2024 has been a defining year for cybersecurity. The Change Healthcare breach exposed 100+ million sensitive records, while the Crowdstrike incident affected 8.5 million systems and cost Fortune 500 companies $5.4 billion.
Ransomware incidents, like the Ticketmaster breach, have also increased, while the Transport for London and NHS hacks revealed critical vulnerabilities in governmental organisations. Cyberattacks reached unprecedented levels of sophistication – leaving even industry giants like Microsoft under constant scrutiny.
As 2025 approaches, the stakes have never been higher. Our 2024 Annual Cyber Security Report highlights how the rise of AI language models and their potential misuse, combined with escalating legal and regulatory pressures, will herald a new era of complex cybersecurity challenges. To stay ahead, businesses must act decisively and prepare now.
Cybersecurity trends set to shape 2025
AI and Large Language Models (LLMs) present a double-edged sword, offering advantages to both attackers and defenders. Fears of LLMs generating flawless malware have yet to materialise, but LLM’s potential to amplify cyberattacks remains undeniable: AI will refine phishing, and improve deepfake technology and information gathering. LLMs are likely to become targets for attacks, including data exfiltration and system manipulations – a serious threat given the growing reliance on this type of technology.
AI is also set to be at the heart of legal disputes: questions around copyright, ownership, and misuse of AI-generated content will likely lead to litigation and new regulations. The EU’s AI Act and similar frameworks will force businesses to reassess how they adopt and use AI tools. At the same time, regulations such as NIS2, DORA, CRA, and KRITIS (Germany only) will demand heightened compliance efforts, which could be resource-intensive for many organisations.
The arrival of Quantum Computing (QC) also looms closer. Its ability to tackle problems far beyond the capacity of today’s systems is something businesses with encrypted data should start preparing for. The arrival of Q-Day – the moment quantum computers can break current encryption – poses a critical threat to businesses storing sensitive data. To safeguard against this future challenge, adopting quantum-resistant encryption is essential to ensure long-term data security.
There are developments on the horizon, but the pressing question remains: who will be most affected by these changes?
Industries and brands most at risk in 2025
The industries most at risk remain largely unchanged – although an organisation of any kind is a prime target if it can pay ransoms, holds valuable intellectual property (IP), or handles sensitive data. Currently, the top three industries consistently facing the greatest threats are: mining, entertainment, and manufacturing – sectors tied to high-value commodities and IP.
Brand impersonation of household names will also remain a dominant attack method, with email scams targeting businesses and end users expected to persist in 2025. Shipping companies are a particular favourite for attackers, who frequently exploit these businesses in phishing and smishing campaigns. Over the past year, Hornetsecurity insights showed FedEx and Facebook impersonations tripled, while Mastercard and Netflix saw a notable increase.
Establishing a firm foundation to survive 2025
Building a resilient cybersecurity foundation in 2025 starts with the basics, anchored by a ‘zero trust’ mindset. This approach emphasises vigilance across technology, processes, and people, ensuring every connection is verified and permissions or access to sensitive data are minimised.
Rolling out multi-factor authentication (MFA), particularly phishing-resistant methods, is essential. Some advanced techniques, like passkeys, bind authentication to legitimate site URLs, making it nearly impossible for attackers to use fake login pages. While the adoption of phishing-resistant MFA has been slow, tools such as Windows Hello for Business, FIDO2 hardware keys, along with the growing use of passkeys, offer promising solutions. Organisations serious about cybersecurity should begin integrating these technologies without delay.
Leadership also plays a pivotal role. The C-suite must lead by example, to create a culture where cyber resilience is viewed as a shared responsibility, not just the domain of IT. Tech teams cannot secure what they don’t know about or what employees may do, so ongoing, quality security training from the top down is essential to eliminate blind spots and ensure cohesive efforts across departments.
Finally, IT and security teams should avoid unnecessary technical jargon when discussing security. Instead, they should communicate required changes in clear, actionable steps that are easy for everyone in the organisation to understand and act on. Transforming your organisation into a cyber-resilient business demands time, effort, and commitment, but it’s not impossible – and the best thing to do is take the first step today.
Cybersecurity in 2025 will bring significant challenges, driven by advancements in AI, stricter regulations requiring greater organisational accountability, and threat actors employing diverse and innovative attack vectors. Navigating this complex landscape requires more than reactive measures – it demands a proactive commitment to mastering the fundamentals within an organisation. By building firm foundations, businesses can adapt, innovate, and mount effective defences against the inevitable wave of sophisticated cyberattacks in 2025.