Vulnerabilities in perimeter devices, third-party contractor systems, and credential management platforms are becoming prime targets for cybercriminals—signaling a critical shift that places physical security infrastructure directly in the line of fire. That’s one of the key takeaways from the newly released 2025 Data Breach Investigations Report (DBIR) by Verizon Business, a widely cited benchmark in the cybersecurity industry.
Now in its 18th year, the DBIR analyzed more than 22,000 security incidents and 8,900 confirmed data breaches across a wide range of sectors. While its traditional audience has been IT and cybersecurity professionals, this year’s findings sound an urgent alarm for physical security leaders and facility managers.
The report highlights a 34% increase in the exploitation of known vulnerabilities, with a significant number of those breaches targeting internet-facing perimeter systems and VPN appliances—core technologies that often underpin modern access control, video surveillance, and building management platforms.
“These systems were once considered the exclusive concern of the IT department,” said Dave Hylender, Verizon DBIR co-author. “But in today’s threat landscape, cybercriminals are actively probing the digital doorways into physical infrastructure.”
This convergence of cyber and physical threats was also a focal point at ISC West 2025, where Rachel Wilson, former head of cybersecurity at the U.S. National Security Agency and current Morgan Stanley executive, delivered a stark keynote address. Drawing on 15 years of experience in international cyber operations, Wilson warned that cybercrime has entered a new era—and that private industry must wake up to its expanded risk profile.
“The attackers have pivoted. They’re going after companies’ weakest digital links—including those tied to physical operations,” Wilson said. “Security must now be enterprise-wide, not siloed.”
The DBIR emphasizes that many of the exploited vulnerabilities stem from poor patch management, weak vendor oversight, and inadequate network segmentation—all of which can provide cybercriminals with a foothold into physical systems. Alarmingly, the report also notes that third-party contractor breaches are on the rise, often serving as indirect entry points for threat actors to reach more hardened targets.
For physical security professionals, the implications are clear: traditional defenses like locks, guards, and cameras are no longer sufficient unless backed by robust cybersecurity practices. Organizations are urged to review their vendor risk management, harden perimeter devices, and establish closer collaboration between security and IT teams.
As cyber-physical convergence accelerates, the stakes are rising not just for data—but for the safety of people, facilities, and the continuity of critical operations.
