In 2025, organisations looking to succeed will have no choice but to become more proactive, resilient, and innovative to stay ahead of the evolving threat landscape.
While they may have long grappled with the complexities of regulatory compliance, a new era of compliance-driven innovation is being ushered in. Outdated infrastructures and security inertia will give way to modernisation as leaders begin to recognise the critical need to adapt. Alongside this transition, technologies like AI will reshape the cybersecurity battlefield, empowering both attackers and defenders.
However, within this period of overwhelming transformation lies an opportunity – the chance for visionary organisations to leverage connectivity sovereignty, micro-segmentation, and ubiquitous security services to gain a competitive edge. Those who welcome this period of discomfort, rather than surrender to its disruption, will be cemented as the leaders of tomorrow.
1. OT security will become a higher priority (Tony Fergusson, Sebastian Kemi):
In recent years, operational technology (OT) security has become a growing concern as a result of the integration of IT and OT infrastructures. With OT becoming increasingly cloud connected, the type of threats organisations face with IT have started to spread into OT environments too. Threat actors will shift their focus to more vulnerable targets and the lack of security on many OT devices makes them easy targets for attackers, especially since the OT lifecycle is much longer and patching is much more difficult. This dramatically increases the number of attack vectors against organisations.
Driven by the urge to limit the external attack vectors, organisations will increasingly seek efficient methods to overcome the challenges of converging IT and OT networks.
2. Zero Trust micro-segmentation will become standard practice across industries (Yaroslav Rosomakho)
As malware actors have increased the speed at which they can penetrate organisational systems, most enterprises can no longer out-patch the attackers. They physically cannot update their sophisticated systems as quickly as new vulnerabilities appear, or as Zero Day vulnerabilities are created. To reduce the blast radius of a successful attack, microsegmentation can limit the damage as it is a means to contain the attack.
2025 will be the year of security segmentation and ultimately, micro-segmentation will become standard practice across industries. Segmentation helps to contain breaches, preventing them from spreading like wildfire, enhancing overall resilience. This is driven by the increasing pressure on corporations to deliver results in OT security.
3. Nation-state and ransomware attacks will intensify their focus on the OT side; and data centres will fight back (Tony Fergusson, Martyn Ditchburn):
In 2025, we can expect the dual threat of nation-state actors and ransomware groups to intensify their focus on national critical infrastructures and manufacturing facilities, as well as emerging technologies like cloud-native applications and AI systems. Meanwhile, the reclassification of data centres as critical infrastructure in the UK will spark a trend in other countries.
As the remote and hybrid working trend continues, with zero infrastructure relying on services, there will be a mentality shift which acknowledges that downtime through outages translates into a shortfall of productivity. The complex supply chains will worry organisations and raise security concerns, which will lead to greater awareness and an urge for frictionless access of third parties. Bolstering the anticipation of and recovery from major incidents will help to secure the digital economy.
4. Compliance-driven complexity makes way for compliance-driven innovation (Christoph Schuhwerk, James Tucker):
As directives and regulations like NIS2 and DORA take effect, 2025 will see a surge in compliance-driven innovation, in response to the growing complexity of IT infrastructures. We expect organisations to develop more robust compliance programmes driven by investments in legal expertise and technology solutions.
Compliance driven discussions will also be propelled by a growing need to simplify data protection laws across countries, addressing the duality of regulations that promote data sharing while restricting data flow across borders. Calls for a “digital Schengen” might become louder in 2025, to facilitate the flow of data in the wake of data sovereignty movements.
Based on mobile user business habits, it is critical that organisations are not limited by local data regulations when crossing borders. Equally, customers should not be beholden to different data protection laws when moving from country to country. The need for an aggregation of regulations will facilitate compliance driven innovations.
5. Connectivity sovereignty will reshape global IT architectures (Martyn Ditchburn, James Tucker): alternatively: 2025 will become the year of the data (sovereignty?)
Building on the 2024 data sovereignty trend, in 2025 we expect connectivity sovereignty – the idea that governing states should be able to control internet access and data flow within their borders – to become a major factor in global IT strategies. As firewalls on a national level between countries are becoming more prevalent, and therefore having an effect on business outcomes, organisations will adopt distributed cloud architectures and edge computing solutions to maintain both data and network control within national boundaries.
This trend of restricted access will see data lakes shrink to become data puddles. The need to integrate disconnected data sets across organisational and geographic boundaries will not diminish, even as this data localization occurs. as If local data is no longer allowed to leave a country, it will need to be organised into smaller datasets stored in different locations. From a security standpoint, this segmentation of data could provide benefits, as machine learning models may lose access to comprehensive data sets that could be valuable targets.
6. AI will keep organisations in the race against cybercrime (Yaroslav Rosomakho, James Tucker, Marc Lueck):
AI will become more common in our everyday lives and we will start relying on it for more than just specialised applications. When it comes to cyber security, advanced AI-powered attacks will likely increase and adapt quickly to bypass traditional security defences.
This trend will drive accelerated research and development of “AI vs AI” security solutions. Defensive AI systems will automatically detect and counter AI powered threats like deepfakes. We will see defenders enhance their mechanisms to automatically identify intruders in IT systems, using AI-powered deception techniques. At the same time, organisations will bolster their defences with advanced threat detection methods to keep pace with the rise of AI-based malware.
7. Economic pressures will drive cybersecurity consolidation and optimisation (Sebastian Kemi)
The days of cybersecurity having a “blank cheque” with regards to investment budgets are over. In response to ongoing economic challenges, more organisations will have to forcibly optimise their security investments in the face of budget cuts. The harmonisation and consolidation of security tools, adopting integrated security platforms, and leveraging cloud-based solutions for scalability and flexibility will set a trend to reduce the complexity of traditional security infrastructures.
This change to highly automated and consolidated platforms will at the same time provide the answer to other pressing challenges like the security skills gap – as a security service model will offload the maintenance burden for hardware.
8. Cybersecurity inertia will face its moment of truth (Tony Fergusson, Martyn Ditchburn):
Inertia within large organisations has hindered the adoption of new technologies and security measures for too long. The inability or unwillingness to move forward becomes increasingly untenable for many organisations in the wake of increasing AI-driven cyber risks. It’s inevitable that there will be more high-profile breaches resulting from outdated security practices. These attacks will inspire a wave of security modernisation projects where organisations move away from their legacy infrastructure towards reduced complexity driven by cloud-based platform solutions.
Visionary leaders have an opportunity to drive transformation to build for the future, by communicating the benefits of new technologies, providing training and support, and creating an environment that encourages innovation and continuous improvement. During such exercises, security resilience will come into focus as well, with containment and response strategies implemented in response to successful cyber attacks. The leaders and organisations that emerge as winners in 2025, will be those that successfully break out free from their state of inertia, to become more proactive, resilient and innovative businesses.
9. Geopolitics and cybersecurity will become increasingly inseparable as National Critical Infrastructure (NCI) will be one of the biggest focuses for attackers (James Tucker/Nathan Howe):
Following a year of global elections and rising geopolitical tensions, we’re going to see both cybersecurity strategies and regulations increasingly changing to meet the demands of a shifting geopolitical landscape. Many cyber-attacks already aim to influence political outcomes, and maintaining business operations in regions affected by geopolitical tensions and sanctions will only become more challenging. Organisations must be agile, and capable of responding to changing political landscapes and regulatory requirements. This will include building environments that can be segmented or isolated in response to threats.
Despite the obvious efficiency and productivity benefits that come through the digitalisation of infrastructure, these changes also serve to make them a more valuable target for threat actors. Digital attacks will always precede physical attacks and as such critical infrastructure should be protected and not exposed. Enterprises must be aware that they have the responsibility, regardless of regulatory or directive incentives, to protect their business. In the forthcoming 12 months, there will be an intense focus on critical infrastructure, both from the defenders and attackers.
10. Ubiquitous security services will become the norm (Nathan Howe):
Enterprises want to know that they are protected, wherever they operate, but crucially they don’t want to be tasked with having to operate the solutions that deliver this. In 2025 we’re going to see governance continue to be handled internally, but the complexity of a ubiquitous protection across internal, external, and cellular networks, and the technical expertise required to manage the complexity will need to be delivered as a service. Platform-based models delivering Zero Trust services will hence rise in demand.