Huntsman Security today announced its cyber security predictions for 2025, including industry change driven by new regulations, the evolving relationship between AI and cyber security, and new approaches that will make organisations more resilient.
Also Read: Fortinet Expands Global Presence with New Company-Owned Innovation Hub in Atlanta
“Using new cyber security methodologies will make risk mitigation routine, because businesses must assume it’s a case of when they are breached, not if. Putting in place the right processes and defences now could help reduce the chances of organisational chaos taking hold if an attack succeeds.”
Regulatory change will focus attention on compliance
With new regulations coming into force, including NIS2 at the end of 2024 and the Digital Operational Resilience Act in January, compliance will be a key focus for 2025. New rules around critical infrastructure, personal privacy rights, and data protection will create tension between many existing corporate business models and legislative compliance. Several matters before international Courts for non-compliance with current cyber security regulations will help establish the regulatory guardrails for in 2025.
AI will challenge cyber security
Cyber criminals are already using AI to enhance phishing emails, find vulnerabilities and exploit code, while defenders adopt AI techniques to better detect and understand threats. At the same time, easy access to AI in business could open new threats. To avoid this, the AI sector must become more disciplined in 2025, with the provenance of the data and AI “assistance” becoming important considerations to add transparency around how AI is assisting specific cyber security activities.
Secure-by-Design
Secure-by-Design will bring big changes in 2025. Software design and development activities, alongside manufacturing facilities and the processes within them; some are already being hardened and made more resilient. As such, Software Development Life Cycle (SDLC) frameworks will need to adapt, to accommodate the oversight of quality processes as they shift from a “nice to have” to a requirement. Secure-by-Design uplift programs will be worth watching throughout the year.
The rise of Continuous Threat Exposure Management (CTEM)
In 2025, organisations will shift towards newer risk assessment models that measure cyber resilience against best-practice guidelines. Threat Exposure Management will see some organisations introduce automated processes to identify the vulnerabilities relating to their IT assets and systems, prioritise importance, and “mobilise” mitigation efforts to limit the risk of disruption from anticipated threats.
“2025 will remain challenging for both the cyber security industry and organisations trying to stay secure. New governments and regulations must continue to encourage synergy between security and enterprise resilience,” commented Peter Woollacott, CEO of Huntsman Security. “Using new cyber security methodologies will make risk mitigation routine, because businesses must assume it’s a case of when they are breached, not if. Putting in place the right processes and defences now could help reduce the chances of organisational chaos taking hold if an attack succeeds.”
[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]
