The cyberthreat landscape has shifted rapidly over the past several years, and this evolution will continue in 2025. AI has become more powerful and accessible; as a result cybercriminals are using the technology to launch sophisticated phishing attacks, conduct surveillance on potential targets, and manipulate victims with increasingly realistic deepfakes. While AI is also being used to detect cyberthreats, these innovations aren’t keeping up and the cost of data breaches and other attacks is rising at what seems like an inexorable pace.
CISOs and other security leaders must adopt an all-of-the-above approach to cybersecurity, which includes everything from zero-trust security architecture and AI-powered threat detection to organization-wide cybersecurity awareness training. While the arms race between offensive and defensive AI capabilities will be a major feature of the cyber threat landscape in 2025, a focus on awareness training will ensure that end users who are often the last line of defense against cyberattacks are equipped to protect the company.
The development of comprehensive cybersecurity programs that combine security awareness and technology like automation and AI will be a key focus in 2025. Companies must ensure that employee training complements their tech stack, which will enable coordinated threat responses and mitigation. When companies invest in technology and people, they will establish distributed cyber defenses that are capable of adapting to new challenges in 2025 and beyond. Here’s what security leaders should expect next year:
Prediction #1: AI will continue to drive the next generation of cyberattacks
As cyberattacks become increasingly sophisticated, security teams are struggling to keep up. According to the latest data from IBM, the average cost of a data breach has reached an all-time high of $4.88 million. A significant driver of the surging cost of cyberattacks is the rise of AI-powered social engineering, and this trend shows no sign of slowing. Google’s 2025 Cybersecurity Forecast anticipates that AI will be used to “develop and scale more convincing phishing, vishing, SMS, and other social engineering attacks.”
Cybercriminals are using large language models (LLMs) to launch more personalized and effective phishing attacks. It’s now possible for cybercriminals around the world to compose compelling and error-free phishing messages — regardless of which languages they speak or their level of technical proficiency. This means the barriers to entry for many cybercriminals have come crashing down. AI also enables cybercriminals to personalize their attacks based on stolen data and specific vulnerabilities.
The way in which everyone, from your mailroom to your boardroom, interacts with content online needs to change because knowing the difference between what’s malicious and what isn’t has never been more difficult. That will take real, sustained, human-focused work.
As cybercriminal capabilities become more advanced, companies must also defend growing attack surfaces. Industries like healthcare and financial services are in the middle of sweeping digital transformations, and they’re being hit particularly hard by cyberattacks. However, it has never been more important for companies across all industries to prioritize cybersecurity.
Prediction #2: Companies will be more disciplined with cybersecurity investments
Company leaders are under no illusions about the urgency of the threat posed by cyberattacks as we enter 2025. According to the latest Allianz Risk Barometer, cyber incidents comprise the top global business risk “for the first time by a clear margin.” This is why it’s no surprise that a 2024 survey of business and technology executives conducted by PwC found that 77 percent expect their cyber budgets to increase over the next year. While 78 percent of executives have increased their investments in generative AI over the past year, over two-thirds say the technology has expanded their attack surface.
There are many different cybersecurity investments companies can make, but some are more effective than others. For example, IBM reports that resources such as encryption and AI insights are among the top factors that reduce the average cost of a data breach, but the number one mitigating factor is employee training. This is no surprise, as the two most common initial attack vectors are phishing and compromised or stolen credentials — which are often obtained through social engineering.
In 2025, companies will need to invest in integrated approaches to cybersecurity that deploy the most effective technologies without ignoring the human element. The CISOs and security teams that find this balance will be in a strong position to navigate the shifting cyberthreat landscape.
Prediction #3: Cybersecurity awareness training will evolve
Cybercriminals are using AI to attack more than just secure networks and systems — they’re using it to exploit victims’ psychological vulnerabilities. Beyond the use of LLMs to create more effective phishing messages, cybercriminals are also deploying AI technology such as deepfakes to deceive and coerce victims. Deepfakes allow cybercriminals to launch advanced multistage cyberattacks — when victims call to confirm the authenticity of a fraudulent message, they may end up interacting with a deepfake instead of a person.
Cybersecurity awareness training must adapt to this new era. It is much more difficult to identify phishing messages in the absence of red flags like misspellings or sloppy writing. Many employees aren’t capable of identifying deepfakes. As phishing messages and other cyberattacks become more targeted on the basis of victims’ individual characteristics, training will have to be personalized around employees’ unique psychological vulnerabilities and learning styles. Employees must be aware of the latest cybercriminal tactics, and there should be clear policies around device usage, account security, and incident reporting.
Tools like automation can be used to reduce human error and AI can help companies detect and respond to cyberattacks, but well-trained employees will remain a critical element of any effective cybersecurity platform. This is why it’s vital for security teams to integrate their human and digital resources.
Ad