In the last year, we’ve seen threats become more elaborate and tactical as they leverage the latest technologies. In 2024, data breaches reached the second highest level on record, with 3,158 compromises on the year exposing the data of more than 1.3 billion people worldwide. This includes major breaches targeting the likes of AT&T exposing the information of more than 100 million people, and CrowdStrike leading to a global IT outage. With AI on the rise, we can only expect the severity and volume of these attacks to continue to increase.
From AI being used in cyberattacks to the continued rise of ransomware and the growth of third-party threats, security must always be top-of-mind. Organizations must keep up to date on what’s coming and how to protect themselves and their customers.
Here are the cybersecurity threats and trends we see being most prominent in 2025.
AI-Fueled Cyberattacks
User-friendly AI solutions have taken off in the past year as they help professionals get work done, fueling industry-wide adoption. This will only continue in the coming year as AI solutions become more advanced. But as enterprises look to be more productive and efficient through AI, they must also be wary of the security vulnerabilities and AI-powered cyber threats.
In 2025, we can fully expect the tenacity of AI-powered cyberattacks to evolve. Bad actors and cybercriminals will continue to use the technology to find vulnerabilities and launch more complex barrages of attacks. Furthermore, generative AI (GenAI) solutions that professionals use may reveal sensitive information, leaving company and customer data up for grabs.
With these AI threats in mind, enterprises must have an AI policy in place, if they don’t already. Many organizations are adopting this practice to make sure their employees understand how to use AI solutions without compromising their organization and its data. Employees must also be aware of phishing and social engineering tactics, which will be more convincing than ever. Cybercriminals will develop AI-powered tactics for more sophisticated attacks, so it is critical to educate employees on what to look out for.
While AI will make cyberattacks far more advanced in 2025, we can expect cybersecurity solutions and services to do the same. Cybersecurity vendors will continue to develop countermeasures to get out ahead of the advancements of threats, so it’s important for enterprises to adopt the latest security solutions that make sense for them.
RaaS on the Rise
Ransomware-as-a-service (RaaS) should continue to be a concern for all security professionals. Cyberattacks will evolve and develop to be more threatening to all organizations, and ransomware is no different. It is becoming simpler for bad actors to leverage RaaS attacks, while ransomware threats themselves are more advanced and more threatening.
Protecting against these attacks will require companies to up their game in terms of security awareness, data backup and recovery, and vulnerability management. This includes regular autonomous penetration testing. Manually conducting these types of tests will be insufficient, since many attacks will be conducted autonomously. Ransomware attacks can be crippling, not only to a company’s operations and bottom line, but their overall brand reputation, making it imperative for enterprises to protect against these attacks.
We can expect to see an increase in zero-day exploits which require more comprehensive coverage of the expanding attack surface. To remedy this, organizations must proactively assess their security posture and implement multiple preventative controls like multi-factor authentication (MFA) and strict access controls. While many business applications today come with MFA features built-in, it’s important to ensure security standards are met across an organization and all data access points are covered.
Preventing Thirty-Party Risk
We saw a slew of breaches in 2024 impacting both well-known and lesser-known brands, which is why staying ahead of third-party risks will be an even greater priority for enterprises in 2025. Failing to protect against these attacks leaves an organization open to catastrophe – including outages, delays, scheduling issues, and overall operational deficiencies. These attacks can have lasting effects, including inaccurate organizational records and data, financial impacts, decline in brand loyalty, and operational issues. While the ramifications of third-party breaches can vary in severity, enterprises should take every precaution to prevent them. This includes monitoring third-party vendor leaks to protect sensitive data.
The security of third-party vendors has a massive impact on the security of their partnering organizations. As the old adage goes, “You’re only as strong as your weakest link.” In this case, an enterprise’s security standard is only as strong as the companies their data is tied to. Because of this, organizations need to have security in mind prior to embarking on a partnership with other companies.
Outsourcing tasks and processes are incredibly beneficial from a productivity and financial standpoint, but it can create more endpoints for bad actors to target. For example, hiring a financial firm to oversee company earnings allows experts to do a job correctly and in a timely fashion, but it also opens the door to sensitive information being exposed through other entree points. Third-party relationships lead to new technology integrations and data transmissions, thereby creating digital connections and new security endpoints, which could lead to vulnerabilities. If an organization’s partner company, accounting firm, or software vendor is the victim of a data breach, so is that organization.
It’s not just a wise decision to watch out for third-party vulnerabilities – it’s also mandated by recent regulations such as the EU’s DORA. Enterprises should conduct audits before onboarding a new vendor or partner and identify and address all vulnerabilities. This way, IT professionals can have peace of mind knowing integrations are safe, secure, and compliant. As modern technologies such as AI continue to advance, so do the cyber threats they can power. Companies of all sizes and industries must stay up to date on the latest cybersecurity trends while educating employees on best practices to protect against the latest threats. To overcome these challenges, organizations should work with a trusted cybersecurity partner to help stay ahead of cyber criminals, stay compliant, and protect their data.
Michael Gray has been a strong technology leader at Thrive over the past decade, contributing to consulting, network engineering, and managed services and product development groups while continually being promoted up the ladder. Michael has a degree in Business Administration from Northeastern University, and he also maintains multiple technical certifications, including Fortinet, Sonicwall, Microsoft, ITIL, and Kaseya, and maintains his Certified Information Systems Security Professional (CISSP).
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.