What will cybersecurity look like in 2025?
Looking three years ahead into the future of cybersecurity
Cybersecurity is doing well despite an overall global slowdown in tech hiring.
Cybercriminals do not care about recessions and do not go on holidays, so companies really cannot afford to cut down on spending when it comes to cybersecurity
As per this research:
The global cyber security market size is projected to reach USD 500.70 billion by 2030, registering a CAGR of 12.0% from 2022 to 2030
Those are some impressive stats; however, if you are in cybersecurity, now is not the time to smile and chill, thinking your job is safe and secure.
Like all industries, cybersecurity is undergoing profound changes, and those who do not adapt will be left behind.
All of which makes us ask the question. What will cybersecurity look like after three years?
Below are my predictions, and if you are reading this in the future from 2025, please comment and let me know how wrong ( or right ) I was!
I have tried to focus on things that might be considered game-changers and not obvious stuff like malware attacks, cloud computing, DDOS, etc., which, honestly, everyone knows are going to grow!
Let us take a look
1. Automation will replace certain cybersecurity jobs
YES, I hate to tell you this, but mundane, monotonous jobs WILL get replaced by automation, and cybersecurity is no different
Suppose your current role involves simply responding to alerts or downloading security findings and emailing them to a team. In that case, your job is at risk of being automated in the coming years.
Below is a screenshot from the website “Will robots take my job” for the results for Information Security analysts
While the website tells us to start worrying, I would suggest looking at this as an opportunity and learning new skills that help you create a career in security automation instead of just doing a new cert and calling it a day.
2. Quantum computing going mainstream
Another significant change that is going to happen is the adoption of Quantum computing, which is slowly going to replace traditional computing over time.
If you have no idea what Quantum computing is and think it is the name of the new Antman movie coming out, then read this article
Quantum computing is exponentially more powerful than traditional computers and is a game-changer for science and research. It will also become a severe problem for cybersecurity as our encryption algorithms will suddenly become very easy to crack.
Quantum computing is currently in the hands of a few technology companies. Still, if history has taught us anything, we know it will become cheaper and easier to access AND wind up in the hands of cybercriminals soon.
Expect Quantum safe cryptography to become more and more prominent in cybersecurity circles going forward.
3. AI-based cybercrime will increase.
Whenever AI and cybersecurity is mentioned, people automatically think about AI-powered products however, another alarming trend that will increase is the (mis)use of AI
Below are just a few examples that are going to become more and more common in the coming years:
Use of Deepfake for committing a new type of identity fraud
Use of tools like ChatGPT to create more powerful phishing programs
4. Attacks on AI systems will increase
Just like SQL injection attacks became commonplace in the early 2000s, we are going to see attacks unique to AI systems like Data Poisoning and Membership inference become more and more prominent.
Below are just a few examples
Inference attacks on AI systems
Data Poisoning attacks on AI systems
Expect to see AI-specific firewalls showing up just like vendors cashed in on the Web Application Firewall phase.
5. IoT attacks will go mainstream
The Internet of Things (IoT) is becoming more and more commonplace within our homes. Attackers are well aware of the attack surface comprising of appliances, cameras, sensors, wearable gadgets, etc. which can be hacked into or weaponized in a massive DDOS attack.
With the trend of smart cities expected to increase drastically, IoT attacks will become more and more common, and imagine the devastation of an IoT attack on an entire smart city!
6. Zero Trust to become part of compliance standards
Zero Trust is one concept that is often misused and misapplied. It is not a product you install nor a certificate you get but a philosophy to be applied in which the trustworthiness of every request/device is checked regardless of whether it is within or outside the network
Cybersecurity teams have struggled to make zero trust relevant in the organization so expect standards like PCI DSS and ISO 27001 to start mandating it in the future. It is easily the best way to make companies sit up and take notice
Hope you found this useful ! Do share this newsletter with anyone you feel might benefit