Industry executives and experts share their predictions for 2025. Read them in this 17th annual VMblog.com series exclusive. By Ben Mourad, Senior Director - Solution Architecture, DMI
From the
National Public Data breach exposing billions of personal records to the
alleged Chinese-based group Salt Typhoon infiltrating major U.S. telecom firms,
2024 has been an explosive year for cyber.
Despite
the high-profile attacks, there were also tremendous strides in cyber defense,
with the passing of OMB's 2024 zero-trust deadline and the rapid advancement of
AI being used for cyber. More significant shifts are still underway as
automation, AI, and other technologies continue to pave the way for various
cyber-related innovations.
As we
look ahead to 2025, we can expect the cybersecurity landscape to evolve rapidly
as previously unattainable capabilities such as quantum computing,
micro-segmentation and agentic AI introduce opportunities-and create
vulnerabilities.
Here are
a few key cybersecurity trends to watch out for in 2025:
Post Quantum
Cryptography:
The
protection of data from threats posed by quantum computing will emerge front
and center, particularly for organizations like the Department of Defense and
federal government agencies that routinely handle sensitive information.
Quantum
computing is advancing at a rapid pace and will soon only require months to be
capable of breaking most traditional keys. This has created opportunities for
foreign adversaries and bad actors potentially seeking access to
government-encrypted secrets.
Government
leaders are aware of this threat and are taking it seriously; they have begun
to incorporate measures and guidelines for using and implementing quantum
computing in legislation, including the proposed 2025 National Defense
Authorization Act.
As
quantum computing becomes more powerful and widespread, we can expect agencies
to prioritize post-quantum cryptography algorithms that are resistant to these
attacks.
Micro-segmentation:
Traditionally,
malicious actors attempting to gain access to your network-whether to steal
confidential data or deploy malware-start with reconnaissance to understand the
environment and protective measures in place, identify assets and expose user
accounts. Lateral movement follows reconnaissance to identify high-value assets
and privileged user accounts to pivot and increase access to endpoints,
applications, and data within the organization.
Micro-segmentation
creates a default gateway to endpoints, effectively creating a segment of one,
removing the risk of east-west and north-south lateral movement on local
networks, and eliminating the complexity of firewalls. Least privilege access
to endpoints is dynamically controlled through continuous assessment
(authentication and authorization) and context-based access policies, limiting
attackers' reconnaissance and lateral movement. This strategy contains internal
and external threat actors and prevents them from obtaining information or
accessing vulnerable endpoints, applications or
data. Granular network policies linked to specific users, applications and data
can significantly reduce the attack surface, contain breaches, and improve
overall security posture.
Just
three years ago, setting up these policies was considered more trouble than it
was worth, as any change in an application or environment could break
micro-segmentation policies and disrupt application availability. However,
thanks to recent advancements, new agentless, dynamic micro-segmentation
capabilities can now learn the environment as well
as recommend and implement appropriate policies as applications change and
evolve.
Agentic
AI:
We are
all familiar with the use of traditional generative AI to create new and
original content. However, 2025 will see a new wave of AI capabilities with
agentic AI. This advanced form of AI is capable of independently making
decisions or executing tasks within established boundaries.
Unlike
generative AI, which requires constant guidance to assist with tasks, agentic
AI can operate autonomously.
For
example, if you told generative AI to help set up an inter-agency leadership
meeting at a conference, it will likely give you steps to take or a vague
outline of what a good meeting includes. If you give agentic AI the same
prompt, it can identify a specific conference room, coordinate schedules with
attendees and send calendar invites with detailed directions.
While
this can be a powerful tool to streamline workflows, it can also be leveraged
for malicious purposes. Threat actors could use it to run scripts that search
for vulnerabilities on company or agency websites or to execute harmful code.
On the positive side, we'll also likely see agentic
AI being employed for activities like mock penetration testing and identifying
and patching vulnerabilities.
2025 Will
Be the Year We Start to Reap the Benefits of Technologies We've Spent Years
Developing
The past
few years have seen a rapid acceleration of groundbreaking cyber and technology
innovations driven by increased R&D investment, cloud democratization and
cross-industry collaboration. New technologies like agentic AI and quantum
computing, once unfeasible, are now viable. As we continue to accelerate into
the future, we will undoubtedly become more efficient and productive; however,
we will also encounter increasingly sophisticated cyber threats.
To keep
up with these evolving cyber threats, the government must work with trusted
industry partners to proactively and continuously adapt to these new
challenges.
##
ABOUT THE
AUTHOR
Mr.
Mourad is the Senior Director - Solutions Architecture at DMI, who leads DMI's
Cyber practice supporting Federal and Commercial clients. He has over 30 years of experience in a
variety of roles, including Chief Architect at SAIC and Lead Solution Architect
roles at Veriflow, Allegis Group, AT&T, Verizon, Qwest, and Citigroup. He has played a crucial role in leading zero
trust reference architectures supporting customers' adoption of public cloud,
context-based identity access management, operational technology security, and
migration from reactive security operations to become more proactive and
predictive.