
-------
Cyber threats are no longer isolated; they have become systemic business risks. Enterprises are accelerating digital transformation through cloud-native infrastructure and remote work, but cybercriminals are evolving even faster. This new wave of targeted, multi-layered threat campaigns is raising the stakes for enterprise leaders worldwide.
In this episode of the Analytics Insight Podcast, host Priya Dialani speaks with Luke McNamara, Deputy Chief Analyst at Google Cloud Security, who brings over 12 years of cyber threat intelligence experience. Together, they unpack the trends shaping cybersecurity in 2025 from identity-targeted breaches to global ransomware surges.
Luke begins by providing an inside look at Google Cloud. As part of the broader Google ecosystem, the Cloud delivers enterprise-ready services while channeling innovation into practical security tools.
McNamara works closely with frontline analysts, incident responders, and Mandiant consultants to translate raw threat data into actionable insights. He notes, "Security is at the heart of everything we do." He further explains that a key differentiator is the ability to leverage Google's scale and intelligence to serve governments and businesses globally.
McNamara emphasizes that cyberattacks are human-driven. Thus, understanding attackers, be it nation-states, financially motivated gangs, or hacktivist collectives, is crucial to crafting a resilient defense.
McNamara points out, "Increased geopolitical tensions and ideological motivations are shaping the global threat landscape." Groups are evolving beyond basic malware deployment, adopting distributed denial-of-service (DDoS), defacement, and data theft as their go-to tactics.
Drawing from Google’s newly released MTrends 2025 report, Luke shares that public-facing exploits remain the top initial attack vector. Vulnerabilities, both zero-day and known, are exploited quickly by cybercriminals. The other alarming trend is the exploitation of identity.
Credentials and authentication systems have become central to business operations in today’s times. As a result, attackers are increasingly targeting identity. Once inside, they can navigate laterally, steal sensitive data, or plant ransomware.
In 2025 alone, cyberattacks surged by over 70% globally, with India ranking among the top 10 most targeted nations. According to McNamara, threat actors today don't just encrypt files. They also exfiltrate data, threaten to leak it, and operate extortion sites to pressure victims.
The ransomware ecosystem itself is highly structured, involving initial access brokers, malware developers, and affiliates working in coordination. "Even if law enforcement takes down one group, others emerge with the same tools," says Luke. He further notes that ransomware is a dynamic and resilient ecosystem.
When asked about resilience strategies, Google’s Deputy Chief Analyst stresses the importance of visibility, threat intelligence, and response planning. Companies must not only invest in backups and patching but also understand attackers' behavior and intent. He emphasizes,"Risk is human-driven, so our defense must also consider the human element—motivations, tactics, and adaptability."
Cybercrime is becoming increasingly specialized and lucrative, particularly with the use of AI and the growing complexity of supply chains. Hence, organizations must also adopt a holistic, threat-informed security posture to stay ahead of the curve.
Cyberattacks have evolved into highly targeted campaigns, often involving multi-party threat ecosystems and identity-focused exploits. As Luke McNamara points out, organizations that treat cybersecurity as just an IT function are likely to fall behind.
In 2025, business resilience begins with knowing your attackers and how they operate. Companies that pair proactive security investments with deep threat intelligence will be best positioned to withstand the evolving storm.
Listen to the entire discussion on the Analytics Insight Podcast to navigate the changing landscape of cybersecurity effectively.