Mid-Year Cybersecurity Trends: Insights from Managing Cybersecurity Threats

In a recent episode of the PLUS Podcast, host David Shannon, a privacy attorney at Marshall Dennehey, sat down with Evgueni Erchov, Senior Research Director at Cypfer, to explore the evolving landscape of cybersecurity. Their conversation revealed valuable insights into the current threat environment and what businesses can do to stay protected.

Here are four key takeaways from their discussion:

Cyber Threats Are Growing More Sophisticated

This episode emphasized the increasing complexity of cyberattacks. Threat actors are now exploiting zero-day vulnerabilities—flaws that haven’t even been publicly disclosed—giving them a dangerous edge. Compounding the issue is the rise of AI in cybercrime, which has led to hyper-realistic phishing emails, fake communications, and smarter malware.

Business Email Compromise (BEC) Remains a Persistent Threat

Attention was called to the continued prevalence of BEC attacks, which have evolved despite growing awareness and improved security tools. Criminals use convincing social engineering and AI-generated content to trick employees into divulging sensitive information or wiring funds. These schemes, often low in complexity but high in impact, remain one of the most financially damaging forms of cybercrime.

Employee Training Is Still the First Line of Defense

A recurring theme in the episode was the importance of human awareness. Even with the best security systems, human error remains a key vulnerability. Shannon and Erchov both stressed that ongoing, comprehensive employee training on phishing and cyber hygiene is essential.

Cybercriminal Tactics Continue to Evolve

One particularly striking example shared by Erchov involved a multi-layered attack: attackers flooded a victim’s inbox with spam emails, then impersonated IT helpdesk staff to offer “support”—gaining remote access in the process. This kind of social engineering, aided by automation and AI, underscores the need for businesses to implement layered defenses and verify internal communications rigorously.

As the cybersecurity landscape continues to shift, staying informed is imperative. Regular updates to security protocols, a strong culture of cyber-awareness, and attention to emerging threats can help organizations stay ahead of increasingly resourceful adversaries.

Interested in learning more about this topic? Listen to the full episode here.

Meet the Speakers

David J. Shannon, Esq.

Chair, Privacy & Data Security Practice Group; Chair, IP, Technology & Media Litigation Practice Group, Marshall Dennehey

David J. Shannon is a shareholder at Marshall Dennehey, where he leads both the Privacy and Data Security, and the Intellectual Property Practice Groups. David concentrates a substantial portion of his practice on privacy law, data breaches, ransomware attacks, intellectual property and copyright and trademark infringement. He is experienced in defending privacy and intellectual property cases throughout the United States. David is an international speaker at privacy and data security conferences and seminars, where he discusses legal issues and emerging trends in the privacy arena. djshannon@mdwcg.com; www.marshalldennehey.com