As the year draws to a close, we have gathered predictions from an array of cybersecurity experts who have given insights into trends they see in 2025.
Shift to Cloud-Based Risk Management
Cloud adoption doesn’t show any signs of slowing down in 2025. CISOs and security leaders will be hyper-focused on reducing cloud threat exposure. After all, no CISO wants to be in the spotlight of a high-profile data breach.
As a result, more companies will shift to cloud-based risk management. This change will largely be driven by:
- Geopolitical tension and threats to critical infrastructure
- Sophisticated AI-driven attacks
- Governments adopting stricter regulations
- Economic pressures forcing companies to optimize cloud spend and security budgets
- Consolidation of cloud providers
This will lead to stricter cloud security standards and compliance requirements for all industries — a trend private enterprises will be ready to capitalize on through compliance-friendly solutions.
More importantly, this trend will highlight the need for more diversified risk management strategies.
In 2025 some verticals will be highly relevant for new microsegmenation projects that enable least-privilege zero trust security policies.
Manufacturing, industrial, and healthcare organizations are prime candidates for microsegmentation projects due to their complex, interconnected environments and high-value assets. These sectors often have a mix of legacy systems, IoT and IoMT devices, and critical infrastructure that require granular access control. Microsegmentation enables the implementation of least-privilege zero trust policies, effectively isolating critical assets and limiting lateral movement in case of a breach. For manufacturing and industrial environments, it helps protect operational technology (OT) systems from IT-based threats. In healthcare, microsegmentation safeguards sensitive patient data and ensures compliance with strict regulatory requirements. The ability to maintain service continuity during cyber incidents is crucial for these sectors, making microsegmentation an essential security strategy.
In 2025 the top cybersecurity frameworks and security regulations and government agencies will increase their pressure for organizations to adopt microsegmentation.
Several prominent cybersecurity frameworks, regulations, and government agencies recommend microsegmentation or network segmentation as critical security measures. These include the NIST Cybersecurity Framework, ISO 27001, HIPAA, PCI DSS, CMMC 2.0, IEC 62443, HHS 405(d), and the EU’s GDPR. The NSA and CISA in the United States strongly advocate for these practices, particularly in the context of zero-trust architecture. The Purdue Model, while not a regulation, is widely used in industrial control systems for segmentation. Additionally, the Federal Zero Trust Strategy mandates network segmentation for U.S. government agencies. These frameworks and agencies recognize the importance of segmentation in limiting lateral movement during cyberattacks and enhancing overall network security posture.
Ransomware
Opportunistic ransomware and data exfiltration attacks will continue at a high tempo into 2025 as ransomware affiliates, displaced in 2024 from disrupted ransomware operations such as LockBit and ALPHV/BlackCat, continue to form new allegiances with new entrants, previously lower profile groups, or rebranded returnees. Many affiliates will continue to work with multiple groups, some continuing to experiment with operating on their own behalf using leaked ransomware builders. Being able to detect and disrupt attacks at an early stage before data can be stolen or encrypted will remain essential for organizations in all sectors.
China
China will continue to focus on its political, military and economic priorities when collecting intelligence via cyber (or any other) means. The targeting will therefore change little but can always be swayed by political developments around the world.
In terms of more tactical elements: Chinese state sponsored threats will develop zero-day exploits for network perimeter devices that are deemed to be vulnerable targets (there are several firewall and VPN devices/vendors that fall into this category). Chinese state sponsored threats will be driven toward further emphasizing stealth in its operations by the continuing strategy of the U.S. to employ sanctions and indict specific named individuals connected with cyber intrusions.
China will continue to seek to understand as much as it can about Western (particularly U.S.) technology used on the battlefield in Ukraine to prepare countermeasures for a possible future invasion of Taiwan. Its cyberespionage operations will likely be similarly geared to such preparations.
More predictions from Secureworks can be found here.
Like this:
Like Loading...
Related
This entry was posted on December 19, 2024 at 10:10 am and is filed under Commentary. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
2025 Predictions From Some Leading Cybersecurity Experts
As the year draws to a close, we have gathered predictions from an array of cybersecurity experts who have given insights into trends they see in 2025.
Marina Segal, CEO, Tamnoon
Shift to Cloud-Based Risk Management
Cloud adoption doesn’t show any signs of slowing down in 2025. CISOs and security leaders will be hyper-focused on reducing cloud threat exposure. After all, no CISO wants to be in the spotlight of a high-profile data breach.
As a result, more companies will shift to cloud-based risk management. This change will largely be driven by:
This will lead to stricter cloud security standards and compliance requirements for all industries — a trend private enterprises will be ready to capitalize on through compliance-friendly solutions.
More importantly, this trend will highlight the need for more diversified risk management strategies.
Piotr Kupisiewicz, CTO Elisity
In 2025 some verticals will be highly relevant for new microsegmenation projects that enable least-privilege zero trust security policies.
Manufacturing, industrial, and healthcare organizations are prime candidates for microsegmentation projects due to their complex, interconnected environments and high-value assets. These sectors often have a mix of legacy systems, IoT and IoMT devices, and critical infrastructure that require granular access control. Microsegmentation enables the implementation of least-privilege zero trust policies, effectively isolating critical assets and limiting lateral movement in case of a breach. For manufacturing and industrial environments, it helps protect operational technology (OT) systems from IT-based threats. In healthcare, microsegmentation safeguards sensitive patient data and ensures compliance with strict regulatory requirements. The ability to maintain service continuity during cyber incidents is crucial for these sectors, making microsegmentation an essential security strategy.
In 2025 the top cybersecurity frameworks and security regulations and government agencies will increase their pressure for organizations to adopt microsegmentation.
Several prominent cybersecurity frameworks, regulations, and government agencies recommend microsegmentation or network segmentation as critical security measures. These include the NIST Cybersecurity Framework, ISO 27001, HIPAA, PCI DSS, CMMC 2.0, IEC 62443, HHS 405(d), and the EU’s GDPR. The NSA and CISA in the United States strongly advocate for these practices, particularly in the context of zero-trust architecture. The Purdue Model, while not a regulation, is widely used in industrial control systems for segmentation. Additionally, the Federal Zero Trust Strategy mandates network segmentation for U.S. government agencies. These frameworks and agencies recognize the importance of segmentation in limiting lateral movement during cyberattacks and enhancing overall network security posture.
SecureWorks
Ransomware
Opportunistic ransomware and data exfiltration attacks will continue at a high tempo into 2025 as ransomware affiliates, displaced in 2024 from disrupted ransomware operations such as LockBit and ALPHV/BlackCat, continue to form new allegiances with new entrants, previously lower profile groups, or rebranded returnees. Many affiliates will continue to work with multiple groups, some continuing to experiment with operating on their own behalf using leaked ransomware builders. Being able to detect and disrupt attacks at an early stage before data can be stolen or encrypted will remain essential for organizations in all sectors.
China
China will continue to focus on its political, military and economic priorities when collecting intelligence via cyber (or any other) means. The targeting will therefore change little but can always be swayed by political developments around the world.
In terms of more tactical elements: Chinese state sponsored threats will develop zero-day exploits for network perimeter devices that are deemed to be vulnerable targets (there are several firewall and VPN devices/vendors that fall into this category). Chinese state sponsored threats will be driven toward further emphasizing stealth in its operations by the continuing strategy of the U.S. to employ sanctions and indict specific named individuals connected with cyber intrusions.
China will continue to seek to understand as much as it can about Western (particularly U.S.) technology used on the battlefield in Ukraine to prepare countermeasures for a possible future invasion of Taiwan. Its cyberespionage operations will likely be similarly geared to such preparations.
More predictions from Secureworks can be found here.
Share this:
Like this:
Related
This entry was posted on December 19, 2024 at 10:10 am and is filed under Commentary. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.