I’m not sure if there is anything that I expect to happen in 2025 that is a surprise. Here’s what I’m thinking:
The Not So Good:
- AI Powered Attacks
- More 0-Days – developed or identified through AI techniques
- Faster and more powerful attacks
- Continued / Greater Critical Infrastructure Attacks
- Colonial Pipeline will be but a small speck
- Quantum Computing Challenges
- Theoretical becomes practical and encryption key lengths start to look too short
- Supply Chain Attacks
- Greater bang for the buck
The Good:
- ZTNA Continues to Advance and improve InfoSec
- Will introduce some ‘edge’ based attacks
- The old / legacy infrastructure continues to bite organizations
- You’ve got to patch all of the new stuff and the old stuff too!
- We’ll prove the cyber-security staffing shortage is a fallacy
