Industry executives and experts share their predictions for 2025. Read them in this 17th annual VMblog.com series exclusive. By Evan
Powell, DeepTempo Founder and CEO
The
cybersecurity landscape is already going through significant changes driven by
more sophisticated attackers and aging platform players. Here are a few key predictions,
with the good and the bad, about the evolving dynamics of the industry:
1. Significant Increase in
Cybersecurity Spending leave us Further Behind
Global
cybersecurity budgets are projected to exceed $250 billion by 2025, according
to Gartner. On the other hand, with most analysts estimating a flow of
trillions of dollars to attackers, they have the resources to continue to out
innovate us.
2. Cloud-Based Data Platforms Enable
Safe AI for Security
Enterprises
will increasingly use shared data platforms that serve multiple purposes,
including analytics and cybersecurity. Some of these platforms, such as
Snowflake, have become a preferred environment in which to run advanced
analytics capabilities powered by AI for real-time threat detection and
response while retaining the security and data controls of the enterprise. The
emergence of these "NativeApp"
platforms allows the intelligence to run on the data, reducing the cost and
risk of moving data into proprietary security systems. This trend will continue
to drive the development of specialized security applications, foster
cross-functional data sharing, and create a demand for data engineers and
analysts skilled in leveraging these powerful environments.
3. Vendor Lock-in will sap more
budgets
While
Broadcom's aggressive approach to paying off their VMware acquisition has drawn
the most headlines as customers have experienced the costs of vendor lock-in
through 200-300% and greater price increases, the same sort of behavior is
playing out in cybersecurity, where Cisco is leveraging their acquisition of
Splunk to drive up their control of enterprise accounts and in some cases to
extract significant price increases. Vertically integrated platforms by their
nature lock customers in - and as such every CFO and CISO in the industry
should be looking at their exposure to these platforms. The question is when, and not if, these aging
platforms will be used to extract massive price increases.
4. Under Threat Regulators Try to Stop
Cyber Contagion
At a time of deep skepticism of possible
over-regulation - after all reportedly some large enterprises spend almost as
much on regulatory compliance as they do on actually preventing and responding
to cyber threats - these increasingly scrutinized regulators will be forced to
play a more active role in limiting the risks of cyber contagion from attacks
on major enterprises. One approach we
are already seeing is regulators insisting that large organizations have an
accelerated "get well"
plan so that in case of breach, they can quickly restore trust in attacked
institutions. A cyber contagion may be
exactly what certain nation-state actors would like to see - so in 2025 we all
need to work on containing this risk.
5. AI Skepticism Will Increase in
Volume
Security
influencers will repeatedly warn against over-reliance on AI for cybersecurity
while offering little in terms of actionable solutions beyond basic best
practices. While the talking heads focus on better patching the flood of CVEs
and improving our access policies and so on, attackers will leverage AI and
augmented insider based attack vectors. To some extent we are still learning
that what got us here - humans using simple rules and overwhelmed index based
logging systems to see and respond to suspicious behaviors - will not protect
us going forward, as attackers morph their attacks to evade rule and
traditional ML based indicators.
6.
Burn Out Continues
Along
with increased extractive behavior by leading platforms - another sign of the
end of times for an industry is the people in the industry becoming burned
out. Unfortunately in 2025 we will
continue to see unsustainable levels of burn-out. There are a number of reasons for this burn
out, including the tendency of decision makers within cybersecurity to push
favored solutions down to their teams, as opposed to allowing their teams to
select and integrate preferred solutions.
7.
Learned Indicators from purpose built AI proliferate
In
2024 we saw forward-looking organizations starting to leverage deep learning
and purpose-built Log Language Models to analyze vast amounts of log data,
detecting anomalies and potential threats with higher accuracy and speed. This
trend will accelerate in 2025, enabling security teams to respond more quickly
to threats, while optimizing their security spending, and boosting the
productivity and well-being of their teams.
Conclusion
On
the whole, I am optimistic. The problems
we face in cybersecurity - and the opportunities to unlock enterprises from an
increasingly unsustainable burden - are too great to allow the conditions
causing us all to fall further behind to persist. Savvy organizations that are prepared for
ever more sophisticated attacks by their increasingly extractive legacy vendors
- and of course by innovative cyber criminals - will build into a capability
that allows them to move faster with much greater resilience than their
competitors. Could 2025 be the year that
is acknowledged as a competitive strength as opposed to primarily a cost
center?
##
ABOUT
THE AUTHOR
Evan
Powell, DeepTempo Founder and CEO
Evan
Powell is a serial entrepreneur who has founded several enterprise software
companies that have built and leveraged open data architectures. His companies
have consistently achieved broad adoption, driving the IT industry towards
greater openness. His latest company, DeepTempo, developed Log Language Models
designed to run on open data lakes, enhancing the detection of cybersecurity
threats.