AI and ML will play an increasingly central role in cybersecurity in 2025. They will be used to enhance threat detection and response (more effective anomaly detection), improve threat hunting (proactively identify vulnerabilities), combine security posture management to behavioural analytics to help monitor and secure large datasets in real-time, spotting risks such as data exfiltration attempts or unusual data access patterns. 

“Cybersecurity vendors are increasingly integrating AI-assisted Copilots to enhance their services for customers,” said Todd Moore, Vice President, Data Security Products, Thales.

“These tools are great for helping to fill talent shortage gaps, which the ISC currently estimates at 4.8 million worldwide, but aren’t a replacement for internal teams. In the year ahead, it will be less about the adoption of these tools and more about how security teams leverage AI tools' capabilities. Those looking to remain agile will likely utilise these tools to bring their threat investigation abilities to the next level.” 

Gen AI-powered breaches will skyrocket 

The adoption of AI technologies is also a reality for cyber threats. Hackers can leverage AI to complexify their attacks. AI can also facilitate the development of automated scripts by a larger number of -less experienced- hackers. 

“With enterprises being targeted by an influx of advanced phishing attacks, the likelihood that someone within their organisation falls victim to an attack is at an all-time high, and we expect to see a steady rise in these across 2025,” said Moore.

“Once credentials are compromised, an enterprise’s entire network security crumbles, and with generative AI rapidly advancing social engineering methods, typical defence measures for credential compromise won’t be able to keep pace.” 

Attacks targeting critical infrastructure have grown exponentially over the last few years. The overwhelming majority of these attacks on operational technology (OT) and critical infrastructure start with IT.

Unfortunately, few within the operational space - from manufacturing to automotive - make this connection, often viewing themselves as separate from data security concerns. This focus on product development has led to a lag in security controls, with many industries still relying on dated and unsecured legacy systems. 

In 2025, securing the software supply chain will be a top priority, especially after major breaches like SolarWinds and the rise of software supply chain attacks. Organisations will conduct deeper security assessments on their third-party vendors, including cloud providers, to ensure their software and services are secure. Protecting data from being compromised through uncontrolled third-party applications or services will become even more critical, with organisations needing more visibility into the services they rely on. 

Post-Quantum Cryptography

Earlier this year, NIST released its first sets of post-quantum encryption algorithms. Before these standards were released, many enterprises needed help grasping the need for Post-Quantum Cryptography (PQC).

NIST's standards have brought urgency to address the impact of quantum advancements and the need to address these threats. Even though the TLS and SSH protocols have been updated to meet NIST's new standards, NIST is already working on its next set of algorithms, meaning that the algorithms implemented today will be different by the time the threat of quantum computing arrives. This points to the importance of crypto agility in adapting to these evolving security recommendations. 

"While TLS and SSH protocols are being updated to meet NIST's standards, enterprises will need to embrace crypto agility in 2025,” said Moore.

“The biggest barrier will be ensuring they have the time and resources to identify their exposure, take inventory of their assets, and employ crypto discovery. This will manifest in a steady rise of crypto centres of excellence among major enterprises. Enterprises must place agility at the centre of their quantum readiness, ensuring crypto-agile solutions are leveraged to keep pace with emerging quantum-resistant cryptography.”