Industry executives and experts share their predictions for 2025. Read them in this 17th annual VMblog.com series exclusive.
By Douglas McKee, Executive Director of Threat Research at SonicWall
The
cybersecurity landscape in 2025 will be marked by unprecedented challenges and
transformative innovations. As advances in quantum computing edge closer to
reality, organizations must anticipate hybrid attacks combining traditional
tactics with cutting-edge technology - all while prioritizing the development
of quantum-resistant cryptography. The blurred lines between state-sponsored
and criminal cyber activities will further complicate attack attribution,
driving the need for stronger international collaboration and proactive
intelligence sharing. Meanwhile, AI will continue to redefine cybersecurity by
augmenting human expertise with automation and predictive analytics.
Additionally, shifts in enterprise priorities-such as the rise of service-based
security solutions and increased automation to manage growing alert
volumes-will reshape industry practices. Amid these trends, cyber insurance and
24x7 monitoring will become standard defenses against an evolving threat
landscape that demands both resilience and innovation.
What to Expect
from Advances in Quantum Computing
In 2025, the intersection of evolving cyber threats and quantum
advancements will redefine security strategies, pushing innovation and
international policy developments to safeguard critical systems and data. The
focus will be on anticipating hybrid attacks that combine traditional tactics
with advanced technology, reshaping the global cyber landscape.
Detecting
Attack Origins Will Become Increasingly Difficult
The line between state and criminal operations will continue to
blur, making it increasingly challenging to pin down who is responsible for attacks.
This may prompt stronger international collaboration on cybercrime policy, but
effective attribution will remain a core challenge. Governments and
private organizations must adapt to this evolving threat landscape, focusing
more on proactive intelligence sharing and threat-hunting to disrupt
collaborative efforts before they impact critical sectors.
2025 Will See
the Rise of Quantum-Resistant Cryptography
While large-scale quantum decryption of algorithms like RSA or AES
is unlikely in 2025, targeted attacks on specific or older cryptographic
implementations may become more advanced. Despite ongoing "quantum
apocalypse" fears being overstated, developing quantum-resistant
cryptography will remain a priority for researchers and organizations as part
of long-term resilience planning. Governments and private sectors will boost
investments in post-quantum solutions, emphasizing broader cybersecurity
measures to address potential early threats.
AI Will
Augment Cybersecurity Protection Efforts Without Replacing Humans
Artificial intelligence (AI) will be a defensive tool and a
strategic force multiplier in 2025. It will enable organizations to stay one
step ahead of state-sponsored criminals, adapt to quantum threats and protect
critical infrastructure in an increasingly hostile threat landscape. AI's
continuous learning, predictive power and automation will continue to redefine
cybersecurity without replacing the human element, making it essential for both
offense and defense to embrace and leverage as a tool in their tool belt.
My colleague, Matt Neiderman, Chief Strategy Officer at
SonicWall, had a few predictions that I thought should make the list including:
Reverse
Trending
Although cybersecurity developments tend to start at the
enterprise and work down to small- and medium-sized enterprises (SMEs), several
growing SME developments will increasingly trend up into the enterprise. These
include:
1) Favoring opex over capex by consuming more security as a
service or a managed offering rather than maintaining internal SMEs and making
large purchases to continuously refresh hardware.
2) Favoring ease of implementation and management over best of
breed by consolidating from numerous vendors to a small number of vendors that
offer a platform approach.
3) Outsourcing or offloading IT and cybersecurity work by favoring
service providers over traditional consulting firms or resellers.
Cyber
Insurance and 24x7 Monitoring Will Become the Norm
After a short post-COVID dip, the number of cyber-attacks
continues to grow at an alarming pace, but more importantly, the average cost
of a successful attack is growing at a higher pace and is predicted to grow at
a high rate through at least 2029 (the average cost of a data breach in 2024 is
$4.88 million). This will put pressure on firms of all sizes to have cyber insurance
in place or risk a potentially existential crisis. Insurance rate differences
driven by best practices requirements will in turn put pressure on firms to
adopt 24x7 monitoring of their security infrastructure, such that MDR, NDR and
other SOC services will become the norm, particularly as the number of vendors
providing those services grows.
Automation
A recent study of 3,000 global firms by Accenture found that the
share of cybersecurity-related AI patents increased 2.7X between January 2017
and October 2022. The growing number of cyberattacks and attack vectors due to
remote work and IoT as well as the increase in cybersecurity tools and
telemetry and the resulting number of alerts generated by cybersecurity tools
will drive the need for more SOC services. This will in turn increase demand
for significantly increased automation to manage alerts, block attempted
intrusions, respond to successful intrusions and investigate incidents at a
daunting scale. Both cybersecurity skills shortages and simple economics will
require a combined human and machine approach to cybersecurity.
As we look toward 2025, the cybersecurity landscape will demand a
proactive and adaptive approach to safeguard critical systems and data.
Organizations must prepare for the convergence of quantum computing and cyber
threats, invest in quantum-resistant cryptography and embrace AI as a strategic
ally in both offensive and defensive strategies. The rising complexity of
attack attribution underscores the importance of global collaboration and
intelligence sharing, while shifts in enterprise security priorities-such as
service-based models, automation and 24x7 monitoring-highlight the need for
scalable, efficient defenses. By staying ahead of these trends and fostering
innovation, businesses and governments alike can build resilience in an
increasingly interconnected and hostile cyber environment.
##
ABOUT THE AUTHOR
Douglas McKee, Executive Director of Threat Research at SonicWall
Douglas McKee is the Executive Director of Threat
Research at SonicWall, where he and his team focus on identifying, analyzing
and mitigating critical vulnerabilities through daily product content. He is
also the lead author and instructor for SANS SEC568: Product Security
Penetration Testing - Safeguarding Supply Chains and Managing Third-Party Risk.
Doug is a regular speaker at industry conferences such as DEF CON, Blackhat,
Hardware.IO and RSA, and in his career has provided software exploitation training
to many audiences, including law enforcement. His research is regularly
featured in publications with broad readership, including Politico, Bleeping
Computer, Security Boulevard, Venture Beat, CSO, Politico Morning eHealth, Tech
Republic and Axios.