As security leaders, we are constantly on the lookout for new risks that may arise. To secure our business and customers, we must keep one step ahead of threat actors, predicting dangers before they cause harm. As the new year approaches, here are some of the increasing cybersecurity risks we’re witnessing, as well as some advice on how to handle them effectively.
AI-powered threats and solutions.
The era of artificial intelligence (AI) has arrived, and we are seeing incredible AI-powered innovation on both sides of the security conflict. AI-powered attacks, such as deepfakes and phishing, are getting increasingly sophisticated. They’re becoming increasingly adept at evading detection and deceiving end consumers. And as AI evolves, we expect these attacks to become increasingly effective.
Deepfakes are particularly alarming. We’re no longer just viewing false films, but whole simulations with real-time replies that can be extremely persuasive. And the industry is still catching up.
However, everything is not lost. AI also creates new opportunities to address these and other threats. For example, AI can be good at pattern identification, recognising threats and infections fast, and separating bot activity to reduce its impact. In 2025, i anticipate that AI will become increasingly powerful as a tool of combating malicious activities.
But technology is only one tool in our toolkit. Another critical technique at Thought works is to train our employees on how to recognise and avoid deepfakes. For example, if one of our employees receives a voicemail from someone who sounds like our CEO, should they believe it is legitimate? That type of basic security hygiene, being sceptical and checking legitimacy, remains a potent and effective defence.
Insider Risk Management
While external threat actors will always require awareness, we should not disregard potential internal risks. We often believe that because we trust our employees, they do not require the same level of security as those outside the organisation. In truth, the increase of remote work and the increasing reliance on contractors in the computer industry have created new risk considerations that must be addressed.
Again, we recommend implementing a Zero Trust security architecture that treats all workers and devices with caution. This allows you to more effectively ensure that the right individuals have access to the right resources at the right time, while also denying access to those who pose a risk.
Social engineering attacks
In 2025, we anticipate an increase in social engineering and phishing attacks, which frequently defeat multi-factor authentication (MFA) protection. MFA is undoubtedly a good security technique; however, it is not failsafe. Social engineering assaults will become increasingly sophisticated, replicating legitimate interactions with context-based awareness and deceiving unwary people more successfully than ever before.
One example is Snatch gang, a loosely Russia-based ransomware organised group of hackers who use social engineering techniques to circumvent MFA and obtain access to valuable data and systems. In June 25th, 2024, the organisation claimed responsibility for a ransomware assaults in south Africa https://therecord.media/south-africa-lab-ransomware-mpox-outbreak, which disrupted operations at a South Africa’s National Health Laboratory Service (NHLS) for days and cost their firm more millions of money and people’s lives
Ransomware as a service
Recently, we’ve witnessed a new trend in which criminals target victims using someone else’s technology. The “ransomware as a service” (RaaS) Ransomware as a service – Wikipedia phenomenon has resulted in a new business model for threats. You no longer need a technical background to perform a ransomware assault against a business or government; you can simply pay to access the malware strain needed to do it.
RaaS is one of the factors contributing to the increased frequency and severity of ransomware attacks in recent years. In fact, Chainalysis (Ransomware Hit $1 Billion in 2023) discovered that total ransomware payments broke a record in 2023, exceeding $1 billion for the first time. The average attack has gotten more costly too, with the average ransom payment more than doubling to roughly $4 million in 2024, according to Sophos. Combating these attacks will necessitate vigilance from firms like ours, as well as collaboration and ongoing effort from law enforcement agencies around the world.
Supply chain vulnerabilities
Attackers will also continue to seek for vulnerabilities in the software supply chain, and they will find many of them. After all, the days of a company’s data and applications being stored solely on local servers and networks are over. The global migration to the cloud has resulted in significant increases in efficiency and security, but it has also introduced new threats.
Because third-party, cloud-based SaaS tools and APIs are managed by external providers, organisations struggle to detect how attackers may be leveraging such services. And because SaaS technologies are so extensively used, an exploitation of just one of them can have an immediate impact on thousands, if not millions of clients.
While these attacks can be difficult to completely prevent, it’s always a good idea to evaluate the risk of any vendors or partners on whom you may rely, and to apply a Zero Trust (https://www.microsoft.com/de-de/security/business/zero-trust) approach to constantly reinforce the security of all your users and their devices.
Advice for fellow (CISOs) Chief Information Security Officer.
For 2025, here are some more Tipps for other CISOs looking to better their organisations’ security postures, come what may.
Invest in new tools if possible. In general, the sooner you can identify a threat, respond to it, contain it, and then remediate and repair it, the better. That could necessitate a budget and capabilities beyond the grasp of many businesses. Even with a limited budget, allocating a small team to investigate and create capabilities in less mature sectors can produce significant results. With more focus and innovation in this area, we should expect new, cost-effective solutions to gain traction.
Implement the appropriate security measures. Better controls are an excellent place for CISOs and other security leaders to begin. Deploy detection and response controls that are appropriate for your organization’s size and complexity.
Go on the offence. If you have the means, form a squad to seek for threats. That will allow you to detect flaws in your systems before attackers do. Automated threat-hunting systems are also emerging, which can detect and forecast threats automatically.
Run simulations with the leadership. Practise with your most senior teams so that you are ready to handle an event if and when it occurs.
Maintain your current knowledge. Consume all of the threat intelligence information available from governments, non-profits, and peers. These collaborations are critical for identifying new attack vectors, allowing you to test your own systems and ensure you’re fully prepared.
Finally, take tiny steps. It is hard to implement a perfect security posture overnight, but incremental changes can bring you closer each day. Keeping up with attackers will be challenging as they become bolder and more sophisticated. However, we can and must do all possible to stay at least one step ahead.
By
