face 15 years after the strategy entered the scene
  • How AI growth is outpacing security, and why cyber resilience strategies need to keep up
  • CRN picks for 2025 Women of the Year finalists

London council cyberattacks raise questions about shared systems and supply chain weaknesses

In this month’s ITPro article Are shared systems to blame for latest wave of London council cyberattacks?, senior journalist Ann-Marie Corvin unpacked a developing cyber incident affecting three neighboring London boroughs: Westminster, Kensington and Chelsea, and Hammersmith and Fulham.  

The London skyline

Corvin reported that the councils, which operate multiple joint IT functions, issued a joint statement confirming they were “responding to a cybersecurity issue” detected on November 24.  

While the full scope is still emerging, the boroughs acknowledged that a number of systems were impacted. But they weren’t sure who was responsible or whether any data had been compromised. Their IT teams worked to put mitigations in place to keep essential services running.

As Corvin noted, early signs point to a supply chain attack through shared IT infrastructure. Many critical organizations like municipal councils use shared infrastructure as a cost-saving model.  

But it may have inadvertently created a single point of failure.  

Illumio Vice President of Industry Solutions Raghu Nandakumara reinforced the breach’s lesson for public sector cybersecurity. Cyber resilience depends on limiting the spread of an inevitable breach, not trying to prevent every attack.  

“Preventing every attack is an unattainable goal for stretched councils,” he said. “Instead, the long-term aim must be breach containment.”  

Containment helps prevent an inevitable intrusion from forcing widespread outages or shutdowns. This is especially important for critical infrastructure organizations.

According to Corvin, the incident highlights a systemic challenge across public services. Shared systems improve efficiency, but without supply chain safeguards like segmentation, they increase the scale and speed of potential compromise.  

As investigations continue, it’s clear that shared infrastructure must be paired with equally strong shared resilience.

Why many Zero Trust programs still fall short

In his CSO Online feature 15 years in, zero trust remains elusive — with AI rising to complicate the challenge, senior writer John Leyden explored why Zero Trust remains so difficult to implement, even after more than a decade of industry enthusiasm.  

From Leyden’s view, organizations aren’t struggling because Zero Trust is unclear. It’s legacy systems, fragmented tools, and cultural resistance that keep pulling programs off track.

Leyden reported that a new Accenture study found that many enterprises are still grappling with what should be a foundational security model.

Leyden probed the cultural friction that often kills Zero Trust before it starts. University of Texas Chief Security Officer (CSO) and Zero Trust expert George Finney warned that political silos can derail even well-designed initiatives.  

According to Finney, successful Zero Trust programs begin with education and alignment. “Everyone on the team needs to understand what Zero Trust is, why the organization is doing it, and what role they’ll play,” he said.

Even more than silos, AI has become a stumbling block for many organizations trying to move Zero Trust initiatives forward.  

Illumio Chief Evangelist and Zero Trust creator John Kindervag emphasized that AI doesn’t change the Zero Trust paradigm and can even be used to accelerate Zero Trust implementation.

“AI models can become a liability if not governed by Zero Trust,” he said. Unsecured AI systems risk manipulation, poisoning, or theft.  

AI models can become a liability if not governed by Zero Trust.

At the same time, “good AI highlights high-risk communication patterns and accelerates processes like labeling and policy implementation,” he said. This helps organizations move beyond resilience into anti-fragility.

Overall, Leyden concludes that Zero Trust isn’t failing. Organizations are just approaching it with incomplete strategies and outdated assumptions.  

As AI expands both the attack surface and the opportunity for stronger defenses, the organizations that succeed will be the ones that treat Zero Trust as an ongoing discipline driven by segmentation, visibility, governance, and cultural readiness.

AI growth is outpacing security. Cyber resilience strategies must catch up.

In his Federal News Network article Keeping AI Innovation Secure and Sustainable, Illumio Director of Industry Solutions Trevor Dearing examined at one of today’s biggest cybersecurity worries. The U.S. is racing ahead in AI innovation, but the infrastructure powering that growth isn’t built to withstand the pressure or the cyber risk that comes with it.  

Dearing frames AI not as a tech trend but as an economic engine. The White House’s AI Action Plan positions AI as central to U.S. competitiveness. It spans mission operations, public services, and national defense.  

But this acceleration sits on top of fragile, highly interconnected systems, including energy, water, cloud, and data infrastructure, that attackers now view as high-value targets.  

“The same networks driving AI progress are becoming prime targets for disruption,” he said.

To counter that risk, he believes the foundation of secure AI isn’t more prevention but more visibility and containment. Organizations need real-time insight into how systems interact across hybrid multi-cloud environments.  

He points to recent research showing the stakes. According to The 2025 Global Cloud Detection and Response Report:

  • Over 90% of surveyed organizations experienced at least one security incident involving lateral movement.
  • Nearly 40% of east-west network traffic lacks the visibility needed to identify threats.

When visibility is missing, attackers can move silently and target essential functions. Organizations gain control when they understand how their systems depend on one another. Systems must be built to run even during an active breach.

The same networks driving AI progress are becoming prime targets for disruption.

Breach containment powered by modern microsegmentation is essential to that shift, Dearing said. It enforces least-privilege access, isolates compromised workloads, and contains breaches in real time. This allows critical services to keep running.  

Ultimately, he explained that U.S. AI leadership will depend on pairing innovation with infrastructure security.  

Policies like the Unleashing Low-Cost Rural AI Act show the government is beginning to treat AI expansion as a national-scale infrastructure challenge. But the execution will require operators to embed visibility, segmentation, and recovery planning across AI systems from day one.  

“Security can’t be an afterthought to innovation,” Dearing said. “It must advance in lockstep with it.”

CRN spotlights Illumio’s Jaclyn Woodward as a 2025 Women of the Year finalist

A headshot of Jaclyn Woodward

In Women Of The Year Finalists: Top Marketers Reveal The Strategies That Defined Them In 2025, CRN profiled the 23 finalists for their Marketing Executive of the Year award, including Illumio Director of Partner Marketing Jaclyn Woodward.

CRN recognized Woodward for reshaping how Illumio and its partners go to market. She’s spent the past year driving a major evolution in partner marketing strategy at Illumio built on alignment, simplification, and meaningful growth for the partner ecosystem.

Jaclyn’s recognition in CRN’s Women of the Year Awards showcases how impactful partner-first marketing can be. This is especially true in an era where security buyers expect clarity, alignment, and measurable value from every vendor relationship.

Try Illumio Insights free to see how you can cut alert noise, pinpoint real threats, and get role-specific breach containment guidance.

Related topics

Cyber Resilience

Related articles

More Steph Curry Enterprise Security Lessons: When Something Goes Wrong
Cyber Resilience

More Steph Curry Enterprise Security Lessons: When Something Goes Wrong

Security teams have to make decisions like this on the fly all the time, and the more data they have access to about the situation, the better decisions they can make.

Read more
AI Shouldn’t Be Trusted: Why Understanding That Can Be Transformative
Cyber Resilience

AI Shouldn’t Be Trusted: Why Understanding That Can Be Transformative

Learn why Illumio's CTO and co-founder believes the AI "tech boundary" is smaller than it appears – and how that informs the ways we use AI.

Read more
Our Favorite Zero Trust Stories from December 2023
Cyber Resilience

Our Favorite Zero Trust Stories from December 2023

Get insight from Zero Trust experts on why cyber strategy, ROI, and resilience are top of mind for cybersecurity leaders in 2024.

Read more
Meet Insights Agent: Your AI Teammate for Threat Detection and Response
Illumio Products

Meet Insights Agent: Your AI Teammate for Threat Detection and Response

Discover how Illumio Insights Agent uses AI to detect, investigate, and contain threats faster with persona-based insights, one-click response, and ticketing.

Read more
Mind the Context Gap: Why UK Security Teams Are Struggling to Investigate What Matters
Cyber Resilience

Mind the Context Gap: Why UK Security Teams Are Struggling to Investigate What Matters

Uncover why UK security teams struggle with alert overload and slow detection, and see how Illumio Insights closes the critical cyber context gap.

Read more
10 Ways Illumio Makes Breach Containment Simpler and More Effective
Segmentation

10 Ways Illumio Makes Breach Containment Simpler and More Effective

See how Illumio makes breach containment simple with fast deployment, unified visibility, and one-click containment that turn Zero Trust from complex to effortless.

Read more

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?

Learn more