With the recent news from GCHQ that the UK is facing a “widening gap” in its ability to fight cyber threats, 2025 looks to be an increasingly tough year for cybersecurity experts. Today, cybersecurity solutions provider ramsac share their top trends for 2025 and what to expect from the world of cybersecurity over the next 12 months.
AI – a growing force
It’s no surprise that AI is a feature here. As the response quality and data sets grow and become more accurate and comprehensive, AI will continue to play a huge role in cyber attacks and response. AI tools can detect and react to suspicious behaviour with greater accuracy, but on the flip side, this accuracy will only lead to an increase in more believable phishing threats designed to steal the user’s money or identity.
Similarly, deepfakes either vocal or physical, or perhaps both, will increase. O2’s new AI granny is a positive use of AI to combat fraud, but this could easily be reversed and used by malicious actors to scam and defraud people.
Regulation on AI
With AI as a positive and negative force in cybersecurity, 2025 will also bring an increase in regulation across the globe. The EU’s AI Act comes into full force in 2027 but in 2025, a lot of the provisions become applicable:
- 1 Feb 2025: Chapters I (general provisions) & II (prohibited AI systems) will apply.
- 1 Aug 2025: Chapter III Section 4 (notifying authorities), Chapter V (general purpose AI models), Chapter VII (governance), Chapter XII (confidentiality and penalties), and Article 78 (confidentiality) will apply, except for Article 101 (fines for General Purpose AI providers).
Extortion and ransomware increase
With cryptocurrency providing an anonymised way for criminals to hide, extortion and ransomware attacks could be set for an increase in 2025. These attacks are tough to recover from for businesses and take time and careful negotiations to avoid serious impact.
As cryptocurrencies are seeing a resurgence in popularity and value, this has made the risk of carrying out a ransomware attack less than the potential reward, leading to more criminals carrying out this kind of malicious behaviour.
Time to exploit lowered
As computing power and AI increase, the time to find and exploit vulnerabilities will be greatly reduced. Cybercriminals will be able to test out a wider variety of weaknesses in networks and systems faster than ever before. To overcome this, regular patching will be essential as well as using up-to-date technology and more stringent software checks.
Resilient foundations
Businesses will start to build more resilient foundations, roll out multi-factor authentication and more rigorous security measures. Implementing multi-factor authentication (MFA) is crucial, with a particular emphasis on phishing-resistant methods. Advanced techniques, such as passkeys, which authenticate users by binding logins to legitimate site URLs, thereby rendering it extremely difficult for attackers to utilise fake login pages, will also likely see an increase in adoption. The use of phishing-resistant MFA has been gradual, however, and tools such as Windows Hello for Business, FIDO2 hardware keys, and the increasing utilisation of passkeys offer promising solutions for enhancing security.
Cyber attacks as a form of warfare
As global geopolitical tensions heighten, it’s likely that cyber attacks will be used as a form of warfare and retaliation. While this can’t be stopped, it’s important that cybersecurity monitoring and contingency plans are in place to mitigate the impacts of any attacks, especially within the supply chain of a business.
Increase in infostealer malware
With data becoming a business’s most valuable asset, infostealer malware will continue to increase and wreak havoc. In 2022, Google’s Mandiant recorded a 60% increase in infostealer advertisements, and the availability has only grown since then. With a lower cost barrier to entry, and little to no technical knowledge required, infostealer software, which is in the Malware as a Software (MaaS) category, holds nearly a quarter market share.
What can businesses do to mitigate the risks 2025 brings?
Businesses can’t stop cybercriminals from trying to attack businesses and individuals, but reducing the impact of their attacks is within their control.
Consider the following steps to help secure your business in 2025:
- Ensure you understand your ability to bounce back from a successful cybersecurity attack and ideally have your cyber resilience certified.
- Invest in training for all staff and board members. With the right training and skills, people are able to spot potential scams quicker and feel confident in reporting them.
- Use monitoring software. Breach monitoring software like secure+ works 24/7 and can react to prevent any attacks from spreading into your business by locking down accounts or access.
- Keep devices up to date. This includes both software and hardware. Windows 10 reaches end of life in 2025, so investment in new devices is a necessity to protect your business.