Cybersecurity in 2025: Hybrid Strategies, Deepfakes and Crypto-Agility

As technologies emerge, bad actors will inevitably attempt to use them to make cyberattacks more sophisticated and effective.

Generative AI, hybrid cloud infrastructure and quantum computing are opening new attack vectors but also presenting opportunities to thwart them.

IoT World Today has collected cybersecurity predictions from companies across industries, looking into how they expect the industry to change in the coming year, what technologies are set to emerge and how businesses can adapt to meet the changing landscape.

Here are some of the major trends anticipated for 2025, including the rise of quantum-safe cryptography, adversarial AI, deepfakes, crypto-agility and the hybrid skillsets required to take on this year’s new challenges.

Nataraj Nagaratnam, IBM Fellow, CTO of security for cloud and AI infrastructure:

“Cybersecurity teams will no longer be able to manage threats in isolation effectively. Threats from generative AI and hybrid cloud adoption are rapidly evolving. Meanwhile, the risk quantum computing poses to modern standards of public-key encryption will become unavoidable.

Given the maturation of new quantum-safe cryptography standards, there will be a drive to discover encrypted assets and accelerate the modernization of cryptography management. Successful organizations will be those whose executives and diverse teams jointly develop and enforce cybersecurity strategies, embedding security into the organizational culture.”

Related:Utilities Embrace AI for More Integrated Operations: Cisco Study

Dave Merkel CEO and co-founder at Expel:

“Everyone keeps asking: ‘What will happen when attackers use AI?’ They already are in the realm of social engineering, but what about something more sophisticated?

The unfortunate reality is we won’t know because, most likely, it'll look exactly like a very fast, very efficient human attacker. We’ll only really understand adversarial AI use when attackers are caught and their tools are confiscated and/or exposed.

Right now, it’s a bogeyman, but the defenders trying to optimize for hygiene and resilience and “mean-time-to-everything” for detection and response are doing the right things to be ready when the monster strikes.”

Cat Starkey, CTO at Expel:

“Detection and response (D&R) engineering has historically demanded a combination of cybersecurity expertise and software engineering skills. But as technology evolves, particularly in the hands of attackers, it’s becoming increasingly important to weave AI into your detection and response strategy, thus requiring a new skill set for D&R engineers.

Related:Humanoid Robot to Build Cars for Chinese Automaker

Ultimately, this evolution will benefit and empower engineers: Offloading some of the grunt work of crafting D&R strategies so our human minds can apply technologies more efficiently and effectively. That said, it will also require platform engineering to automate model retraining and deployment, further reducing the time and effort necessary to apply AI technologies to D&R strategies.

The good news is that D&R engineers tend to be driven by a desire to do good and defeat evil. They’re constantly striving to stay ahead of attackers, learning new skills and evolving for new domains. All that means now is adapting to AI to meet and beat those attackers on a new playing field.”

Matt Aldridge, principal solutions consultant, OpenText Cybersecurity:

“I predict that we’ll see more enterprises begin to embrace the latest NIST Cybersecurity Framework version 2.0. The broader and more pragmatic approach of this latest iteration will empower a much greater range of organizations to benefit from its best practices. Any organization will be able to assess its current posture against the standard, using its baselines to inform strategic investment of resources, targeting their areas of highest risk exposure.

Last year, our prediction came to pass that phishing attacks would become more sophisticated, targeted and difficult to spot, due in large part to the proliferation of generative AI. We predict that this trend will continue, as attackers continue to become better armed with AI-integrated solutions such as next-generation phishing kits. Ensuring that all bases are covered will need to be top of mind for small and medium-sized business (SMB) defenders. Getting the basics right has never been more critical.

We are coming toward the tipping point at which alternatives to password authentication can become a true practical reality. I foresee SMBs continuing to enhance their authentication implementations and this may include the adoption of passkeys, FIDO2 tokens and other password-free solutions to largely sidestep the current phishing and credential-stuffing techniques used by attackers.

In the cybersecurity arms race, defenders are continually trying to keep pace with attackers and their latest techniques. 2025 will see this cat-and-mouse game continue, with AI-enhanced attacks increasingly going up against AI-powered defenses. Defenders will need to focus on understanding the AI capabilities and limitations of their solutions, helping them to avoid complacency while increasing their speed and agility when detecting and responding to attacks.

Fraudsters will continue to evolve their approach regarding business email compromise and related social engineering attacks. We have already seen multiple communication vectors being used creatively to make their campaigns even more convincing, but I predict that in 2025 fraudsters will take this to the next level, leveraging AI models to deliver highly crafted and targeted deepfake voicemails to targets while also hitting them with more elaborate video calls and online meetings which will also be further empowered by AI and deepfakes. Combining this sophistication with the already highly crafted email, SMS and instant messaging manipulation, these types of fraud will continue to deliver huge paydays for criminal gangs.

We didn’t see a catastrophic software supply chain attack during 2024, I suspect that work is underway by criminal groups and nation-state teams who have a special focus in this area and we may see the fruits of their labor during 2025. It is critical that organizations continue to increase scrutiny across all of their suppliers to validate that an upstream vendor cannot be the weakest link in their chain of security, however with proprietary software this is an extremely tough challenge. SBOMs have been helping a little in this regard, but they do not address the whole issue. Continued network segmentation and anomaly detection are fundamentally crucial to rapid detection and response for this type of attack.”

Mike Detwiler, CEO, 3Pillar:

“In 2025, as deepfakes run wild and injection attacks get more sophisticated, businesses are contending with a potential cyber nightmare, especially as it relates to modern application development. To stay ahead, companies must weave iron-clad security into every stage of the app development lifecycle, ensuring resilience against increasingly complex threats. Robust authentication, encryption and governance frameworks will become standard practice, safeguarding critical data and future-proofing applications for the rapid advancements in AI.”

Gary Orenstein, CCO, Bitwarden:

“Improper identification in telecoms was up 55% this year, compared to 2023, in the face of shifting password guidance and we can expect 2025 to bring more changes in security for businesses and consumers alike. 

Tools will become more adaptive and contextual by using behavior, proximity and permissions to create seamless authentication flows.

Expect increased adoption of passwordless solutions, like passkeys and biometrics, coupled with AI-driven threat detection to further streamline user experiences and elevate security. This will allow for more granular policy controls across devices, helping organizations enforce security without adding friction to the user experience.

The 2024 Bitwarden Cybersecurity Pulse survey found that 89% of tech leaders are already concerned about existing and emerging social engineering tactics enhanced by generative AI, underscoring the heightened risks. In 2025 people will likely adapt to more believable attacks, but the speed and sophistication of these threats may outpace defense measures. The best way to combat these threats will be layered security—combining passwordless solutions, multi-factor authentication (MFA) and continuous education for employees on identifying potential scams.”

Keatron Evans, vice president of AI strategy, Infosec Institute:

“People who are serious about maintaining an edge in cyber need to get themselves closer to the technology, not just the consumer usage of it. 2025 will be the year of truly advocating for understanding the underlying technology and how it works. That's going to make employees exponentially more valuable.

When we talk about cybersecurity skills gaps, one of the misstatements that people often make is they will attribute that gap to all entry-level roles. However, industry-wide, we have realized that some of the biggest gaps fall under the need for experienced talent with a few years of work under their belts and - of course - their availability. Unfortunately, most are already in the roles they wanted to be in the first place.

With that in mind, we’re likely to see an increase in hands-on/verifiable skills as well as a growth in the popularity of immersive learning. On-the-job upskilling and reskilling will be crucial to retain talent and gain the unique skills needed for different organizations. 

Beyond that, part of the challenge is the level of degrees and certifications required within the industry.”

Todd Moore, vice president of data security products at Thales:

“Given that critical infrastructure will always be a prime target for cybercriminals due to its potential for widespread impact, the disconnect between IT and OT, combined with geopolitical issues, creates the perfect storm for insider threats to thrive. In the year ahead, addressing this gap will be crucial to safeguarding critical infrastructure.

Continuous monitoring and getting ahead of potential threats will become standard practice, along with more robust authentication measures. Compliance with new regulations such as NIS2, DORA, PCI 4.0, the UK Cyber Resilience Act and the EU AI Act will be crucial. We will see some companies move to handle their data on-premises as a result, necessitating the same stringent security postures as cloud environments. 

Quantum computing leverages the quantum world’s unique properties to perform calculations impossible for conventional computers, it also poses significant security risks, prompting researchers to develop post-quantum cryptography to protect against these threats. Crypto-agility is important in adapting evolving security recommendations for quantum computing.

While TLS and SSH protocols are being updated to meet NIST's standards, enterprises will need to embrace crypto-agility in 2025. The biggest barrier will be ensuring they have the time and resources to identify their exposure, take inventory of their assets and employ crypto discovery. This will manifest in a steady rise of crypto centers of excellence among major enterprises. Enterprises must place agility at the center of their quantum readiness, ensuring crypto-agile solutions are leveraged to keep pace with emerging quantum-resistant cryptography."