Industry executives and experts share their predictions for 2025. Read them in this 17th annual VMblog.com series exclusive. By TK Keanini, CTO at DNSFilter
Better, more robust cybersecurity is not a new need for today's
digital organizations; it's a perennial one. What's new are the particular
challenges these organizations face due to the advent of AI technologies and
hybrid work models, among other changes. Such realities call for not just new
tools but new ways of thinking. Securing modern businesses is a matter of
staying updated on the latest threats, updating tools and looking at security
from the attacker's perspective.
Here are four predictions on what will be required in 2025 to
secure company networks.
Zero Trust will become the dominant model
By 2025, Zero Trust will be the
dominant architecture model, fully replacing outdated perimeter-based models.
Security controls will focus increasingly on the workforce and workloads rather
than just the workplace, leading to enhanced protection across diverse
environments.
Data privacy will be a competitive
differentiator
Data privacy will emerge as a
crucial factor in vendor selection, driven by widespread concerns over data
mishandling and breaches-especially in the
wake of FBI warnings to only use end-to-end encrypted messaging. Organizations will prioritize partnerships with vendors demonstrating strong data stewardship and robust privacy practices. As
consumers become more aware of how their data is managed and of their data
privacy rights, companies that fail to prioritize data protection will risk
losing business. I also believe we will see the beginning of privacy regulation
around using our likenesses - for instance, in AI-generated content - where
consent will become mandatory.
Generative AI's increased threats will require secure automation
and a hacker's mindset
By 2025, generative AI will be
integrated into nearly every business and department, significantly boosting
productivity. However, this will also introduce new security risks that
organizations will need to address. Simply automating tasks won't be enough. A
focus on secure automation and responsible
AI practices will be essential.
Additionally, creating cyber
exploits will become easier as the barrier to entry lowers-all cyber threats
are becoming AI-driven or AI-optimized cyber threats. Individuals need to think
like hackers rather than rely solely on coding skills, making the cybersecurity
landscape more complex and challenging.
Security tools will need to be
proactive, automated and faster
Perimeter security has gone the way of the
dinosaur. It is difficult to secure an organization that is dispersed across
hybrid environments, where the perimeter is no longer existent. By 2025, many current cybersecurity tools will become
outdated, as they still reflect a perimeter-based mentality. In today's world,
effective defense is necessary for every device and every location where people
live, work, and play.
Organizations will need proactive
tools that don't wait for an attack to happen. Instead, these tools will run
tests and simulations on themselves to ensure they can maintain operational
continuity in both good times and bad. Automation will be crucial, as it must
continuously test and model threats with every network change before attackers
can exploit vulnerabilities.
A key shift in cybersecurity
strategies will be "tempo." As the pace of change and attacks increases,
defenders must also quicken their responses. Those who don't keep up will be
vulnerable.
Embracing new solutions for a more secure 2025
Threats evolve, and so should an
organization's threat protection strategies and solutions. Those who have been
reluctant thus far to update their tools and processes must act quickly to
avoid reputation-damaging data breaches. AI is just too powerful a technology
to ignore or put off any longer since attackers are taking full advantage of it
already. Automation is an essential component, as well, to reduce the manual
maintenance required of cybersecurity or IT teams when it comes to defining and
implementing security protocols. Zero Trust and data privacy will become
critical elements of a comprehensive protection strategy so that no matter where
end users find themselves, protection will follow.
##
ABOUT THE AUTHOR
TK Keanini, Chief Technology Officer,
DNSFilter
TK Keanini is the Chief Technology Officer at
DNSFilter where he leads product management, customer experience, engineering,
and security intelligence toward ongoing innovation and growth, focusing on
customer needs and feedback to determine product direction.
TK
brings more than 30 years of networking and security experience to his role as
CTO. Notably, in 2017 TK and his team were recognized for their innovative work
on Encrypted Traffic Analytics (ETA) and awarded the prestigious Cisco Pioneer
Award.
Prior to joining DNSFilter, he led Cisco's
Encrypted Traffic Analytics security solution, where he saw revolutionary
potential in the ability to gain insights through existing network telemetry.
Additionally, TK served as CTO for Lancope where he and his team built the
award-winning StealthwatchTM product line. As CTO at nCircle in 2001, he drove
their technical direction to define and lead the Vulnerability Management
market. TK is a founding member of many security standards such as CVE and
remains active in standard bodies that promote multi-vendor interoperability.
As a highly regarded industry expert, TK's opinions and unique perspective have
been featured in top tier publications and he is a frequent main-stage speaker
at industry events.