Here are your cybersecurity predictions for 2025

The world witnessed cyber threats evolve faster than before in 2024 because of the rise in popularity of Artificial Intelligence (AI).

KnowBe4 says these tools assist cybercriminals in refining and making attack tactics more sophisticated and more difficult to recognise, while it helps cybersecurity professionals defend against attacks more effectively.

“The cybersecurity landscape is rapidly evolving, and the dynamic between defenders and attackers has never been more complex,” said Stu Sjouwerman, CEO at KnowBe4.

The software company lists six cybersecurity predictions they have for 2025 for organisations and individuals to prepare themselves.

ALSO READ: 467k malicious files detected per day in 2024: How to protect yourself

AI-enabled tools for cyber defence and attacks will continue to improve

Sjouwerman is of the view that as AI technology advances, both defenders and attackers will take advantage of the capabilities.

However, there are sophisticated AI-powered tools that detect and respond to threats more efficiently being developed.  

“Capabilities like AI being able to analyse big amounts of data, identify anomalies, and enhance the accuracy of threat detection will be of massive assistance to cybersecurity teams going forward.”

He has noted that cybercriminals are also adopting AI to create more advanced attack methods.

“For instance, AI-powered social engineering campaigns that manipulate emotions and target specific vulnerabilities more effectively will make it difficult for individuals to distinguish between real and fake content.

“As AI capabilities evolve on both sides, the standoff between defenders and attackers intensifies, making constant innovation and adaptation crucial.”

ALSO READ: Cyber extortion: Ransomware results in R140 million loss for SA companies

Ransomware attacks will remain a problem

Sjouwerman said ransomware attacks will continue to be a massive threat due to the collaboration between ransomware gangs and initial access brokers.

“In a measure to combat this, AI will become a popular tool to monitor networks and individual devices for anomalies like unusual encryption processes. This will greatly reduce the impact of attempted ransomware attacks.”

The human factor in cybersecurity will become more of a focus

He added organisations will continue to recognise the importance of security awareness training and simulated phishing tests to manage the inherent human risk that exists within cybersecurity.   

He does note that at the same time, cybercriminals will keep refining their social engineering techniques, making attacks more personalised and effective.  

“Going forward, the challenge will lie in maintaining employee vigilance without causing phishing fatigue.

“To prevent this, it is important for organisations to focus on making training more adaptive and relevant to employees to create better protections and engagement for a positive security culture.”

ALSO READ: How to spot an AI-generated image, video and audio

Improvement of deepfake detection technologies

KnowBe4 predicts that 2025 will see deepfake AI detection technologies improve, become more accessible, and more effectively address the growing concern of identifying deepfakes.

“On the other hand, cybercriminals are also expected to leverage disinformation and deepfakes in their attacks, using them to accelerate extortion, hide other attacks, or damage organisational reputations.”

The adoption of a zero-trust mindset and cyber-mindfulness

It is also predicted that there will be greater adoption of a zero-trust mindset and cyber-mindfulness, representing a proactive approach to cybersecurity.

“Organisations embracing these principles encourage a vigilant attitude among their employees, treating every user and device as a potential threat.”

They advise organisations to train employees to maintain a healthy level of scepticism, which will encourage them to apply critical thinking skills. This mindset shift will be another crucial step in mitigating internal risks.

ALSO READ: Applying for a job? Be careful what you share on social media

Exploitation and the overlap of cybersecurity and human trafficking in Africa

Africa has experienced an increase in attacks targeting the youth with false job opportunities, which sometimes has resulted in human trafficking. They foresee this trend escalating in 2025, as the rate of unemployment is still high.

“Targeted attacks like romance and job scams will increase as cybercriminals become more adept at exploiting economic hardships and limited digital literacy.”

NOW READ: How about an AI boss? – SA adopts ChatGPT for work, school and romance