How Faster Cyber-Attacks Are Reshaping Cybersecurity Strategy

How Faster Cyber-Attacks Are Reshaping Cybersecurity Strategy

How Faster Cyber-Attacks Are Reshaping Cybersecurity Strategy

https://www.infosecurity-magazine.com/news-features/faster-cyberattacks-reshape/

Publish Date: 2026-07-08 06:00:00

Source Domain: www.infosecurity-magazine.com

Cybercriminals are getting faster at conducting cyber-attacks. In the past, unauthorized intruders would spend weeks or months inside a compromised network to lay the groundwork needed to steal data or plant malware.

Today, an attacker can move from initial entry into a network to accessing data and exfiltrating it in a matter of minutes.

According to the CrowdStrike Global Threat Report 2026, the average breakout time for an intrusion during 2025, that is the window between when the attacker initially enters the network to when they leave having stolen or destroyed data, was 29 minutes.

It’s a timescale which is rapidly declining. In 2024, the average breakout time was 48 minutes. In 2023, it was over an hour at 62 minutes, while in 2022 it was 84 minutes.

Cybercriminals are getting faster and this trend is set to continue, especially as AI is being used by both defenders and cybercriminals to accelerate tasks.

This creates a significant cybersecurity challenge for organizations. Not just regarding keeping attackers out of the network, but also being able to quickly identify and disrupt malicious behavior by unauthorized intruders before they cause significant damage.

The World Economic Forum (WEF) Global Cyber Outlook Report 2026 warned, “The speed and scale of attacks are testing the limits of traditional defenses.”

Cybercriminals Logging in, not Hacking in

A significant challenge organizations face is how cybercriminals simply login using legitimate corporate usernames and passwords to gain access to networks; this especially affects organizations which rely on cloud services.

“Really over the last 18 months, it’s been logging in rather than hacking in. They are increasingly using compromised credentials,” Adam Meyers, head of counter adversary operations at CrowdStrike told Infosecurity.

“Rather than using phishing emails with exploits and malware, criminals are using compromised identities, logging in and going across into SaaS and…

Source