Identity Is The New Perimeter: The Microsoft Digital Defense Report’s Biggest Wake-Up Calls

Attackers aren’t breaking in—they’re logging in. In this episode, we unpack the Microsoft Digital Defense Report 2025 and what it reveals about today’s identity-first threat landscape: infostealers, hybrid ransomware operations, and social engineering that blends into “normal” activity.

Joining the conversation are Chloé Messdaghi (strategic advisor on AI governance and cybersecurity at Microsoft) and Etan Basseri (Principal Product Manager, Microsoft Identity), with practical steps leaders can take now, from phishing-resistant multifactor authentication (MFA) to passkeys and building an identity control plane for humans and AI agents.

In this episode, we cover:

• Identity is the new perimeter: modern attacks use legitimate sign-ins and multi-stage tradecraft that’s harder to spot
• Scale is the story: why inconsistent adoption creates gaps that “explode at scale.”
• Ransomware is often the finale: identity compromise is increasingly the first step.
• Passwords are a liability: 97%+ of identity attacks are password-based—so shifting to phishing-resistant MFA and passwordless is a foundational move.
• What “phishing-resistant” looks like in practice: passkeys/FIDO, Windows Hello for Business, certificate-based auth—then enforce with Conditional Access.
• Threat intelligence in the real world: how Microsoft shares verified threat actor indicators (e.g., known bad IP ranges) through identity protection signals.
• AI changes both offense and defense: attackers move at machine speed; defenders need AI with guardrails.
• Token theft and replay: why endpoint and identity signals matter for detecting suspicious token use.
• Actionable next step: make phishing-resistant MFA coverage a leadership metric and start a passkey roadmap.