Black Hat USA 2025 Roundup: Key Cybersecurity Lessons and How Indiko Data Helps

August 13, 2025

Black Hat USA 2025 just wrapped up in Las Vegas, and it comes at a critical time for cybersecurity. AI is advancing exponentially, and even geopolitical tensions are raising cyber risks globally. The conference gathered thousands of security professionals to discuss one pressing question: Does a robust cyber defence now require offensive tactics? The consensus from Vegas: Yes.  


Modern threats like AI-driven malware, supply chain breaches, and lightning-fast data theft are rewriting the security playbook. Traditional reactive security is no longer enough – staying ahead means anticipating attackers, testing your own defences, and leveraging AI in your favour. Businesses need partners who understand these evolving risks and the solutions. 


At Indiko Data, we followed Black Hat 2025 closely. Below, we break down the top lessons learned and explain how Indiko Data’s expertise helps you turn these insights into action

1. AI-Powered Attacks Are Outpacing Defences


What Black Hat Revealed: 
• Attackers are weaponising AI to craft hyper-targeted phishing lures, automate malware, and evade detection.


• Sessions like "Weaponising Apple AI for Offensive Operations" showed how even trusted platforms (like Apple’s AI frameworks) can be exploited by clever malware techniques. In short, AI is now a force multiplier for hackers


How Indiko Data Helps: 
We use AI on the defensive side to fight back:


✅ Automated anomaly detection – Both Acronis and Microsoft offer systems that utilise machine learning to spot unusual behaviour faster, catching AI-generated attacks that traditional tools might miss. Talk to us about how we can help you get AI to fight on your side.

2. Cloud & Third-Party Risks Are the Weakest Link


What Black Hat Revealed: 

• 67% of breaches now originate in the supply chain – with cloud misconfigurations and vulnerable vendors as top culprits. Attackers know that hacking a supplier or poorly configured cloud service can be their easy entry point.


• Talks like "Advanced Active Directory to Entra ID Lateral Movement Techniques" exposed how attackers pivot through hybrid environments (on-prem AD to cloud Azure AD), exploiting trust between systems. Your security is only as strong as your weakest partner or misconfigured setting. 


How Indiko Data Helps: 
We excel in cloud security posture management and third-party risk assessments to help you shore up these weak links:


✅ Microsoft 365 backup & recovery – We ensure you have independent backups of cloud data (Microsoft’s own data protection is limited). This keeps your info safe even if a cloud app is compromised. We can help you identify the gaps in your readiness and help you fill them with the most capable solutions and designs. 

3. Offensive Security Is Now Non-Negotiable


What Black Hat Revealed: 
• Defenders who think like attackers win. Teams that regularly conduct red teaming and adversarial simulations drastically reduce their breach risk (one stat showed it can cut likelihood of a major incident by nearly 50%). It’s no longer enough to react; you must actively probe your own defences.


• Tools like Threat Tracer (debuted at Black Hat) visualise attack paths to help prioritise fixes. The message was clear: being proactive, by hunting threats and practicing incident response, is essential to stay ahead of adversaries. 


How Indiko Data Helps: 
We don’t just monitor for threats – we actively hunt them and strengthen your defences before real attacks happen:


✅ Incident response planning – We help create and rehearse incident response plans tailored to your business, so if an attack happens, your team is ready to respond effectively and meet your recovery objectives (RTO/RPO). Don’t get caught out and have to make thing up on the fly – let us help you plan ahead and test in advance. 

4. Data Exfiltration Is Faster Than Ever


What Black Hat Revealed: 
• Infostealers like Lumma and Vidar are surging – stealthy malware that siphon data. Over 30 million stolen login records were floating around dark web markets in 2024 alone. Attackers can monetise your data or use it for extortion within days of a breach.

 
• Sessions like "Hackers Dropping Mid-Heist Selfies" showed creative ways attackers extract data (even taking screenshots of sensitive info mid-breach). The moment hackers get in, they try to exfiltrate your crown jewels quickly. 


How Indiko Data Helps: 
We assume breaches can happen and make sure that even if attackers grab data, you don’t lose it permanently (and you know about it right away):


✅ Immutable storage + safe restores – Only around 60% of businesses use immutable storage for their backups. Protect your backup repositories from destructive hackers and restore with confidence. We can even test your backups in your own time and prove that they work way before you need to use them in anger. 

The Bottom Line

Black Hat 2025 made one thing clear: reactive security is dead. Today’s threat landscape, with AI-empowered attacks, cloud supply chain exploits, and blitzkrieg data theft, demands a blend of offensive tactics, AI-driven defence, and resilient backup strategies. In other words, to outpace modern hackers, you need to think like them, equip yourself with cutting-edge tools, and prepare for the worst (while hoping for the best). 


This is exactly the approach we take at Indiko Data. We pride ourselves on being the security partner who stays ahead of the curve, so you don’t have to play catch-up. Our team is continuously digesting insights from events like Black Hat and converting them into tangible improvements in how we protect our clients. We combine the human expertise (skilled security professionals) with smart technology to create a defensive posture that’s always learning, adapting, and ready to meet the next attack head-on. 


In cybersecurity, the winners are the ones who learn and evolve fastest. With Indiko Data by your side, you gain a partner that is constantly evolving, anticipating the tactics of attackers and turning Black Hat insights into real-world protection for your organisation. 

📅 Ready to turn Black Hat insights into action? 


Get in touch today!

A collage of photos from Acronis Partner Day 2025

Top Takeaways from Acronis Partner Day 2025: Insights, Innovation & Inspiration

July 29, 2025
Discover key insights from Acronis Partner Day South Africa 2025—from faster backups to AI-driven security and Warm DR in Azure.

BackUp vs Disaster Recovery - What’s the difference?

July 10, 2025
BackUp and Disaster Recovery (DR) are often mistaken for one another, or combined without providing any form of differentiation, but do you know what the difference between the two of them is? In straightforward terms, BackUp is the process of making the file copies. Whilst DR is the plan and processes used for the copies to quickly restore access to applications, data and IT resources after an outage. Think of it this way, if you just have copies of the data, it doesn’t mean much if your service isn’t available for your customers, you must also ensure business continuity. To do this you need a robust, and tested, backup and disaster recovery plan. 3-2-1 BackUp Strategy Data backup involves making copies of your data from their original sources and adding them to different locations. One backup copy is not enough. For example, if you backup your computer to an external hard drive you keep in your office, and there was a fire in the office, you would lose both your computer and the external drive. The 3-2-1 backup strategy rule removes this risk. Doubling the protection of your data by keeping backup copies locally, off-site and on external storage devices. 3. Create three copies of data, the original and two copies 2. Store data on different media storage types 1. Keep one backup copy in a separate geographic location. Whilst the 3-2-1 rule is important, you must also determine a timetable to backup your system on a regular basis. Establish a frequent backup schedule, this should be determined based on how much data you are willing to use. Most people back up on a daily or weekly basis. But you don’t have to remember to do this manually, you can use software which automatically manages this for you. Who said money can’t buy peace of mind? Disaster Recovery plan Normal business operations after a downtime or data loss incident can take days or weeks to resume. Can you afford to wait before resuming service? Will your customers understand and stick around? Or will they move their business to a competitor with a strong disaster recovery program? You need a disaster recovery plan which will provide you with immediate access to your data, enabling you to resume services as quickly as possible. With the use of cloud-based disaster recovery services this is now much easier to manage, as well as more affordable, even for smaller businesses. But what do you need to consider when building a DR plan? Perform a business impact analysis (BIA) – This will help you determine the scope of potential aftereffects and impacts in case of disruption to the business Perform risk analysis and vulnerability assessments – Anticipate and plan for the worst case scenario Identify roles and responsibilities – Define the recovery teams roles and responsibilities in the event of a disaster Take inventory – Look at your IT infrastructure, including hardware, software, applications and critical data so you can prioritise the most essential systems and assets Communication plan – Confirm who and when you will report any incidents, keeping in mind local compliance and regulatory laws Recovery Time Objective (RTO) and Recovery Point Objective (RPO) – Determine how long your business can manage with an interruption to normal operations, and how much data you can stand to lose (typically measured in time, days, hours, minutes) Build and test your plan Now you understand the difference between backup and disaster recovery, and why you need both. But you shouldn’t just implement these solutions and step back. You need to create an incident response plan which should include: Names and numbers of core internal and external contacts in hard copy form A reliable fallback internal communications channel in the event you cannot access email Documented communications plan which highlights who need to be contacted and by whom. You should review and test this plan regularly to check for any gaps or problems. Conclusion It’s not so much a case of if an attack will happen to your business, but more of a case of when. The latest surge of cyberthreats attacks has increased the average cost of a data breach from $4.55 million per incident to $5.53 million according to IBM’s Cost of a Data Breach 2024 report. You need to plan for the probability that an attack will happen and build the defences to ensure your business continues in the aftermath of data loss and/or downtime. If you are planning how you can reduce the threat of data loss and downtime to your business let’s talk ! We’re happy to help.

Five costly data protection gaps in Microsoft 365 and how to close them

July 7, 2025
If your business uses Microsoft 365, you can expect reliable access to its applications with high availability. Microsoft has a great reputation for keeping its systems online, but it is not responsible for keeping customer data safe since it does not offer true backup and recovery capabilities. In fact, Microsoft itself recommends that users regularly back up content and data using thirdparty apps or services.

Nine reasons why you need to back up your Microsoft 365

July 7, 2025
While Microsoft 365 continues to gain market share, it is important to note that this platform does not provide out-of-the box backup and data recovery solutions. With the increase in frequency and severity of cyberattacks — especially ransomware — businesses face the real risk of unplanned downtime and potentially devastating data loss

Stay ahead of today’s advanced email attacks

July 7, 2025
All businesses face the same daunting challenge: email is the most important business communication tool and the leading attack vector for security breaches.

Discover how to close vulnerabilities and protect your data, even from zero-day attacks

July 4, 2025
Did you know that a startling 80% of breaches are new or unknown zero-day attacks? Or that antiviruses alone miss 57% of attacks? Watch this webinar and explore how the integration of next-generation cybersecurity, reliable backup and recovery and enterprise protection management can increase the security of your data, improve team productivity and decrease your operating costs. https://acronis.events/event/on-demand-discover-how-to-close-vulnerabilities-and-protect-your-data-even-from-zero-day-attacks/

Supercharge your IT with integrated backup and cybersecurity

July 4, 2025
Watch a demo webinar with Acronis’ Sales Engineering team for an in-depth look into Acronis Cyber Protect, which integrates data protection, cybersecurity and endpoint management capabilities in one easy-to-use solution.

Stop ransomware attacks and meet NIS 2 requirements with Acronis Cyber Protect

July 4, 2025
Expert-led webinar walks you through how to align your cybersecurity strategy with today’s threat landscape and compliance expectations.