TL;DR: Cyber risk is converging around AI-enabled deception, state-aligned operations, third-party exposure, and supply chain fragility in SecurityScorecard’s Q3 2025 coverage, with reporting spanning the STRIKE Threat Intelligence team’s 12-Day War analysis, deepfake campaigns, and enterprise breach commentary. The practical lesson is that cyber risk management now has to treat external dependency, impersonation, and geopolitical spillover as connected governance problems, not separate workstreams.
NHIMG editorial — based on content published by SecurityScorecard: Q3 2025 press coverage roundup
Questions worth separating out
Q: How should security teams reduce fraud when attackers use deepfakes and synthetic identities?
A: They should combine document validation, liveness detection, behavioural analytics, and risk-based step-up checks rather than relying on a single identity proofing event.
Q: Why do third-party connections increase breach exposure?
A: Third-party connections increase exposure because they extend your trust boundary into another organisation's identity controls.
Q: What do organisations get wrong about AI-driven cyber risk?
A: They often assume the main change is autonomous attackers, when the immediate change is faster and more variable abuse of existing identity pathways.
Practitioner guidance
- Reassess external trust paths Build a living inventory of supplier connections, delegated permissions, and externally issued machine credentials.
- Strengthen approval verification for high-risk requests Require out-of-band confirmation for payments, credential resets, policy exceptions, and access changes that could be triggered by deepfake-assisted impersonation.
- Tie supplier offboarding to credential revocation When a vendor relationship ends, revoke tokens, rotate shared secrets, disable unused accounts, and remove OAuth grants as part of the same workflow.
What's in the full article
SecurityScorecard’s full press coverage roundup covers the operational detail this post intentionally leaves for the source:
- Specific TV and podcast appearances with the exact cybersecurity themes each executive discussed.
- The underlying STRIKE Threat Intelligence report context on the 12-Day War between Iran and Israel.
- Coverage-by-region details across North America, EMEA, and APAC that show how the quarter’s themes were picked up in different markets.
- Company news on the HyperComply acquisition and the Uniqus partnership, including the business context around those moves.
👉 Read SecurityScorecard’s Q3 2025 press coverage roundup on AI, state actors, and supply chain risk →
Q3 cyber risk coverage: what AI, state actors, and suppliers change?
Explore further
State-aligned cyber operations are now a governance problem, not only a threat-intelligence problem. The quarter’s coverage shows how conflict-driven campaigns blend technical intrusion with strategic targeting, making supplier trust, identity assurance, and response coordination part of the same control surface. For security leaders, the implication is that geopolitically motivated activity must be reflected in access governance and resilience planning, not just in intelligence briefings.
A question worth separating out:
Q: How can organisations tell if their external access model is too broad?
A: A broad external access model usually shows up when teams cannot quickly answer which suppliers, tokens, and non-human accounts still have access, why they have it, and who owns revocation. If access reviews are delayed, manual, or disconnected from offboarding, the model is already too broad. Visibility and lifecycle ownership are the key signals.
👉 Read our full editorial: AI-driven cyber risk, state operations, and supply chain exposure in Q3