The Blurring of State-Sponsored Threats and Waiting on the Quantum Apocalypse

This collection of predictions offers some promising solutions to increasingly complex cyber challenges.

General Cyberattack

While a great deal of uncertainty hovers around 2025, one thing is clear when it comes to industrial cybersecurity - it won't be simple. As more experts weigh in on the trends most likely to impact the sector in the next 12 months, it's no surprise that the bad guys and their strategies, while cemented in legacy methodology, are leveraging more complex tools and infrastructure to launch attacks. Balancing those concerns are new defensive tools and strategies that offer equal parts comfort and concern, as they encompass new technologies and implementation approaches.

Douglas McKee, SonicWall Executive Director, Threat Research

  • Detecting attack origins will become increasingly difficult. The line between state and criminal operations will continue to blur further, making it increasingly challenging to attribute attacks. This may prompt stronger international collaboration on cybercrime policy, but effective attribution will remain a core challenge. Governments and private organizations must adapt to this evolving threat landscape, focusing more on proactive intelligence sharing and threat-hunting to disrupt collaborative efforts before they impact critical sectors.
  • 2025 will see the rise of quantum-resistant cryptography. While large-scale quantum decryption of algorithms like RSA or AES is unlikely in 2025, targeted attacks on specific or older cryptographic implementations may become more advanced. Despite ongoing "quantum apocalypse" fears being overstated, developing quantum-resistant cryptography will remain a priority for researchers and organizations as part of long-term resilience planning. Governments and private sectors will boost investments in post-quantum solutions, emphasizing broader cybersecurity measures to address potential early threats.
  • AI will augment cybersecurity protection efforts without replacing humans. AI will be a defensive tool and a strategic force multiplier in 2025. It will enable organizations to stay one step ahead of state-sponsored criminals, adapt to quantum threats, and protect critical infrastructure in an increasingly hostile threat landscape. AI’s continuous learning, predictive power, and automation will continue to redefine cybersecurity without replacing the human element, making it essential for both offense and defense to embrace and leverage it as a tool in their tool belt.

Ariel Parnes, Co-Founder and COO, MITIGA 

The lethal combination of AI-powered attacks and SaaS vulnerabilities will redefine the threat landscape. In 2025, two critical trends will converge to create a perfect storm and reshape the threat landscape:

  1. The growing availability of generative AI for cybercriminals.
  2. The rapid adoption of SaaS applications.

Generative AI, with its ability to craft sophisticated, context-aware content, will empower threat actors to automatically scan SaaS environments, find vulnerabilities, and launch precise, rapid attacks. The barriers to creating adaptive phishing campaigns or exploiting SaaS misconfigurations will drop, enabling even less-skilled hackers to conduct highly targeted attacks.

AI will also help attackers evade detection by continually modifying their techniques. Meanwhile, organizations are adopting more SaaS applications, creating sprawling, interconnected environments and introducing new security challenges. Many organizations lack visibility into their SaaS ecosystems, making it difficult to monitor user behavior, detect threats, and enforce security policies consistently across applications.

Traditional security tools are ill-equipped to protect the decentralized and dynamic nature of SaaS platforms. As business functions shift to the cloud, this gap in SaaS visibility and detection will remain a significant weakness for cybercriminals to exploit. Without real-time monitoring and detection, organizations will be at a disadvantage.

To counter these threats, companies must close the SaaS visibility gap by investing in advanced security tools specifically designed for cloud environments. These tools must leverage AI to keep pace with evolving threats, focusing on real-time detection, anomaly identification, and continuous monitoring across all SaaS applications. 

Scott Kannry, Co-Founder and CEO, AXIO 

  • The need for cyber risk quantification is rapidly moving beyond security teams, making usability the #1 requirement for CRQ solutions. Cybersecurity management has expanded beyond the sole domain of security teams and is increasingly influenced by business leaders and non-technical stakeholders, both inside and outside the org. To be effective, CRQ solutions must be user-friendly, business-focused tools that inform decisions by internal leaders across all departments while facilitating collaboration with external partners through shared, business-oriented risk language.
  • Robust risk quantification will drive tech stack decisions. Risk quantification will play an increasingly critical role in guiding decisions around the adoption of new technologies and the cost and benefits of maintaining legacy systems. This CRQ-centered approach ensures that companies’ tech stacks more precisely align with their risk tolerance and resilience strategies.
  • The traditional CISO role will continue to evolve (and even split into two roles in some orgs). As enterprises navigate an evolving global patchwork of regulations, the scope of the CISO has expanded beyond the traditional purview of overseeing data and information security to new areas like compliance management and boardroom disclosure. Some CISOs will have adapted to—and thrived within—this expanded role. Many companies, however, will opt to split security leadership duties between a technically focused lead and a business/regulatory-focused one.

 

More in Cybersecurity