Cyber threats intensify in 2026
M‑Trends 2026 flags a faster, more coordinated and industrialized cyberattack landscape — a warning that event organizers running hybrid registrations and digital ticketing need stronger security and contingency plans. The report frames cyber risk as a business‑critical issue, not just an IT problem. (industrialcyber.co)
Mandiant’s M‑Trends 2026 is built from more than 500,000 hours of frontline incident response work conducted by Mandiant during 2025. (cloud.google.com) The report measures a collapse in the median time between initial access and hand‑off to another actor — down to 22 seconds, versus more than eight hours in 2022. (securityweek.com) Exploits accounted for the largest share of initial entry at 32% in 2025, while voice‑phishing (vishing) rose to 11% and email phishing declined to roughly 6% as attackers shifted tactics. (expertinsights.com) Global median dwell time increased to 14 days in the 2025 dataset, up from a median of 11 days the prior year. (cloud.google.com) Mandiant documents a clear pivot by ransomware operators toward deliberately targeting backup, snapshot and virtualization infrastructure to prevent recovery — a pattern described in the report as deliberate “recovery denial.” (csoonline.com) The report’s defensive priorities call out securing backup repositories, identity services and the virtualization layer, investing in faster detection and integrated defenses, and maintaining continuous incident‑response readiness; M‑Trends 2026 was released by Mandiant at RSA Conference 2026. (industrialcyber.co)
