By Byron V. Acohido
Reactive security isn’t just outdated — it’s become a liability. Attackers have figured out how to weaponize speed, and defenders are struggling to keep pace.
Related: Mastering adversary emulation
At RSAC 2025, I spoke with Derek Manky, Chief Security Strategist and Global VP of Threat Intelligence at Fortinet’s FortiGuard Labs, about how and why the game has changed — and what defenders can do to adapt. For a full drill down, give the accompanying podcast a listen.
Fortinet’s 2025 Global Threat Landscape Report puts numbers to the trend. Among the more jarring stats: a 39% increase in new CVEs in 2024, totaling more than 40,000 vulnerabilities disclosed in just one year. Meanwhile, automated reconnaissance surged to 36,000 scans per second, and credential theft logs climbed 500%.
In short: the industrialization of cybercrime is real, and it’s accelerating.
Manky advocates for what Fortinet calls Continuous Threat Exposure Management — a shift away from static security controls toward active, iterative testing. One tactic getting renewed attention is purple teaming — a blending of offensive and defensive roles that allows organizations to simulate real-world attacks and close the loop on detection gaps before attackers exploit them.
We also discussed how Fortinet is applying agentic AI to reduce analyst fatigue and improve decision-making. By merging insights from network and security operations into a single view, the goal is to shorten dwell time and extend visibility across an increasingly fragmented attack surface.
The tools exist, Manky notes. The pressure now is to put them to use — not reactively, but as part of a continuous cycle of readiness.
I’ll keep watch and keep reporting.
Acohido
Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.
(LW provides consulting services to the vendors we cover.)