Cybersecurity in 2024 has been a year full of contrasts, marked by rising threats and groundbreaking innovations. The surge in ransomware and vulnerability attacks has exposed vulnerabilities in platforms and software, while the rapid adoption of AI tools has brought risks and opportunities to the forefront. In the midst of these challenges, progress has emerged. The emergence of new technologies such as artificial intelligence, LLM security and the adoption of government-designed security standards have provided a glimpse of what can be achieved when we work together to make the digital world safer for everyone.
As 2025 approaches, the need for proactive, intelligence-driven strategies is more urgent than ever. Nation-state attacks, misuse of artificial intelligence, and cloud security risks are poised to test the resilience of even the most prepared organizations. This blog draws on key forecasts from the experts at Qualys to outline the cybersecurity trends expected to define the coming year.
Hear Qualys experts discuss their forecasts in our webinar on January 23, 2025.
Prediction 1: The increasing use of AI will not change the fundamentals of cybersecurity strategies
“While many companies are looking for the next best AI solution in an attempt to fight fire with fire, I am reminded of Alphonse Carr’s famous quote, ‘The more things change, the more they stay the same.’” As such, a better question is: “What do companies stand to lose?” (i.e., what is the value at risk) as a result of misuse of the AI?” And what portion of this risk can be addressed with existing security capabilities? For example, is the AI agent secured from threats such as spoofing, tampering, doxxing, denial of service, and escalation? Privileges are really new? Does it require new investments to support a dedicated “AI” security stack? Likewise, keep in mind that AI models consisting of open source code and first-party code deployed on-premises, in the cloud, or both are still security practices The infrastructure, software pipelines and supply chain are in place so again, the question is: Do we really need a complete security rethink?
My recommendation is that security teams proactively address these evolving threats by developing robust threat models and creating guardrails – essentially “secure by default” solutions. Ultimately, the key challenge is balancing the desire for rapid digital transformation with the need to protect an organization's assets against potential AI-related breaches.
-Richard Sersen, Chief Risk Technology Officer, Qualys
Prediction 2: Securing worker AI will be another major exposure event.
“Agent AI, AI that can make decisions and take actions autonomously, will become more widespread in enterprises. This will require additional privileged access. Since this is still an emerging field, security and privacy professionals will need to upgrade themselves to secure agent AI from the ground up.” Finally, make sure the data is AI-ready.
-Mayuresh Dani, Director of Security Research at Qualys Threat Research Unit (TRU)
Prediction 3: IT managers will double their risk management efforts in 2025.
“IT managers will double their risk management efforts in 2025. Adopting this approach will allow them to operationally focus on the biggest risks facing their business while identifying the financial implications. This will allow them to justify investments in the right controls and offset remaining risks with the right premiums.”
In addition, the digital acceleration in all businesses is creating increased requirements for a more dynamic skill mix. Cloud security operations will remain a major focus in the coming year to support this campaign. Hiring from neighboring departments to fill gaps will be a key focus for reducing the skills gaps we will see in 2024.
– Matt Middleton-Leal, Managing Director, EMEA, Qualys
Prediction 4: The drive to enhance security capabilities will increase, with the goal of leveraging unified security platforms.
“Consolidating security capabilities has been on the agenda for many organizations for a while, and this will continue to increase in 2025. Now, organizations are increasingly moving towards a unified platform approach that can provide a central view of risk across the organization, and mechanisms to address that risk when Its existence was primarily driven by the need to reduce complexity, increase operational efficiency, enhance detection and response capabilities, and reduce overall cost.
A unified platform is not a single, do-it-all solution, but one that provides a robust set of core capabilities, with a well-integrated partner ecosystem of additional capabilities that provide additional context. A well-integrated security platform that allows organizations to detect, prioritize and address critical business risks will eliminate the challenges of complexity, inefficiency and increased cost of ownership, while allowing businesses to focus on what matters most to them.
-Richard Sorosina, CTSO and VP of Solutions Architecture for EMEA and APAC, Qualys
“The launch of CISA's FOCAL plan in 2025 will emphasize improved asset management and vulnerability lifecycle management. Federal agencies will aim to adopt solutions that continuously identify assets and vulnerabilities, correlate asset contexts, and accurately prioritize risks using threat intelligence. Integrated patch processing will be critical Importance in reducing the mean time to detection (MTTD) and mean time to remediate (MTTR), thus enhancing overall cybersecurity resilience.
-Jonathan Troll, Chief Information Security Officer, Qualys
Prediction 6: Nationwide cyberattacks, long-term cloud compromises, and data leakage risks will increase, making recovery from breaches more difficult
“Nation-state attacks and cloud-based compromises with extremely long dwell times will continue to emerge at an increasing rate with widespread impact as security catches up with post-Covid and digital transformation efforts in the past few years, as adversaries become increasingly able to maintain ‘stealth for survival. “.
Furthermore, DevSecOps, API, and integrated cloud solutions will emerge as one of the leading threats as an attack vector to great impact. We will also see more accidental disclosure and risks of intrusion-related insider threats, and challenges related to preventing data leaks, given how companies continue to adopt technology without adequate controls and security architecture.
Recovering from incidents and breaches will become more difficult and take longer for organizations as adversaries become effective in destroying backups and other resiliency measures in place, in an attempt to optimize extortion payouts.
-Ken Dunham, Cyber Threat Manager at Qualys TRU
Roadmap
In 2025, cybersecurity stands at the intersection of rising threats and transformative technologies. The insights shared by our cybersecurity experts highlight a central truth: The foundation of effective security lies in balancing innovation with strong risk management practices.
Register for the webinar on January 23, 2025, to hear two of our experts – CISO Jonathan Trull and CRTO Rich Seiersen – discuss their top cybersecurity predictions for the year.
