12/17/2024 | Press release | Distributed by Public on 12/17/2024 09:39
As 2024 comes to a close, we went around the room and asked some of Trustwave's top executives what cybersecurity issues and technology they saw playing a prominent role in 2025. Here is the latest installment.
As we look ahead to 2025, the landscape of cyber threats continues to evolve, presenting new challenges for cybersecurity professionals.
My thoughts on this topic for the coming year highlight the rise of AI-powered cyberattacks, the increased targeting of critical infrastructure, the surge in regulatory demands, and the proliferation of supply chain attacks.
By understanding these emerging threats, organizations can better prepare and fortify their defenses against the sophisticated tactics that cybercriminals are expected to employ.
Threat actors will leverage AI technologies to automate and enhance the precision of focused cyber-attacks. As recently seen, AI can identify vulnerabilities, tailor attack strategies to circumvent defenses, and generate convincing social engineering schemes at scale. AI can automate the creation of social engineering attacks through customized phishing emails or voice messages.
Furthermore, AI-generated deepfakes are now creating trust-based vulnerabilities. The impacts of this are an increased frequency and sophistication of phishing, identity fraud, and network compromise attacks, an accelerated pace of zero-day exploitation, and damage to brand reputation and loss of customer trust from impersonation attacks.
Geopolitical tensions, particularly involving regions like Eastern Europe and the Asia-Pacific, will likely lead to increased state-sponsored cyberattacks on critical infrastructure. Sectors like energy, water supply, healthcare, and transportation will be especially vulnerable, as disruptions in these areas can have widespread impacts.
Threat actors may use ransomware to disrupt essential services in sectors like energy, healthcare, or water supply, pressuring governments and organizations into paying ransoms. In addition, with the convergence and integration of information technology (IT) and operations technology (OT), industrial control systems (ICS) will be more susceptible to attacks through business email compromise (BEC), leading to physical disruptions and potential for widespread service outages, public safety risks, and severe economic impacts.
In response to the success of cyberattacks resulting in data breaches, the advancement in the effectiveness of AI-based attacks, and the increase in ransomware and its damage, government entities are stepping up their efforts in establishing requirements, compliance adherence, and fines. Governments are pushing new data protection laws, such as AI-specific guidelines, and refining cybersecurity frameworks (e.g., the NIST, CMMC, and GDPR standards).
Non-compliance risks are set to grow, not only due to penalties but also through supply chain pressures as business partners demand compliance assurances. Failing to adhere to evolving standards like CMMC, GDPR, or AI-specific regulations can result in fines, business restrictions, and damaged partnerships. As global data protection laws grow, companies may risk fines and bans for storing or transferring data improperly.
With the success of attacks like SolarWinds and the legacy trust of third parties in certain areas, attackers are expanding their focus to vendors and service providers as indirect routes to high-value targets, especially those holding sensitive data or operating in critical sectors. This situation is further exacerbated as the supply chain grows more interconnected and reliant on cloud infrastructure.
Cybercriminals are exploiting vulnerabilities across partner networks, impacting sectors like finance, healthcare, and government. Attackers are inserting malicious code into legitimate software updates through compromised vendor systems, compounded by the fact there is an increased reliance on service providers and weak vendor risk management programs that heighten the risk that a compromise could impact multiple clients. Because of this, and as seen, there is the potential for cascading effects, where a breach in one vendor affects multiple organizations.
Shortages in skilled cybersecurity professionals continue to outpace supply, which is exacerbated by the rising complexity of cyber threats and burnout of current cyber staff. Additionally, the need for AI specialists, ethical hackers, and cloud security experts will be paramount, leading to recruitment and retention challenges across the industry.
Companies and agencies will increasingly turn to cybersecurity automation, which also lags in capabilities and expertise, and managed security services to fill the gap. As threats evolve, organizations may struggle to keep up with skill demands, especially for roles involving AI, cloud security, and threat intelligence. As a result, there is an increased exposure to cyber threats due to inadequate monitoring, response times, and expertise.
And don't forget to check out our other predictions:
Sign up to receive the latest security news and trends straight to your inbox from Trustwave.
Stay Informed:
Sign up to receive the latest security news and trends straight to your inbox from Trustwave.
Kevin Kerr is Lead Security Principal Consultant at Trustwave for the Americas with over 39 years of public and private sector leadership experience with the U.S. Department of Energy and as CISO of Oak Ridge National Laboratory. Follow Kevin on LinkedIn.
Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.