Industry executives and experts share their predictions for 2025. Read them in this 17th annual VMblog.com series exclusive. By Greg Sullivan, CIOSO Global
In
2024, cybersecurity became a top priority-a C-Suite issue-and all indications
are that 2025 will be a transformative year in cybersecurity. Malicious actors
are improving by the day at their wanton craft, and organizations realize that
keeping up with them will require significant recalibrations. Threat actors are
becoming more sophisticated, and regulatory compliance pressures and reliance
on digital infrastructure have increased. Enhancing resilience, unifying
fragmented systems, and prioritizing proactive measures and overreactive fixes
are now issues that top-level management discusses.
Know Thyself: The Key to Staying
Ahead of Threat Actors
One
of the significant security concepts that gained visibility in 2024 was the
need for organizations to understand their operations and hackers. Because of
this, a sort of "know-thyself" rule emerged. In 2025, this will change from a
rule to a commandment, highlighting the use of tools and practices that provide
telemetric abilities. Organizations must better understand their digital
footprints, vulnerabilities, and security gaps to prevent breaches.
The
need for hyper-visibility and understanding will drive AI and machine learning
technologies to analyze vast amounts of data faster and more precisely. These
tools will provide new levels of efficiency in asset and patch management,
vulnerabilities in visibility, and threat actor profiling. Organizations must
understand their internal security posture and its parallels with external
threat dynamics-whether those dynamics are internal-related or globally spread.
2025: The Year of the SBOM
In
2025, a "software bill of materials" (SBOM) will be crucial in software
security and supply chain risk management. An SBOM is a nested inventory, a
method of organizing inventory that lists the ingredients that make up software
components. Knowing codebase vulnerabilities will be as crucial as
understanding physical endpoints and virtual machines.
SBOM
tools will become commonly used. They will allow organizations insight into
hidden software vulnerabilities so that remediation or compensating controls
can be employed. Proactive vulnerability management instead of reactive
management will be the mantra in software security.
Enhanced Email Security: The
Last Line of Defense
The
ubiquity of social media has given cybercriminals a target, if not an open
window, which means that email security will become crucial to cybersecurity
efforts. Advanced, layered capabilities will be added to the already adopted
defense strategies. Organizations must develop greater protection against
phishing to fortify their communications from never-ending social engineering
attacks.
C-Suite Leadership and
Cybersecurity Culture
As
stated in the introduction, 2025 will see a much higher level of involvement
from members of the C-suite in security matters. Cybersecurity is no longer
just an IT issue. Top management will take cybersecurity leadership roles. They
will engage directly with cybersecurity teams to gain a new level of risk
awareness.
The
seismic C-level shift in interest will be a top-down approach to cybersecurity
culture, increasing the understanding that every employee will have a role in
security. Training programs, leadership-driven initiatives, and stricter
enforcement of cybersecurity policies will define the coming year. Any weakness
individuals and third parties exhibit in dealing with maturing cybersecurity
standards will not be tolerated.
Automation and AI to Alleviate
Overworked Security Teams
Cybersecurity
teams were under increasing strain in 2024. To alleviate this burden, 2025 will
see greater reliance on automation to streamline workflows, enhance threat
detection, and accelerate incident response. AI-powered tools will
significantly ensure security, enabling IT teams to focus on strategic
priorities.
Automation
will significantly enhance vulnerability management. The time it takes to
identify and remediate potential risks will be substantially reduced. Rapid
patching policies will be strictly enforced, as unpatched systems will no
longer be tolerated.
Resilience Over Reliance
Lastly
2025, the focus will shift from external cybersecurity solutions to building
in-house resilience. Organizations will strengthen their internal security frameworks
to mitigate attacks and lessen their reliance on external dependency. This
ownership model will usher in innovative solutions and require a long-term
commitment to cultivating in-house expertise.
Better Vulnerability Awareness
In 2025, the hyper cybersecurity
awareness will be better aligned to threat actor activity and mapped keenly to
specific vulnerabilities so that organizations can make more informed security
investments. Today, there is an abundance of cybersecurity tools offering
insights into operating system, firmware and code vulnerabilities-the challenge
lies in prioritizing what needs addressing first. The traditional vulnerability
age and exploitability scores that guide this prioritization will pivot to
paying attention to detailed intelligence on threat actor behavior such as
targeted industries, geographies and preferred exploits. These criteria will
become the critical focus points to drive more refined defences, smarter
resource allocation and wiser cybersecurity investments.
Looking Forward
The
proliferation of franchise-model threat actors continues, as we've seen from
Scattered Spider in 2024. Organizations such as these will continue to escalate
the risk for all of us. These alarming trends will force organizations to increase their
urgency on cyber defense in 2025.
In
addition, embracing SBOM practices and fostering top-down awareness cultures
will all be trends in 2025. Those enterprises that act proactively, show
adaptability, and invest in automation will be the businesses that avoid
embarrassing breaches and bottom-line deteriorating fines.
##
ABOUT THE AUTHOR
Greg Sullivan is the
Founding Partner at CIOSO Global, LLC,
specializing in cybersecurity and technology risk management. He advises
clients on regulatory compliance and cybersecurity strategies, helping
organizations design and implement risk-based cybersecurity capabilities.
Previously, Greg served as Senior Vice President & Global Chief Information
Officer at Carnival Corporation, leading global IT, innovation, and
cybersecurity efforts. He also held leadership roles as CEO and CTO at Global
Velocity, focusing on enterprise and cloud security. Greg holds a BS in Systems
Science & Mathematics from Washington University in St. Louis and is a
Certified Information Systems Security Professional (CISSP).