5 Cybersecurity Trends for 2025: Preparing for a Year of Elevated Risk and Accountability

Cybersecurity Trends for 2025- Preparing for a Year of Elevated Risk and Accountability
Stephen Boyer
Written by Stephen Boyer
Co-founder & Chief Innovation Officer

As security and risk leaders look to the year ahead, they face a rapidly evolving and dynamic set of challenges. The implementation of more stringent cybersecurity standards—such as the U.S. Security and Exchange Commission’s (SEC) rules and the EU’s Network and Information Security Directive 2 (NIS2)—has placed boardroom scrutiny at an unprecedented level. Boards of directors are now demanding increased accountability from Chief Information Security Officers (CISOs) and Chief Risk Officers (CROs), setting the stage for a pivotal year in 2025.

Cybersecurity leaders must navigate heightened expectations within the context of shifting geopolitical dynamics, evolving technology landscape, and an increasingly sophisticated and automated set of threat actors. A new administration in the White House may introduce changes to technology mandates and regulations, further complicating efforts.

At the same time, the rapid adoption of artificial intelligence (AI) across enterprises is reshaping the risk landscape. While AI brings transformative potential, it also introduces significant new risks. Attackers, ranging from cybercriminals to nation-state actors, are leveraging AI to enhance the scale, automation, and precision of their operations. This dual impact—AI as both a tool for innovation and a vector for exploitation—demands vigilant oversight.

While no one can predict the future with certainty, insights gathered through collaboration with CISOs, cybersecurity researchers, and industry leaders provide a strong foundation for identifying key trends. At Bitsight, our collective observations highlight five critical areas that will shape cybersecurity strategies in 2025.

1. Critical infrastructure remains a target for nation-state actors

The vulnerability of critical infrastructure continues to be a focal point for nation-state attackers. Recent events, such as the devastation caused by the LA wildfires, underscore the fragility of critical systems. Beyond natural disasters, cyberattacks targeting power plants, water facilities, hospitals, and other essential services pose an equally significant threat.

Over the past two years, there has been a marked increase in nation-state actors targeting critical infrastructure. Jen Easterly, Director of CISA, recently emphasized the persistent focus of adversaries on exploiting these vulnerabilities. Healthcare systems, as evidenced by last year’s attacks on United Healthcare and Ascension Health, are particularly exposed.

Organizations must adopt a comprehensive strategy that includes visibility into both their internal assets and the extended digital supply chain. This approach is essential to addressing third-party risks that are often overlooked but can have catastrophic consequences.

2. AI: A double-edged sword in cybersecurity

AI is both a transformative force and a significant risk multiplier. As AI technologies become more widely adopted, their dual impact will reshape cybersecurity in 2025.

“Digital attacks leveraging AI will exponentially increase, creating renewed focus on enterprise security and digital supply chains,” notes David Casion, Bitsight’s CTO. While AI-enabled tools are accelerating productivity and incident response, they are equally enhancing the sophistication of cyberattacks.

As he explains, the AI tooling landscape is getting a lot of investment and deployments are on the rise. The union of larger context windows, agents, text to action, and other capabilities will enable businesses to derive even more value from AI-enabled productivity tools that can do everything from speeding up invoice handling in the finance department to cutting down on incident response times in the cybersecurity department. “But as AI moves forward rapidly, that tooling can be used for things good and bad,” Casion warns.

AI introduces two primary categories of risk: vulnerabilities within AI systems themselves and the exploitation of AI by attackers. For example, AI-powered phishing campaigns are now more targeted, multilingual, and effective, often bypassing traditional detection methods. To counter these threats, organizations must retrain their teams to understand the shift in attacker capability and consider integration of AI-driven capabilities into their own security programs.

3. Bridging the gap in third-party attack surface management

The global attack surface management market experienced significant growth in 2024, driven by organizations’ efforts to address both internal and external vulnerabilities. However, third-party vulnerability exposure risks remain an underaddressed yet critical component of the broader attack surface.

“Third-party risk is the proverbial last mile of attack surface management,” says Vanessa Jankowski, SVP of Applications & Data Solutions Product Management at Bitsight. “There will be an increased focus on the third-party attack surface from security operations teams,” she predicts. “Third-party risk remains a serious and often unmanaged aspect of the broader attack surface, with bad actors continuing to wreak havoc through third-party vulnerabilities and exposures.”

As supply chain attacks grow in frequency and severity, security operations teams are increasingly recognizing the need for greater visibility into their vendors’ exposure levels. By incorporating intelligence and monitoring capabilities for third-party assets, organizations can better manage their overall risk posture and address this longstanding gap.

4. Increased U.S. technology bans driven by national security concerns

The incoming Trump administration is expected to implement additional technology bans and restrictions to address national security concerns. Building on measures such as the 2024 Kaspersky ban and the ongoing focus on Huawei, policymakers are likely to introduce new restrictions targeting foreign technology providers.

“The first Trump administration imposed restrictions on Huawei. The U.S. will seek another technology ban or restriction based on national security concerns akin to the Kaspersky ban,” says Jake Olcott, Vice President of Communications and Government Affairs at Bitsight.

“There's a growing interest in tackling our supply chain risk because of all of the incidents that have taken place and a feeling that there is so much more to be done,” Olcott explains.

The Kaspersky ban went into effect in September 2024, though research from Bitsight showed that by December, the use of Kaspersky products still remained prevalent in the U.S., illustrating that enforcement of such actions can be tricky. With the Supreme Court upholding the U.S. TikTok ban (and the subsequent suspension of the ban), it’s clear we can expect more discussions around the effectiveness of implementing and enforcing these measures.

5. A record year for vulnerabilities

The pace of vulnerability disclosures reached a record high in 2024, with over 39,500 CVEs published. In 2025, this upward trajectory is expected to continue, driven by greater transparency and broader participation in the vulnerability reporting process.

“2025 will see even more, and the sheer volume of vulnerabilities makes it impossible to address every CVE,” observes Ben Edwards, Principal Research Scientist at Bitsight. “Organizations must prioritize based on threat intelligence to identify which vulnerabilities present the most immediate risk.”

Effective attack surface management will increasingly rely on understanding attacker patterns and aligning remediation efforts with the most pressing threats.

Preparing for the year ahead

As we enter 2025, the stakes for cybersecurity leaders have never been higher. Addressing the challenges of critical infrastructure protection, AI risk management, third-party exposure, and evolving regulatory landscapes will require a proactive and strategic approach.

For additional insights, I invite you to join our webinar, 2025 and Beyond: Turning Uncertainty into Strategic Advantage. The session will feature perspectives from Vanessa Jankowski, Chris Campbell (CISO), and Chris Poulin (Director of Customer Advocacy and Principal Architect), providing actionable guidance for navigating the year ahead.

gartner trends 2025 cover

Learn how forward-thinking leaders are navigating challenges like third-party risks, machine identity management, and the growing mental health crisis in cybersecurity teams in 2025.