9 cyber-security predictions for 2025 - AI to ransomware and beyond

The relentless battle between attackers and defenders fuels our determination. As technology advances at an astonishing pace, we rise to the challenge, turning each new system into an opportunity for resilience and innovation.

As 2025 begins to unfold, we foresee transformative trends that will redefine the cybersecurity landscape in the coming months.

Guided by insights from the National Cyber Security Centre (NCSC) and our experiences here at Conosco, our experts are excited to share their predictions for 2025.

1. AI-based attacks will exponentially increase.

Artificial intelligence has become the Swiss Army knife of digital malevolence. Cybercriminals are increasingly deploying AI-driven malware that adapts in real-time, evading standard antivirus software with unnerving ease. Autonomous bots scour the internet for exploitable vulnerabilities, patching together attack kits that can strike at scale.

Deepfakes and AI-generated social engineering scripts trick employees into handing over credentials without a hint of suspicion. This accelerated arms race suggests we may see attacks of unprecedented complexity, where human defences struggle to keep pace with relentless machine-driven intrusions.

Free ebook: Unlock your guide to leveraging AI

The AI Superseries: A Guide to Leveraging AI for Secure and Scalable Growth is your blueprint for integrating AI into your business strategies effectively and responsibly. 

Free ebook: Unlock your guide to leveraging AI

2. A flood of new ‘AI-enabled’ security products.

It won't only be the criminals adopting AI. Vendors everywhere started slapping an “AI” label on their solutions in 2024, and we do not see that slowing. Many will be promising instant detection, seamless orchestration, and a silver bullet against advanced threats.

However, we have found that reality can be underwhelming. Many of these so-called AI-driven tools rely on rule-based algorithms or outdated data sets. Security teams risk drowning in a torrent of hype, uncertain which products actually deliver on their claims. Over the next year, a discerning approach becomes key. Utilising services like our AI consultancy, many organisations are doing the due diligence—examining real-world performance and integration capabilities—and are better equipped than those that simply buy into the latest buzzword.

3. Boards will be mandating greater cyber resilience.

Over the years, many security companies like us have emphasised that security should be a key responsibility of the board rather than solely the IT team.

It's encouraging to see that this perspective is gaining traction, with executive boards increasingly recognising that resilience is a vital strategic goal. They are now actively seeking robust defences and transparent incident response strategies to safeguard their organisations.

Recent high-profile breaches have highlighted the importance of cybersecurity, leading directors to understand that compromised systems can result in significant legal costs, lost contracts, and diminished brand equity. As we look ahead to 2025, we believe that decision-makers will prioritise regular security audits, scenario-based drills, and clear accountability for every facet of their organisation’s protection. Cybersecurity is now front and centre in board discussions, and this increased focus offers a great opportunity for organisations to enhance their defences and build trust.

Free ebook: Board room guide to cyber threats

Arm yourself with the knowledge, tools, and technical know-how to safeguard your business and stamp out security threats before they cause any permanent damage. 

Free ebook: Board room guide to cyber threats

4. Brand impersonation attacks will lead to major headlines.

Brand impersonation remains a headache for organisations of every size, with criminals spoofing domains and launching targeted email campaigns in the guise of official channels. Although many organisations have implemented DMARC, one of the key tools to mitigate the risk of brand impersonation, many organisations have yet to start this journey.

The coming months will see more businesses implement DMARC (Domain-based Message Authentication, Reporting & Conformance) to thwart fraudulent emails and protect customers from being misled, but at the same time, we expect to see big headline news of successful spoofing attacks becoming more common.

Those that fail to act may see trust erode if their domain or public image is repeatedly spoofed. The race is on to secure brand identities and assure customers they’re dealing with legitimate, verified communications.

Free checklist: Email domain security

Take control of your email security today. Download the checklist now and start building a safer, more secure email environment for your business.

Free checklist: Email domain security

5. Zero trust enters the mainstream.

Zero trust has long been just another buzzword wrapped around a number of identity and network access vendor tools, but it’s now hitting the mainstream consciousness of boards and businesses who recognise zero trust is not achieved by a single product or solution.

Many organisations have invested in Identity Access Management (IAM), Cloud Access Security Broker (CASB), Zero-trust Network Access (ZTNA), micro-segmentation, SaaSops and other tools that fall within a brack of zero-trust but have rarely approached zero-trust, holistically, top down.

We predict more organisations will holistically explore zero-trust and push themselves to follow the methodology to dampen the impact of a breach by limiting how far an attacker can roam.

We also feel that as remote work and cloud adoption spread, companies are finally embracing zero trust as a tangible, cost-effective, practical framework.

6. Ransomware attacks will show no signs of slowing.

Ransomware hasn’t fizzled out—it’s evolved, growing more destructive and more cunning every day. Organisations across industries still find themselves caught off-guard, paying hefty ransoms to protect critical systems or prevent sensitive data leaks.

We predict that the attackers’ playbooks that already include double-extortion methods, where data is stolen before encryption, and any refusal to pay is met with public humiliation or regulatory nightmares., will become more sophisticated, partly enabled by AI tools.

Despite countless cautionary tales, we also predict that companies will continue to pay ransoms, sometimes seeing it as the lesser evil compared to prolonged downtime. This grim cycle isn’t likely to break without more robust defences and resolute recovery plans.

Board room under siege

Free on-demand webinar

Board room under siege

This webinar isn’t about generic advice. It’s a hard-hitting look at your organisation's real risks and the decisive actions your board must take. You’ll come away with a clear understanding of your role in cybersecurity governance and the tools to act decisively.

Download

7. Supply chains will lock down like never before.

Targeting a fortified organisation is challenging, so criminals look elsewhere—down the supply chain. Smaller vendors often lack the same security maturity, creating weak links that lead attackers right into the heart of larger enterprises.

This year, we foresee that third-party assessments and supplier audits will ramp up. We also foresee regulatory bodies and industry groups pushing more stringent requirements for third-party risk management. The upshot? Collaboration and tighter integration between partners can transform the supply chain from a point of vulnerability into a collective bulwark against intruders.

8. The cost of ransomware will significantly increase.

While exact figures differ across industries, one constant remains: cyber attacks aren’t just headaches, they’re enormous financial drains. For instance, IBM’s 2023 Cost of a Data Breach Report found the global average cost of a data breach reached $4.45 million. Extrapolating from these historical trends—and factoring in the added complexity of AI-driven attacks—experts anticipate that the average cost could exceed $5 or $6 million by the end of this year. 

The long tail of expenses includes incident response, legal bills, reputational damage, and the cost of lost business opportunities. Organisations that underestimate these financial repercussions risk their bottom line and their very survival.

Free ebook: Modernise security operations

The Modernising Security Operations eBook is your comprehensive guide to the advantages of outsourcing your Security Operations Centre (SOC) and how it can transform your organisation’s security posture.

Free ebook: Modernise security operations

9. More businesses will view cyber insurance as essential.

Cyber insurance has shifted from an optional add-on to a business staple. As attacks soar in frequency and sophistication, a policy can cushion the financial blow of downtime, legal costs, and data restoration. However, insurers demand proof of rigorous safeguards—everything from robust endpoint security to multi-factor authentication—before granting coverage. Over the coming months, expect more granular underwriting processes, tailored premiums, and mandatory incident response exercises. This tightening of requirements might serve as a forcing function, prompting more organisations to bolster their protections to qualify for or retain coverage.

Taking 2025 head-on

Every corner of the digital world seems under siege in 2025, with AI-fuelled threats, elaborate brand impersonations, and cunning ransomware crews testing even the best defences. Yet there is reason to remain optimistic. Strategic investments in real AI-driven security tools, bold boardroom leadership, and widespread adoption of frameworks like zero trust offer a fighting chance. As criminals grow more sophisticated, the security community responds in kind—matching innovation with innovation. It won’t be easy, but collective determination could well see us turning the tide and forging a safer environment for everyone.