The Identity Theft Resource Center® (ITRC) has reported that in 2025 the frequency of data compromises continued a three-year annual trend of more than 3,000 incidents requiring identity theft breach notifications. This resulted in over three quarters of a billion victim notifications being sent in 2025 alone. Although the “mix” of compromises has changed, with a decrease in “mega-breaches,” the IRTC predicts that the rapid rise of artificial intelligence (AI) will result “in an environment of persistent cyber-risk.” The ITRC’s 2025 Annual Data Breach Report can be found at: https://www.idtheftcenter.org/publication/2025-data-breach-report/.
Organizations should be cognizant of their cyber-risks and take appropriate steps to harden their systems. One of the challenging aspects of formulating a cyber-security program is “where to start.” On January 28, 2026, the FBI Cyber Division announced Winter Shield (Securing Homeland Infrastructure by Enhancing Layered Defense). Winter SHIELD is a 10-week campaign designed to address common, high-impact cyber breach pathways. It encompasses the FBI’s 10 most impactful actions organizations can take to improve resilience against cyber intrusions. Organizations looking to start, or refresh, their cyber-security programs might want to take a look at Winter Shield.
Operation Winter Shield Website: https://www.fbi.gov/investigate/cyber/wintershield.
