While industrial cybersecurity continued to make great strides in 2024, a great deal of work obviously remains. As the army of bad actors and state-sponsored hackers continue to evolve their tactics and become more complex in their operations, here are some of the leading tactics to anticipate when developing plans and allocating cybersecurity investments.
Ilia Sotnikov, Security Strategist at Netwrix
- AI will enhance business operations, but security basics will remain crucial. In 2025, organizations will embrace AI-powered solutions across different business functions to increase productivity and speed decision-making. This new technology stack creates new attack surfaces and exposes organizations to previously unknown threats. To mitigate these new risks, security teams must adapt existing processes and controls, such as data access governance, privileged access management, and activity monitoring.
- Social engineering attacks will become more sophisticated. Malicious actors will bombard organizations with highly effective spear phishing, business email compromise campaigns, deepfake voice and video calls, and other attacks, fueled by information taken from massive corporate data leaks and social media and analyzed and correlated using new technologies. To reduce risk, organizations should require identity verification of all individuals participating in financial transactions using strategies like tokens, authenticators or secret codewords.
- Compliance will become more complex. New cybersecurity regulations like the US National Cybersecurity Strategy, NIS2, and the Cyber Solidarity Act will make third-party cyber risk management increasingly important, especially for organizations with an international footprint or supply chain. Instead of viewing compliance as a tick-the-boxes exercise, organizations should understand that it demands a solid security architecture that aligns business and security processes.
Tarun Desikan, VP of Product Strategy, SonicWall
- Hype around improving security outcomes using Generative AI will die down. 2024 saw some great concept security demos using GenAI models by ChatGPT, Anthropic, Google, etc. We saw AI SOC agents, AI policy generators, AI security admins and more. If you were expecting to see these demos make production-ready security products, think again. In 2025, we expect the rubber to meet the road – while the focus will switch from making exciting demos to making AI work in real-world scenarios, operationalizing GenAI to consistently improve security outcomes will turn out to be a very challenging problem. Turning hype to production will take significantly more time and, in 2025, the industry will acknowledge that reality.
- There will a major cyberattack that uses “Mission Impossible-style” impersonation enabled by modern AI. In the Mission Impossible movie franchise, Tom Cruise and team make use of advanced techniques – latex 3d face masks, voice modulators, adaptive contact lenses and more – to impersonate people, enter restricted areas and save the world from destruction. In 2025, new AI capabilities will make what was only possible in the realm of movies available to the mainstream. And, as with all such new technologies, the bad guys will be amongst the first to take advantage. Unfortunately, the bad guys won’t be using impersonation to save the world; instead, they will launch more sophisticated spoofing and phishing techniques to launch cyberattacks against unsuspecting civilian organizations.
Dr. Darren Williams, Founder/CEO, BlackFog
- Lesser-known ransomware gangs like Hunters International will grow at an expedited rate. As threat actors’ use of AI continues to proliferate, their attack rate will allow them to work more efficiently and successfully than ever before. There’s no honor amongst thieves, and the trend of “gang-hopping” by individual cybercriminals between ransomware groups will further complicate attribution and containment efforts. Attackers will follow the money and choose financial gain over any allegiance to a group.
- Deepfake scams will be a significant frontier for digital fraud through 2025. As threat actors evolve their tactics for maximum impact, they will continue to use advanced AI-driven tools to deploy highly tailored phishing attacks. AI is also ushering in a new generation of highly convincing deepfake technology that will introduce unprecedented risks for personal and corporate brands alike. Organized crime groups are aiming to cash in by creating increasingly convincing videos impersonating executives and public figures, such as Jeff Bezos and Elon Musk.