Originally posted at VMBlog
Industry executives and experts share their predictions for 2025. Read them in this 17th annual VMblog.com series exclusive.
By Greg Sullivan, CIOSO Global
In 2024, cybersecurity became a top priority-a C-Suite issue-and all indications are that 2025 will be a transformative year in cybersecurity. Malicious actors are improving by the day at their wanton craft, and organizations realize that keeping up with them will require significant recalibrations. Threat actors are becoming more sophisticated, and regulatory compliance pressures and reliance on digital infrastructure have increased. Enhancing resilience, unifying fragmented systems, and prioritizing proactive measures and overreactive fixes are now issues that top-level management discusses.
Know Thyself: The Key to Staying Ahead of Threat Actors
One of the significant security concepts that gained visibility in 2024 was the need for organizations to understand their operations and hackers. Because of this, a sort of “know-thyself” rule emerged. In 2025, this will change from a rule to a commandment, highlighting the use of tools and practices that provide telemetric abilities. Organizations must better understand their digital footprints, vulnerabilities, and security gaps to prevent breaches.
The need for hyper-visibility and understanding will drive AI and machine learning technologies to analyze vast amounts of data faster and more precisely. These tools will provide new levels of efficiency in asset and patch management, vulnerabilities in visibility, and threat actor profiling. Organizations must understand their internal security posture and its parallels with external threat dynamics-whether those dynamics are internal-related or globally spread.
2025: The Year of the SBOM
In 2025, a “software bill of materials” (SBOM) will be crucial in software security and supply chain risk management. An SBOM is a nested inventory, a method of organizing inventory that lists the ingredients that make up software components. Knowing codebase vulnerabilities will be as crucial as understanding physical endpoints and virtual machines.
SBOM tools will become commonly used. They will allow organizations insight into hidden software vulnerabilities so that remediation or compensating controls can be employed. Proactive vulnerability management instead of reactive management will be the mantra in software security.
Enhanced Email Security: The Last Line of Defense
The ubiquity of social media has given cybercriminals a target, if not an open window, which means that email security will become crucial to cybersecurity efforts. Advanced, layered capabilities will be added to the already adopted defense strategies. Organizations must develop greater protection against phishing to fortify their communications from never-ending social engineering attacks.
C-Suite Leadership and Cybersecurity Culture
As stated in the introduction, 2025 will see a much higher level of involvement from members of the C-suite in security matters. Cybersecurity is no longer just an IT issue. Top management will take cybersecurity leadership roles. They will engage directly with cybersecurity teams to gain a new level of risk awareness.
The seismic C-level shift in interest will be a top-down approach to cybersecurity culture, increasing the understanding that every employee will have a role in security. Training programs, leadership-driven initiatives, and stricter enforcement of cybersecurity policies will define the coming year. Any weakness individuals and third parties exhibit in dealing with maturing cybersecurity standards will not be tolerated.
Automation and AI to Alleviate Overworked Security Teams
Cybersecurity teams were under increasing strain in 2024. To alleviate this burden, 2025 will see greater reliance on automation to streamline workflows, enhance threat detection, and accelerate incident response. AI-powered tools will significantly ensure security, enabling IT teams to focus on strategic priorities.
Automation will significantly enhance vulnerability management. The time it takes to identify and remediate potential risks will be substantially reduced. Rapid patching policies will be strictly enforced, as unpatched systems will no longer be tolerated.
Resilience Over Reliance
Lastly 2025, the focus will shift from external cybersecurity solutions to building in-house resilience. Organizations will strengthen their internal security frameworks to mitigate attacks and lessen their reliance on external dependency. This ownership model will usher in innovative solutions and require a long-term commitment to cultivating in-house expertise.
Better Vulnerability Awareness
In 2025, the hyper cybersecurity awareness will be better aligned to threat actor activity and mapped keenly to specific vulnerabilities so that organizations can make more informed security investments. Today, there is an abundance of cybersecurity tools offering insights into operating system, firmware and code vulnerabilities-the challenge lies in prioritizing what needs addressing first. The traditional vulnerability age and exploitability scores that guide this prioritization will pivot to paying attention to detailed intelligence on threat actor behavior such as targeted industries, geographies and preferred exploits. These criteria will become the critical focus points to drive more refined defences, smarter resource allocation and wiser cybersecurity investments.
Looking Forward
The proliferation of franchise-model threat actors continues, as we’ve seen from Scattered Spider in 2024. Organizations such as these will continue to escalate the risk for all of us. These alarming trends will force organizations to increase their urgency on cyber defense in 2025.
In addition, embracing SBOM practices and fostering top-down awareness cultures will all be trends in 2025. Those enterprises that act proactively, show adaptability, and invest in automation will be the businesses that avoid embarrassing breaches and bottom-line deteriorating fines.
##
ABOUT THE AUTHOR
Greg Sullivan is the Founding Partner at CIOSO Global, LLC, specializing in cybersecurity and technology risk management. He advises clients on regulatory compliance and cybersecurity strategies, helping organizations design and implement risk-based cybersecurity capabilities. Previously, Greg served as Senior Vice President & Global Chief Information Officer at Carnival Corporation, leading global IT, innovation, and cybersecurity efforts. He also held leadership roles as CEO and CTO at Global Velocity, focusing on enterprise and cloud security. Greg holds a BS in Systems Science & Mathematics from Washington University in St. Louis and is a Certified Information Systems Security Professional (CISSP).
