The cyber landscape is more turbulent than ever. Microsoft recently reported a 2.75-fold increase in ransomware attempts this year, while research predicts global cyber attacks in 2024 105% increase compared to 2020.

There is a great need for more qualified cyber professionals such as generative AI lowers the entry barrier for attacks. Unfortunately, deficiencies in cyber skills have been reported in both UK and Australiawith women make up only a quarter of the industry.

But how will we roll into next year? TechRepublic asked cyber experts to predict the top trends affecting security the field in 2025.

SEE: Number of active Ransomware groups Highest on record

1. Renewed focus on third-party risk management, including the AI ​​software supply chain

This year the headlines were dominated by CrowdStrike incidentwhich disabled approximately 8.5 million Windows devices worldwide and caused massive disruption to emergency services, airports, law enforcement and other critical organizations.

SEE: What is CrowdStrike? Everything you need to know

However, this is far from the first instance of a supply chain attack to be put on the public radar; the MOVEit attacks from last year may also be fresh in the mind. Because of the prevalence of these incidents, Forrester analysts predict that governments will prohibit certain third-party software year 2025.

In addition, more companies are uses generative AI to code new software, which may open up vulnerabilities. AI-generated code has been known for cause interruptionand safety conductors are even is considering banning the use of technology in software development.

For managers, all this illustrates how important third-party risk management is to the business, leading to a new focus in 2025.

Max Shier, chief information security officer at cyber consulting firm Optiv, told TechRepublic in an email: “Third-party risk management, supply chain risk management, and increased oversight and regulatory requirements will drive the need for companies to focus on and mature their governance, risk and compliance programs. “

Jacob Kalvo, CEO of proxy provider Live Proxies, added: “It is expected that by 2025, organizations will likely move towards proactive ways of evaluating and monitoring supply chains. This could be leveraging zero-trust architectures that will verify at access stages, where companies deal with external partners.

“This shift to increased scrutiny of the supply chain marks a broader trend to bring cybersecurity into the overall enterprise-wide risk management.”

AI software is one of the weakest links in the software supply chain

As companies race to take advantage of generative AI solutions, the speed of their adoption has resulted in some areas of oversight when it comes to security. A study by HackerOne found that 48% of security professionals consider AI to be the biggest security risk to their organization.

Cache Merrill, founder of software development company Zibtek, told TechRepublic via email: “As AI tools are increasingly integrated into software development, we expect attackers to target the weakest AI-powered components of the software supply chain. The focus will no longer be just rely on reviewing third-party code without reviewing AI models that may have inadvertently introduced security holes through data poisoning or biased exploitation.

“By 2025, supply chain security will require a whole new layer of vigilance, where even the datasets and AI models fed into our applications are analyzed for adversarial manipulation. A secure supply chain will not only be about code but curating secure and verifiable AI training sources.”

Paul Caiazzo, VP of security services at Quorum Cyber, told TechRepublic that attackers can specifically target weaker AI tools to exfiltrate sensitive data. “CISOs will struggle to secure them due to a lack of AI skills and tools,” he added.

2. Macs will become more targeted by cybercriminals

Experts say Macs will become even more of a target for cybercriminals in the next year. Kseniia Yamburh, malware research engineer at Mac security vendor Moonlock, told TechRepublic via email: “Once considered more secure, macOS are now facing increasing threats, particularly from stealing malware designed to collect sensitive data.

“Our research on Moonlock shows a remarkable increase in macOS-targeting malware, with 3.4 times more unique samples in 2024 than in 2023.”

SEE: Threat actors are increasingly targeting macOS, report findings

The number of macOS vulnerabilities exploited in 2023 increased by more than 30%with attackers using info stealer, fake PDF files, fake Mac apps, legitimate Microsoft appsand other new techniques to breach the operating system this year. In November, there were several malicious macOS apps linked to North Korea.

The growing interest in Apple devices may be due to their increasing occurrence in organizations and greater competition among cybercriminals in the Windows landscape.

3. Identity to pass to the jurisdiction of security teams

Security experts predict that by 2025 responsibility for identity and access management within companies will shift from IT departments to security teams. Sagie Dulce, VP of research at segmentation firm Zero Networks, said identity-based attacks are the number one cause of breaches, and that’s not going to change. As these attacks escalate, security personnel are needed to eliminate potential entry points.

Dulce told TechRepublic: “This is not new, but is a growing trend as more identities belong to services and apps – they are harder to manage and control. Most organizations are currently blind to their exposure from service accounts, privileged identities, dissemination of secrets, third-party access party and more.

“These identities are often the lowest hanging fruit in organizations and attackers know it. Because many web applications are still exposed to the Internet, it remains the main attack vector used to gain initial access via compromised credentials to a web app.”

4. Cyber ​​regulations will divide countries

Global cyber regulations are becoming more stringent – especially with increase in nation-state cyber attacks. As a result, legislation will focus on geopolitics and national security interests.

Vishal Gupta, CEO of security software vendor Seclore, told TechRepublic in an email: “In the coming year, long raging wars and general geopolitical tensions will drive the bulk of regulation. Countries and groups of countries will create rules to protect their own interests vis-à-vis reputed enemies and will prevent a wide spread of supply chains.

“This is already evident in CHIPS act and more recent (Export Control Act) interpretations. “Country over cooperation” may well be the theme of these rules.”

Douglas McKee, managing director of Threat Research at security firm SonicWall, added that it will become increasingly difficult to detect the origin of attacks as “the line between government and criminal activity will continue to blur further.”

SEE: Sustainable: Cybersecurity professionals should be concerned about state-sponsored cyberattacks

As a result, policy makers should strengthen international cooperation rather than create more division. McKee told TechRepublic in an email: “Governments and private organizations must adapt to this evolving threat landscape, focusing more on proactive intelligence sharing and threat hunting to disrupt collaborations before they impact critical sectors.”

Critical national infrastructure will lag behind in compliance

Critical national infrastructure, such as transportation, telecommunications companies, and data centers, is one key targets for attackers as it can lead to extensive disruptions. A recent report from Malwarebytes found that the service industry is the worst affected by ransomware, which accounts for almost a quarter of global attacks.

SEE: 80% of critical national infrastructure companies experienced an email security breach in the last year

According to Christian Borst, EMEA CTO at security firm Vectra AI, attacks against CNI will increase in 2025, in part because these companies are not following the rules. These include NIS2which aims to establish a consistent minimum cyber security baseline across all EU Member States.

Borst told TechRepublic in an email: “Regulators aren’t asking the world, but CNI companies are already struggling to meet the timelines set by regulators and get their houses in order, as we already see EU member states lagging after. after the implementation of NIS2.

“Threat actors will be well aware that compliance is lagging behind, so they will concentrate efforts on targeting critical infrastructure before security gaps are closed.”

5. Specific employees targeted via social media and AI

At the beginning of the year, a financial workers in Hong Kong paid out $25 million to hackers which used AI and publicly available video content to impersonate the CFO. The hackers imitated the manager’s voice during phone calls to approve the transfer.

Experts predict this behavior will continue into 2025. According to Garner, AI-enhanced malicious attacks were the biggest emerging business risk in the first three quarters of the year.

The number compromise of e-mail for business attacks detected by security firm Vipre in the second quarter were 20% higher than the same period in 2023, and two-fifths of them were generated by AI. The main targets were CEOs, followed by HR and IT staff.

Darius Belejevas, director of data privacy platform Incogni, told TechRepublic: “An ever-increasing number of data breaches are now the result of criminals actively targeting specific employees, in some cases armed with personal information they have managed to obtain about that person. Unfortunately, not enough people realize that they are being targeted because of where they are working.”