Cyber Security Threats in 2025

As cyber security threats become more sophisticated, staying ahead is crucial. To address these evolving challenges, our team of tech driven experts shares their thoughts on key cyber security predictions from our esteemed partners at Check Point, CrowdStrike, and Google to help you navigate the year ahead with confidence and clarity.

Sources

CrowdStrike: The Future of Cybersecurity 2025

Google: Cybersecurity Forecast 2025

Check Point: 2025 Cyber Security Predictions – The Rise of AI-Driven Attacks, Quantum Threats, and Social Media Exploitation

Cyber Security Threats: SEP2 Experts’ Commentary

James Woodward, Head of Technical Services

Which of our partners’ predictions resonates with you the most?

It’s clear there is one topic that all vendors currently agree on: the continued rise of AI. However, we can see that this development has been viewed as both a positive and a negative thing. While we can use AI to help sort through the mountains of data being collected each day, attackers are also using it to create more realistic phishing and social engineering attacks. The technology to recreate voices and videos from public samples is becoming advanced enough to pose a real threat to high profile individuals.

Another issue with AI is just how much private data is leaking into public AI models without organisations knowing about it. Who in your organisation is using AI to help them with their roles and what data might they be leaking? Detecting unauthorised AI usage, and more importantly, enabling organisations to use it safely, will be a key focus for 2025.

How do you see these trends impacting our customers?

All organisations should at least be considering how AI use is impacting them. If you don’t believe that anyone in your organisation is currently using it, check your URL access logs to confirm this. Most organisations will find that people are already using some form of LLM AI.

Organisations should also reinforce the mantra “Trust but verify” across all their staff to help battle AI generated content. Is that email you received from the CFO really from them? Reach out to confirm. The voicemail from the CEO asking you to pay a bill may have sounded legitimate but verify it anyway. All levels of staff should support this behaviour to help prevent attacks and breaches.

What additional trends do you foresee in 2025?

To effectively manage AI, I think we will see a rise in the monitoring and control that organisations want over their workforce. SASE products have continued to be popular, and 2024 saw Enterprise Browsers making more headway into organisations plans. With Google and Microsoft joining established players like Island in this arena, I believe 2025 will see a much larger uptake as organisations seek to regain control over their data.

Any other comments or insights?

With identity and AI attacks expected to be a large part of the nomenclature of 2025, it’s imperative that we demand secure Single Sign-On (SSO) everywhere. Applications should be linked to a central, secure identity provider that is not only providing phishing resistant MFA, but also additional features such as UEBA detections and fine-grained access controls.

The levels of additional protection I have mentioned do not need to be implemented in a way which causes friction to users, but only to the adversaries attempting to gain unauthorised access. These are all things we need to keep in mind as we advance into the world of AI that is coming, whether we want it to or not.

Jon Cumiskey, Head of Cyber Security Intelligence

Which of our partners’ predictions resonates with you the most?

2024 has already proven to us that Identity is certainly the new endpoint. Our experience as a SOC aligns with this. While endpoint-based protections continue to play a crucial role and should not be downplayed, the landscape is shifting to new fronts. Customers should view every identity in their environment as a door to their data that anyone could walk through.

From our perspective as a SOC working across multiple industries, and company sizes and risk appetites, we see the primary risk associated with AI as being from a data-loss perspective. As tool usage expands and providers introduce their own variations of well-known models, we recommend enforcing estate-based controls to manage these risks and provide a ‘recommended’ solution to the organisation’s user base.

What additional trends do you foresee in 2025?

As both the internet and enterprise technology continue to centralise around AWS, Azure and GCP, the impact of an outage or compromise of one of these major cloud providers becomes more and more pertinent in my view. Where possible, we recommend that customers ensure that features such as Access Transparency and Customer Lockbox are enabled to audit the provider’s access to the environment. Additionally, consider your encryption strategy and whether the use of provider-managed keys is suitable for 2025.

While the “big three” appear well-equipped to handle the increasing threat landscape, it is worth also considering the entire supply chain. Identify vendors or software that might not have that robust level of protection but are still handling your sensitive data and put a plan in place for these if you haven’t already.

Any other comments or insights?

We talk about Endpoint and Identity as two of the major fronts in cyber security. In 2024, SEP2 have done significant work to help our customers with control validation and response processes in these areas. Additionally, in 2025, we will continue working with customers to help them protect their workloads and code pipelines, both on-premises and in the cloud.

Johan van Rooyen, Principal Security Consultant

Which of our partners’ predictions resonates with you the most?

The 2025 predictions from Check Point, Google and CrowdStrike certainly offer plenty of food for thought, specifically around the intentional use of AI to rapidly create and scale cyber-attacks, and unintentional data compromises as result of the day-to-day use of AI.

Supply chain compromises, though not new, will likely face increased AI-driven ransomware attacks. While software supply chains have improved, traditional supply chains (logistics, consulting, HR, IT support) remain vulnerable. A compromised third-party supplier can disrupt business processes, damage trust, and pose financial or regulatory challenges. Organisations often lack incident response plans for such scenarios, leaving them open to cascading failures.

If a supplier’s representative is compromised through phishing, malware, or credential theft, attackers can hijack their account to send legitimate-looking emails to customers. This can lead to ransomware attacks, unauthorised data access, and other malicious activities. Since the communication appears to come from a trusted source, customers are more likely to engage, increasing the risk of a successful attack. Such breaches can disrupt business processes, damage customer trust, and lead to regulatory or financial repercussions. Additionally, attackers may gain sensitive information for future attacks, creating ongoing security vulnerabilities.

To mitigate these risks, customers need to ensure that their incident response plans are comprehensive and include:

• Supplier risk assessments to identify potential vulnerabilities in partner organisations.
• Monitoring mechanisms to detect anomalies in communications or transactions with suppliers.
• Authentication and verification procedures for critical communications, reducing reliance on trust alone.
• Communication protocols for responding quickly if a supplier breach is detected, such as temporarily suspending interactions or changing access permissions until the threat is resolved.
• Training programs to ensure employees are aware of the risks associated with compromised suppliers and know how to spot signs of compromise.

By addressing these areas, organisations can build resilience not just within their software supply chain, but across their entire ecosystem of suppliers, reducing the likelihood of falling victim to supply chain-related attacks.

What additional trends do you foresee in 2025?

By 2025, B2B organisations are expected to face increased demand from customers for evidence of robust security practices, such as ISO 27001 certification or regular SOC 2 audits. As cyber security threats grow in scale and complexity, companies are becoming more vigilant about the security posture of their vendors, partners, and service providers. ISO 27001, a globally recognised framework for managing information security, and SOC 2 audits, which assess data security and privacy controls, are essential benchmarks for demonstrating compliance with stringent security standards.

B2B customers, especially in finance, healthcare, and technology sectors, are prioritising partnerships with vendors who can provide these certifications to minimise risk and comply with evolving regulatory requirements.

Don’t navigate these challenges alone. Contact the SEP2 team today to learn more about how we can help you strengthen your cyber security posture and stay ahead of emerging threats.