Today’s attackers no longer target a single domain. They exploit gaps in traditional, siloed security tools to operate undetected, moving laterally within networks under the guise of legitimate access.
The cybersecurity landscape has undergone a dramatic shift. Attackers have moved beyond traditional malware to leverage identity-based techniques that exploit legitimate credentials. This evolution requires organisations to rethink their security strategies to protect critical assets across endpoints, cloud environments, and identity systems.
Today’s attackers no longer target a single domain. They exploit gaps in traditional, siloed security tools to operate undetected, moving laterally within networks under the guise of legitimate access. This approach makes it harder for organisations to detect and respond to threats, especially as the speed of attacks increases. According to 2024 Global Threat Report, the average eCrime breakout time has dropped to just 62 minutes, with some attacks occurring in as little as two minutes.
The reality is that most organisations remain reliant on fragmented tools — point solutions that focus on specific threats, but fail to address the bigger picture. This fragmented approach leaves blind spots that adversaries exploit, particularly when they blend credential theft with legitimate tools like remote monitoring solutions.
“To counter cross-domain and identity-focused attacks, organisations must adopt unified security platforms that provide comprehensive visibility across all domains.”
Fabio Fratucello, International CTO, CrowdStrike
Breaking Down Silos to Counter Cross-Domain Attacks
Traditional security measures, while effective against malware-driven attacks of the past, are inadequate to address today’s multi-domain threats. Attackers exploit the fragmented nature of many security architectures, hopping across endpoints, cloud environments, and identity systems to avoid detection.
For example, by compromising user credentials, attackers can escalate privileges and move freely within networks. Disconnected tools and workflows slow detection and response, giving adversaries more time to establish persistence and exfiltrate sensitive data. Organisations must evolve their strategies to meet this challenge. The key lies in breaking down silos and consolidating point solutions into unified platforms.
Consolidation: A Strategic Imperative
To counter cross-domain and identity-focused attacks, organisations must adopt unified security platforms that provide comprehensive visibility across all domains. Unified platforms provide visibility across endpoint, identity and cloud environments, which is vital to detecting and responding to cyber threats. This increased visibility also allows organisations to utilise an adversary-driven threat hunting approach to drive greater precision, context-rich detection, and mitigate evasive tactics.
By streamlining data and integrating workflows, unified security platforms enable faster detection and response, with real-time insights and automated actions. These insights help organisations stay ahead of adversaries by enabling security teams to act collaboratively and decisively to orchestrate their response, outpace adversaries, and minimise their dwell time.
A unified platform not only enhances an organisations’ response, but improves operational efficiency and reduces costs. By consolidating point solutions, organisations simplify their defenses and improve the effectiveness of their operations. While this alone reduces costs, adopting a unified platform reduces organisations’ reliance on specialised expertise to manage these multiple tools and lowers cyber insurance premiums.
Adapting for the Future
The evolution from traditional malware-driven attack techniques to identity compromise and cross-domain attacks requires organisations to think more strategically in refining their security strategies and acquiring effective capabilities that address the cyber challenges they face.
As adversaries continue to refine their techniques, organisations must adopt a forward-thinking approach to cybersecurity. This means embracing unified strategies that eliminate silos, enhance visibility, and enable faster responses. Without this shift, businesses will struggle to address the complex threats of today — let alone those on the horizon.
About the author
Fabio Fratucello is the International CTO, at CrowdStrike, a leading Technology Strategist across APJ, Europe, and META markets. With over 25 years of experience, he drives strategic direction, accelerates growth, and fosters innovation. Previously, as CTO for APJ at CrowdStrike, he developed regional technology roadmaps and helped customers align their cyber defense strategies with their risk profiles.
Before joining CrowdStrike, Fabio held leadership roles in the financial services sector, including positions at Insurance Australia Group, Westpac, UBS, and Banca Intesa Sanpaolo. He also served on the APJ Strategic Committee for FS-ISAC, shaping security strategies and threat detection efforts in the region. He has also worked with Hewlett Packard Enterprise for over 3 years where he contributed as Chief Security & Risk Officer for a year.
A frequent speaker at global conferences, Fabio contributes to various government and industry initiatives. He holds a Master of Management in Information Technology and certifications such as CISSP, SABSA, CRISC, and CPDSE.
Fabio specializes in leading technology transformations and driving operational excellence, with a strong focus on cybersecurity strategy and risk management. He has extensive experience in managing global, cross-functional teams and is passionate about developing talent and fostering a culture of innovation within organizations.
