Americas Regional Cyber Threat Outlook 2025

This document is a technical report that outlines the evolving cyber threat landscape in the Americas region for the year 2025. It describes how regional threat economies are influenced by factors such as maturity, geopolitics, and the speed of digitization. The report details key threat trends, notable threat actors, and the overall outlook for the region. It highlights that social engineering-driven identity compromise often precedes ransomware deployment, with the manufacturing sector being the most affected by ransomware incidents. The report also identifies top attack vectors, emphasizing the prevalence of credential abuse through Software-as-a-Service (SaaS) and phishing. Furthermore, it discusses the dominance of financially motivated ransomware groups, particularly Akira, and outlines the tactics employed by various threat actors. The analysis indicates a significant shift towards operationally intensive sectors, underscoring the urgent need for enhanced cybersecurity measures to mitigate risks associated with increased digitization and interconnected systems.