As the year draws to a close, we have gathered predictions from an array of cybersecurity experts who have given insights into trends they see in 2025.
Shift to Cloud-Based Risk Management
Cloud adoption doesn’t show any signs of slowing down in 2025. CISOs and security leaders will be hyper-focused on reducing cloud threat exposure. After all, no CISO wants to be in the spotlight of a high-profile data breach.
As a result, more companies will shift to cloud-based risk management. This change will largely be driven by:
- Geopolitical tension and threats to critical infrastructure
- Sophisticated AI-driven attacks
- Governments adopting stricter regulations
- Economic pressures forcing companies to optimize cloud spend and security budgets
- Consolidation of cloud providers
This will lead to stricter cloud security standards and compliance requirements for all industries — a trend private enterprises will be ready to capitalize on through compliance-friendly solutions.
More importantly, this trend will highlight the need for more diversified risk management strategies.
In 2025 some verticals will be highly relevant for new microsegmenation projects that enable least-privilege zero trust security policies.
Manufacturing, industrial, and healthcare organizations are prime candidates for microsegmentation projects due to their complex, interconnected environments and high-value assets. These sectors often have a mix of legacy systems, IoT and IoMT devices, and critical infrastructure that require granular access control. Microsegmentation enables the implementation of least-privilege zero trust policies, effectively isolating critical assets and limiting lateral movement in case of a breach. For manufacturing and industrial environments, it helps protect operational technology (OT) systems from IT-based threats. In healthcare, microsegmentation safeguards sensitive patient data and ensures compliance with strict regulatory requirements. The ability to maintain service continuity during cyber incidents is crucial for these sectors, making microsegmentation an essential security strategy.
In 2025 the top cybersecurity frameworks and security regulations and government agencies will increase their pressure for organizations to adopt microsegmentation.
Several prominent cybersecurity frameworks, regulations, and government agencies recommend microsegmentation or network segmentation as critical security measures. These include the NIST Cybersecurity Framework, ISO 27001, HIPAA, PCI DSS, CMMC 2.0, IEC 62443, HHS 405(d), and the EU’s GDPR. The NSA and CISA in the United States strongly advocate for these practices, particularly in the context of zero-trust architecture. The Purdue Model, while not a regulation, is widely used in industrial control systems for segmentation. Additionally, the Federal Zero Trust Strategy mandates network segmentation for U.S. government agencies. These frameworks and agencies recognize the importance of segmentation in limiting lateral movement during cyberattacks and enhancing overall network security posture.
Ransomware
Opportunistic ransomware and data exfiltration attacks will continue at a high tempo into 2025 as ransomware affiliates, displaced in 2024 from disrupted ransomware operations such as LockBit and ALPHV/BlackCat, continue to form new allegiances with new entrants, previously lower profile groups, or rebranded returnees. Many affiliates will continue to work with multiple groups, some continuing to experiment with operating on their own behalf using leaked ransomware builders. Being able to detect and disrupt attacks at an early stage before data can be stolen or encrypted will remain essential for organizations in all sectors.
China
China will continue to focus on its political, military and economic priorities when collecting intelligence via cyber (or any other) means. The targeting will therefore change little but can always be swayed by political developments around the world.
In terms of more tactical elements: Chinese state sponsored threats will develop zero-day exploits for network perimeter devices that are deemed to be vulnerable targets (there are several firewall and VPN devices/vendors that fall into this category). Chinese state sponsored threats will be driven toward further emphasizing stealth in its operations by the continuing strategy of the U.S. to employ sanctions and indict specific named individuals connected with cyber intrusions.
China will continue to seek to understand as much as it can about Western (particularly U.S.) technology used on the battlefield in Ukraine to prepare countermeasures for a possible future invasion of Taiwan. Its cyberespionage operations will likely be similarly geared to such preparations.
More predictions from Secureworks can be found here.
The AbilityTo Back Up A Mac Running Sequoia Has Gotten Worse And Not Better
Posted in Commentary with tags Apple on December 22, 2024 by itnerdAs I type this, we are up to macOS Sequoia 15.2 which was just released to the public. And I have to say that when it comes to backing up your Mac, things are worse than when Sequoia was first released.
Let’s start with the inability to back up using Time Machine. When I wrote this, Time Machine Backups to be frank were inconsistent. And as I type this, I can say that what 15.2 has marginally improved backups via Time Machine. By that I mean that I only see the message that it has failed to back up less often. But I still see it. Now there is the possibility that a fix that I recommended in my original article to disable Time Machine throttling is also responsible for that improvement. But I am not 100% sure about that as I have another Mac that does not have Time Machine throttling disabled, and it has seen the same marginal improvement. That kind of implies that Apple might have done something to make things better. If they did, they in typical Apple fashion aren’t saying anything. I continue to monitor the situation and I will post any updates that may be of value to you here.
By the way, while I have your attention, some of you emailed me about that the fact that the ability to disable throttling of Time Machine only lasts until the next reboot is a bit of a problem. That’s fair and I perhaps should have pointed that out in my original post. But I do have a fix for that. This guy has a method of having this setting remain persistent after a reboot. I’ve done this and it does work without an issue. So you can give that a shot.
So, now you’re wondering why I am saying that if things have had a marginal improvement, why am I also saying that things are getting worse? Well, if you use a third party backup tool, macOS Sequoia seems to have broken two of the most popular ones. SuperDuper is one of those apps, and 15.2 broke the ability to create bootable backups, according to the app’s chief developer Dave Nanian. There are also reports of CarbonCopyCloner having worse issue. With them it’s not just bootable backups, but non-bootable backups as well was also affected were also failing according to this post. Also in the post was the assertion that 15.2 will wipe out Time Machine backups. Now I haven’t seen that, but that doesn’t mean that the problem doesn’t exist. But if that is accurate, this absolutely qualifies as things getting worse.
You have to wonder at what point Apple will get serious about addressing these issues so that things are better and not worse. Right now Apple hasn’t commented of this at all. And the silence suggests that they don’t want to admit to a problem until they come up with a fix, which is typical Apple behaviour. But given that they have effectively impaired at best, broken at worst their customers ability to properly protect their data, they need to do way better than what they are doing right now. Because the status quo is not acceptable.
1 Comment »