75% of attacks use stolen credentials, not malware: CrowdStrike

Cybersecurity has never been more critical in today’s rapidly evolving digital world. As enterprises embrace hybrid cloud architectures, AI-driven advancements, and an increasingly sophisticated threat landscape, securing their infrastructure demands a proactive and unified approach.

In an exclusive conversation with CIO&Leader, Fabio Fratucello, CTO – International at CrowdStrike, sheds light on the biggest technology shifts shaping 2025. From the rise of AI-powered attacks to the necessity of integrated security platforms, he explores how businesses can stay ahead of cyber adversaries. Edited excerpts are below:

Fabio Fratucello,
CTO, International,
CrowdStrike

CIO&Leader: What trends do you foresee shaping the IT landscape, particularly in areas like cybersecurity, cloud infrastructure, and AI/ML?

Fabio Fratucello: In 2025, hybrid cloud security will dominate as attackers exploit gaps across interconnected domains, including cloud, on-premises, and identity. With 75% of initial access attacks now malware-free, adversaries are bypassing traditional defences by abusing compromised credentials. Enterprises must adopt unified platforms that provide end-to-end visibility and protection, enabling them to detect and mitigate sophisticated cross-domain attacks before they escalate.

CIO&Leader: How will these trends impact enterprise decision-making and technology adoption?

Fabio Fratucello: These trends will push enterprises to prioritise unified platforms over fragmented tools. Current reliance on disjointed security solutions creates visibility gaps and operational complexity, which adversaries exploit. Unified platforms centralise visibility and protection across identities, cloud, and endpoints, enabling streamlined workflows and closing security gaps. This approach reduces complexity and enhances defenders’ capabilities to prevent breaches in hybrid environments.

CIO&Leader: What do you think will be the key priorities for CIOs in 2025?

Fabio Fratucello: AI and Generative AI are reshaping industries but have become prime targets for cyberattacks. Threats to AI services and LLMs jeopardise the integrity of the data and applications powering innovation. CIOs in 2025 must prioritise secure AI integration to confidently deploy these transformative technologies while safeguarding against threats like model tampering and data poisoning.

CIO&Leader: How will CrowdStrike’s offerings align with addressing these priorities (e.g., AI acceleration)?

Fabio Fratucello: We are leading the charge in securing AI infrastructure and models. We recently introduced AI Security Posture Management (AI-SPM), delivering comprehensive visibility and protection for AI models against threats like data poisoning and model tampering. Our strengthened partnerships with AWS, HPE, and NVIDIA are driving secure AI innovation. Additionally, our AI Red Team Services combine elite expertise and threat intelligence to help customers proactively identify and mitigate vulnerabilities in AI systems.

CIO&Leader: Could you share any upcoming CrowdStrike initiatives or product innovations that align with the anticipated technology trends?

Fabio Fratucello: We are committed to delivering innovation beyond technology. Falcon Flex provides adaptable licensing to the Falcon platform’s full portfolio of best-in-class modules, allowing customers to use what they need, when they need it. Our newly launched CrowdStrike Financial Services provides tailored financing solutions for the Falcon platform, ensuring access to industry-leading tools. These initiatives accelerate platform consolidation, streamline operations, and maximise ROI, empowering organisations to stop breaches with greater agility and efficiency.

Share on