No items found.

2025 Cyber Security Predictions

2024 in Review and Looking Ahead to 2025

Overview

As we close the doors on 2024, it’s an opportune time to evaluate what happened in the cyber security landscape throughout the year and predict what could lie ahead for the industry in 2025.

It’s safe to say 2024 has been a busy year for both defenders and attackers.

  • Ransomware remains the most damaging threat for organisations, public and private, with severe consequences in the healthcare sector.
  • Nation-states have ramped up cyber espionage campaigns, targeting critical infrastructure and seeking zero-day vulnerabilities.
  • Western security agencies are increasingly concerned about the potential impact of such attacks, particularly in the context of Russian hybrid warfare.
  • Generative AI and deep fakes are supporting increasingly compelling social engineering.
  • Supply chain attacks have made global headlines, revealing challenges in managing systemic risks from digital infrastructure.
  • Geopolitical tensions and polarisation are fuelling cyber attacks, misinformation, and manipulation to destabilise states.

National cyber security demands national responses. In the UK, the NCSC has expanded its active defence capabilities and, with the NCA, disrupted Russian-speaking ransomware groups. Regulators across all sectors are taking action to improve cyber security standards and focus on supply chain resilience.

2025 Predictions

Cyber threats will be driven by aggressive geopolitics

The war in Ukraine has passed its 1000th day, with Russia intensifying cyber operations against supporting countries and ignoring organised cybercrime within its borders. We can expect more aggressive cyber attacks on Western infrastructure and attempts to exploit European political divisions. Sabotage operations in Europe may rise, with concerns over submarine cables and digital infrastructure.

The Israel–Iran conflict is unlikely to reduce their cyber capabilities, even if they focus on each other. China’s cyber espionage is expanding through attack infrastructure, zero-day research, technology data collection, and targeting of critical national infrastructure. Western nations are likely to attribute more offensive cyber operations to China, as seen with Volt Typhoon and Salt Typhoon. A hardening US stance on China will reignite debates on reliance on Chinese technology in the US and Europe.

AI will be used by adversaries and defenders in equal measure

Generative AI will remain a central tech debate in 2025, with ethical concerns in law enforcement, opinion manipulation, and safety-critical systems. National AI regulation will diverge as countries seek competitive advantage. Rapid AI adoption will cause privacy and security incidents due to lack of guardrails. Criminal groups will scale social engineering, identify vulnerable organisations, and evade malware detection using AI.

AI will handle reconnaissance and initial exploitation autonomously, enabling faster and larger-scale attacks. Defenders will use AI for more advanced detection, response, and prediction, though caution remains over automated responses. Nations will invest in national intelligence fusion systems and work with tech providers for automated takedowns. Legal frameworks will lag behind the need for rapid action, while criminals seek safe-haven nations.

Supply chain attacks will demonstrate the dangers of ubiquitous software

The CrowdStrike incident in 2024 exposed digital supply chain complexity and the risks of rapid updates. More supply chain incidents, both accidental and malicious, are expected in 2025, with unforeseen societal consequences. Governments are mapping supply chain dependencies, finding critical infrastructure reliance on unregulated digital providers.

Regulatory focus in 2025 will include the EU Digital Operational Resilience Act (DORA), the Network and Information Systems (NIS) 2 directive, the Bank of England’s critical third-party regime, and UK regulation on managed service providers. While EU and UK alignment is likely, US regulation will be more complex. Competition regulators may push for open systems, while cyber regulators aim for improved security and liability for failures. Improving supply chain security will be a priority for public and private sectors.

Disinformation and deep fakes will spur financial fraud and political unrest

Deep fakes have reached a point where citizens cannot reliably distinguish reality from AI-generated content. The debate over social media responsibility will continue, with UK and EU regulation attempts and calls for AI content labelling. High-profile deep fake cases will feature in social engineering, business email compromise, and fraud. Regulators will place more responsibility on banks to protect customers from fraud.

States will use information manipulation to divide and polarise democratic societies, making it part of modern power projection. Cyber security is now as much about people as it is about systems.

2025 will be the busiest year on record for regulated firms

The Digital Operational Resilience Act enters into force on 17 January 2025. Transposition and implementation of the EU NIS2 directive will progress, while critical infrastructure providers reassess resilience as regulations solidify. The EU Cyber Resilience Regulation, effective 23 October 2024, sets implementation timelines for product security. The first set of EU AI regulations will start in February 2025, banning unacceptable-risk AI systems.

The UK Cyber Security and Resilience Bill will be tabled amid rising concerns over state cyber attack. The UK Digital Information and Smart Data Bill will modernise and strengthen the Information Commissioner’s Office. In the United States, federal regulation will be less predictable under the Trump administration, while states like New York and California continue to advance their own regimes.

Global regulation will intensify as nations fortify critical infrastructure and assert cyber sovereignty. Multinational companies will face the challenge of harmonising cyber policies across the EU, US, Asia, and the Far East, while balancing genuine risk management with compliance obligations.

2024 in Review and Looking Ahead to 2025

Overview

As we close the doors on 2024, it’s an opportune time to evaluate what happened in the cyber security landscape throughout the year and predict what could lie ahead for the industry in 2025.

It’s safe to say 2024 has been a busy year for both defenders and attackers.

  • Ransomware remains the most damaging threat for organisations, public and private, with severe consequences in the healthcare sector.
  • Nation-states have ramped up cyber espionage campaigns, targeting critical infrastructure and seeking zero-day vulnerabilities.
  • Western security agencies are increasingly concerned about the potential impact of such attacks, particularly in the context of Russian hybrid warfare.
  • Generative AI and deep fakes are supporting increasingly compelling social engineering.
  • Supply chain attacks have made global headlines, revealing challenges in managing systemic risks from digital infrastructure.
  • Geopolitical tensions and polarisation are fuelling cyber attacks, misinformation, and manipulation to destabilise states.

National cyber security demands national responses. In the UK, the NCSC has expanded its active defence capabilities and, with the NCA, disrupted Russian-speaking ransomware groups. Regulators across all sectors are taking action to improve cyber security standards and focus on supply chain resilience.

Download our Insights Piece

Related Articles

READ ALL THOUGHT Insights

Want to speak to us?

If you would like to discuss a cyber or resilience problem with a member of the team, then please get in touch however you feel most comfortable. We would love to help you and your business prepare to bounce back stronger.

Get in touch

Consent

This website uses cookies

We use cookies to personalise content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services. Learn more

Allow All

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

Always active

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.

Analytics cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.