Rapidly Expanding Attack Surface

Category: News
Published: 5^th December 2025

Access our Report

The attack surface continues to grow as organisations adopt cloud services, IoT devices, and complex third-party supply chains. Each new system component or connected device introduces potential vulnerabilities that attackers can exploit.

Internet of Things (IoT)

IoT adoption has expanded the number of endpoints and created additional vectors for intrusion. Misconfigured devices or insecure integrations can provide attackers with persistent footholds, enabling lateral movement and escalation.

Cloud

Misconfigurations in cloud environments remain a major contributor to breaches. Teams must manage distributed identities, ephemeral workloads, and automated CI/CD pipelines, all of which increase visibility challenges and amplify the risk of configuration errors.

Supply Chain

Complex supply chains, which integrate third-party vendors, SaaS applications, and open-source dependencies, introduce systemic risk. Attackers increasingly target these indirect pathways to compromise multiple organisations simultaneously. Recent ENISA reporting underscores the growing number of supply-chain-related incidents, highlighting the need for third-party risk management and continuous assurance.

Download the full Cyber Trends 2026 Report

Get the complete analysis and recommendations in a board-ready PDF.

Read the Report

Cookie	Duration	Description
AnalyticsSyncHistory	1 month	No description
crisp-clientsession/*	6 months	Session ID for existing chat through Crisp chat
li_gc	2 years	No description

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_UA-3109036-1	1 minute	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.

Cookie	Duration	Description
bcookie	2 years	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie	2 years	LinkedIn sets this cookie to store performed actions on the website.
lang	session	LinkedIn sets this cookie to remember a user's language setting.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.

Send a message

Contact details

Social media

Rapidly Expanding Attack Surface

Internet of Things (IoT)

Cloud

Supply Chain

Download the full Cyber Trends 2026 Report