Insight and analysis on the information technology space from industry thought leaders.

4 Key Cybersecurity Predictions for 2025 — and What to Do About Them4 Key Cybersecurity Predictions for 2025 — and What to Do About Them

With cyber breaches reaching record highs in 2024, businesses face increasingly sophisticated threats in 2025 — emphasizing the need for proactive cybersecurity strategies.

Industry Perspectives

February 14, 2025

3 Min Read
green locks among green code
Alamy

By Simon Hughes, Cowbell

2024 saw a record-high number of breaches — more than 10,000 across 94 countries, in fact. As well as increasing in volume, cyber breaches also increased in severity, with threats more sophisticated than ever. Of those 10,000 breaches, 62% of financially motivated incidents involved ransomware or extortion, with a median loss of $46,000 per breach — a potentially devastating figure for a small or midsized business.

These statistics remind us that companies are becoming increasingly vulnerable to cyberattacks. Whether large or small, all businesses are at risk, but especially those that rely on outdated reactive approaches, a point that brings us to our first of a series of cybersecurity predictions as 2025 kicks off:

1. Cybersecurity Practices Will Focus More on Prevention

General cybersecurity practices are likely to continue focusing on prevention. The focus has been shifting from reactive measures, including response and recovery after an attack, to proactive measures to prevent incidents before they occur.

Cyber insurance players will follow this trend by also focusing on supporting businesses with insights and education that enable the implementation of better preventive solutions, rather than relying on a reactive approach.

Related:Cybersecurity Trends and Predictions 2025 From Industry Insiders: Part 1

2. AI-Driven Cyberattacks and Deepfake Deception Will Increase

As 2025 unfolds, we expect to see the exponential growth of AI drive a surge in AI-generated cyberattacks, especially considering threat actors are already advancing the development of AI-powered hacking tools. As AI engines continue to develop, threat actors will become more sophisticated and capable of more complex attacks.

Moreover, the sophistication of the technology’s use in AI-based deception is likely to increase. As the quality of digitally produced visual representations constantly improves, businesses need to be more vigilant as deepfakes become harder to spot.

3. Quantum Computing to Speed Up Encryption Challenges

Quantum computing is likely to continue to be a significant and topical issue for 2025.  Although quantum computing attacks are not yet a viable threat, advances in quantum computing are likely to increase the speed at which current encryption methods reach obsolescence.

The National Institute of Standards and Technology released the first three post-quantum encryption standards in August 2024, and researchers are already developing post-quantum cryptography (PQC).

4. Ongoing Geopolitical Instability Will Drive the Evolution of Cyberthreats

Related:Cybersecurity Trends and Predictions 2025 From Industry Insiders: Part 2

2025’s geo-political landscape looks set to remain unstable and features a growing number of overt and covert conflicts. These conflicts have been training grounds for new cyber tools. Whether or not conflicts expand, cyber actors will likely share and direct these emerging tools against a widening array of targets.

Key Recommendations for IT Pros

  • If you’re interested in a more proactive approach to cybersecurity, a great place to start is with your insurance broker. Ask what cyber insurance companies offer in terms of cyber risk assessment and mitigation tools. These resources can help you strengthen cyber resilience and remain focused on proactive cybersecurity measures.

  • When it comes to the rise in AI-driven cyberattacks and deepfake deception, invest in advanced threat detection systems capable of identifying AI-driven attacks, and ensure that cybersecurity awareness training is prioritized across all levels of the organization. This will enable employees to recognize and mitigate risks effectively while keeping pace with rapidly evolving threats. To combat the potential for deepfakes, consider implementing passphrases known only to employees when authorizing funds transfers, for instance.

  • Quantum attacks may not yet be a tangible threat and PQC may not yet be available — never mind out of reach for most smaller businesses at the moment — but you can still look to strengthen data security by adding layers to your existing security practices.

  • In terms of the geopolitical landscape; know that most cyberattacks originate outside the USA/UK and can be associated with actors supported by nation-states. With this in mind, stay vigilant, be aware that businesses of any size and type can be a target, and invest in security solutions appropriate for sophisticated threats.

About the author:

Simon Hughes is SVP, Global Distribution & GM UK, at Cowbell.

About the Author

Industry Perspectives

Industry Perspectives

See more from Industry Perspectives
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

You May Also Like

Editor's Choice

jobs key on keyboard
Career Management
IT Jobs Outlook 2025: Evolving Skills, AI, Workplace Flexibility Will Shape IT Workforce
IT Jobs Outlook 2025: Evolving Skills, AI, Workplace Flexibility Will Shape IT Workforce

Nov 20, 2024

an it pro is disappointed as a poster for sustainability is switched with one for financial results and garbage piles up next to a recycling bin
Green IT
How Do I Advocate for Green IT Without Being Dismissed as a Lorax?
How Do I Advocate for Green IT Without Being Dismissed as a Lorax?

Nov 27, 2024

person using a laptop with the Ubuntu logo on its scree
IT Operations
3 Simple Ways to Install and Run a Virtual Machine on Ubuntu
3 Simple Ways to Install and Run a Virtual Machine on Ubuntu

Nov 22, 2024

Exclusive ITPro Resources
See all ITPro Resources

Featured Technical Explainers

AI chip
Cloud Computing
Cloud vs. On-Prem AI Accelerators: Choosing the Best Fit for Your AI Workloads
Cloud vs. On-Prem AI Accelerators: Choosing the Best Fit for Your AI Workloads
SaaS concept on a tablet
Cloud Computing
Why SaaS Backup Matters: Protecting Data Beyond Vendor Guarantees
Why SaaS Backup Matters: Protecting Data Beyond Vendor Guarantees
DevOps logo on top of code
DevOps
DevOps: Key to Faster, More Efficient Government Software Development
DevOps: Key to Faster, More Efficient Government Software Development
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

Recent What Is

cartoon shows a person next to a checklist and several icons that represent disaster scenarios
Disaster Recovery
BCDR Basics: A Quick Reference Guide for Business Continuity & Disaster RecoveryBCDR Basics: A Quick Reference Guide for IT Pros
technology interface with a person's hand drawing gears and cogs
PowerShell
Introduction To PowerShell Environment VariablesIntroduction To PowerShell Environment Variables