Four Cybersecurity Trends for 2025 

It is difficult to be in the prediction world in cybersecurity because of the evolving nature of threats, the digital landscape and cybersecurity tooling.

However, Infosecurity has selected four trends to keep an eye on in 2025. While many of these are not new, they continue to develop and are key for defenders to be aware of as we look towards the next 12 months. 

AI is a double-edged sword. While defenders are adopting cybersecurity tools to boost their resilience, attackers are also using this new technology to make their campaigns more sophisticated.

Overall, it is acknowledged that cybercriminals are using AI to generate more mature social engineering campaigns, allowing them to send mass email in multiple languages which do not have the tell-tale signs of spelling errors.

What is less prominent is the use of GenAI to create malware. Instead, Jamie Collier, Lead Threat Intelligence Advisor (Europe) at Google Cloud, noted that it is instead being used as a tool to tidy up code and find errors in already existing malware.

What is likely to grow is threat actor’s use of large language models (LLM) that lack security guardrails, allowing threat actors to query for illicit topics without limits, according to Google Cloud’s Cybersecurity Forecast 2024.

On the defender’s side, Collier said that we are entering the second phase of AI use. AI has already been used to reduce the toil on security operators completing repetitive tasks.

Google Cloud predicts that 2025 will usher in an intermediate stage of semi-autonomous security operations with the human remaining in the loop.

Mike Woodard, VP of Product Management for Application Security at Digital.ai, noted that AI-aided threat monitoring will become the norm.

“AI-aided threat monitoring, such as pattern recognition, anomaly detection, and general classification of data, will become necessary for security teams to surface the most urgent threats so that proper mitigation steps can be taken in a timely manner,” Woodard explained. 

Software vulnerabilities and zero-days in third-party software have become a prime target for threat actors looking to target multiple organisations via a single exploit and bypass tradition security measures.

Threat actors are now taking less time to exploit newly published CVEs, meaning defenders must react quickly.

Chinese threat actors are turning their strategies towards exploiting vulnerabilities, especially on edge devices and targeting the technology supply chain.

Earlier in 2024, Chinese state-sponsored actor APT40 was found to be focused on exploiting newly discovered software vulnerabilities, often within hours of public release.

Google Cloud noted that the number and variety of targeted vendors in these attacks is expected to continue growing in 2025 and beyond.

Regularly updating software and continuously monitoring systems for vulnerabilities can help mitigate risks. There is also likely to be more scrutiny of software suppliers who are under the spotlight to patch vulnerabilities quickly in response to attacker’s activities.

Dr. Aleksandr Yampolskiy, Co-Founder and CEO of SecurityScorecard, commented that regulatory pressures will intensify, with potential software bans on the horizon.

“Governments worldwide will create strict security regulations in 2025, requiring both organisations and their suppliers to follow enhanced safety standards. Some software, including open-source programs with known security flaws, may face outright bans. These regulations will make organizations responsible for thoroughly evaluating their software selections and supplier partnerships as governments take steps to protect critical infrastructure and reduce system vulnerabilities,” Yampolskiy said. 

In 2024, several significant cybersecurity regulations were enacted in Europe, reflecting the evolving threat landscape and the need for stronger defences. 

In the European Union, regulations include the updated Network and Information Systems (NIS2) directive, the Digital Operational Resilience Act (DORA), the Cyber Resilience Act (CRA) as well as the EU AI Act.

In the UK, the government introduced the Cyber Security and Resilience Bill in the Summer of 2024.

As organisations tackle the compliance of these regulations and attempt to recognise which ones apply to their businesses it must be cautioned that compliance does not equal security.

Jeff Le, VP of Global Government Affairs and Public Policy at SecurityScorecard, noted that as we head into 2025, governments will steer towards a new era of global regulatory harmonisation.

“The urgency for harmonisation has reached a tipping point. In response to these mounting challenges, there will be a growing push for greater regulatory harmonisation in 2025. Governments, international organisations, and industry bodies will unite to create consistent standards and frameworks that can be adopted globally,” Le said. 

ADVERTISEMENT

As the adoption of cloud services has skyrocketed, so too have attempts by threat actors to exploit vulnerable points in the cloud.

According to a report by Thales, 44% of organisations have experienced a cloud data breach, with 14% reporting having had an incident in the past 12 months.

The primary causes of cloud data breaches include misconfigurations, human error and exploitation of known vulnerabilities.

Jakob Østergaard, Chief Technology Officer at Keepit, commented, “By 2025, organisations will scrutinise their cloud service providers with the same rigor they apply to physical supply chains. Compliance, vendor relationships, and security protocols will come under the microscope.”

Cloud providers will also need to bear some of the burden, Google Cloud noted in its Cybersecurity Forecast 2024 that in 2025, cloud providers are going to be dealing with more regulation, and increased expectations.

Google Cloud also noted that organisations will need to prioritise cloud security in order to protect data and maintain customer trust. They will need to implement stricter access controls and enhance monitoring capabilities. 

These trends, though not entirely new, continue to evolve and shape the cybersecurity landscape. By keeping a close eye on these developments, cybersecurity professionals can better prepare for the challenges ahead, ensuring robust defences and resilient systems in the face of an ever-changing threat environment.

Enjoyed this article? Make sure to share it!

Looking for something else?