Cybersecurity firm Kaspersky has recently released concerning reports revealing how threat landscapes evolved in 2025. Government and industrial organizations have emerged as the top targets for sophisticated cybercriminals, while businesses are increasingly open to sharing security expenses with contractors and suppliers to build stronger collective resilience.
According to Kaspersky’s analysis of high-severity incidents handled through its Managed Detection and Response, Incident Response, and related services, the government sector accounted for 19 percent of all serious breaches for the second year running.
Close behind was the industrial sector at 17 percent, with the IT industry rising to third place at 15 percent and pushing finance out of the top three.
Attack patterns varied by sector. In government environments, advanced persistent threats (APTs) drove 33.3 percent of incidents, while social engineering played a role in nearly 19 percent of cases.
Industrial targets faced a more balanced mix: APTs at 17.8 percent, malware at 14.9 percent, and social engineering at 13.9 percent.
Notably, 22.8 percent of industrial incidents involved red-team exercises, suggesting many organizations are already investing in proactive testing.
The IT sector recorded the highest proportion of human-driven APTs at 41 percent.
Sergey Soldatov, Head of Security Operations at Kaspersky, noted that these sectors attract determined adversaries because of the high strategic value they hold—geopolitical intelligence, critical infrastructure, and global supply chains.
He emphasized that attacks are rarely opportunistic; instead, they aim for persistent access.
Organizations must therefore assume breaches will occur and prioritize early detection, rapid containment, and continuous monitoring through tools like threat hunting and compromise assessments.
A separate Kaspersky survey of 1,714 technical leaders and C-level executives from enterprises with over 500 employees across 16 countries found that nearly 70 percent of companies are now willing to help fund their contractors’ and suppliers’ cybersecurity measures.
Already, 25 percent have begun sharing these costs. The move is driven by the growing recognition that an organization’s own risk exposure depends heavily on the security posture of its partners.
In the past year alone, supply-chain attacks impacted nearly one-third of companies globally, while attacks exploiting trusted relationships affected one-quarter.
Respondents in India (83 percent), Indonesia (80 percent), Russia (80 percent), and Brazil (76 percent) showed the strongest support for cost-sharing. Soldatov explained that security no longer stops at corporate borders.
Smaller contractors often lack the advanced protections larger firms possess, creating weak links in the supply chain.
By pooling resources and expertise, enterprises can close these gaps and raise overall cyber resilience across entire ecosystems.
The reports paint a clear picture. It is evident now that cybercriminals are focusing on high-value, strategically important targets, while forward-thinking organizations are responding by extending protection beyond their own walls.
Kaspersky recommends strengthening role-based access controls, conducting regular red-team exercises, and adopting managed detection services to stay ahead of evolving threats.