Cybersecurity challenges in 2025: what to expect

Organisations are expected to face increased challenges in cybersecurity in 2025, with trends impacting patching processes, extended detection and response solutions, quantum computing threats, cloud migration, and the human element within security.

Richard Ford, Chief Technology Officer at Integrity360, highlights the persistent issues organisations face in patch management. Research indicates that in 2024, critical vulnerabilities remained unresolved for an average of 97 days, while lower impact vulnerabilities took approximately 146 days to address. Ford states, "Organisations are still taking a long time to address vulnerabilities... Best practice advice is for critical vulnerabilities to be closed in between 7-30 days, depending on impact, revealing just how exposed these organisations are." He adds, "Until we address the core root of these issues, which is the configuration of systems, patch management and vulnerability and exposure management, these average resolution times will creep up allowing these vulnerabilities to be exploited."

Ford recommends integrating vulnerability management within a broader exposure management program. This approach is aimed at defending against threats and responding to multi-stage attacks through Continuous Threat Exposure Management (CTEM).

One major shift anticipated is the emergence of Extended Detection and Response (XDR) as a preferred solution over Security Incident and Event Management (SIEM) tools. Ford notes the consensus forming around XDR, stating, "The definition for Extended Detection and Response (XDR) will finally be nailed down as the market reaches a consensus on the concept, boosting acceptance and uptake." He predicts that by the end of 2026, SIEM may become a niche product while XDR could become the primary tool for cyber threat management.

Quantum computing is expected to challenge existing encryption standards, leading to significant cybersecurity changes. Ford remarks on the implications, "When quantum computing advances to the point that it can break the encryption methods safeguarding our data, [it] will throw the cybersecurity sector into a state of flux due to our dependency on encryption." Forward-planning organisations are advised to consider adopting quantum-safe algorithms as part of their encryption strategies.

Cloud security is poised to evolve, with Cloud Native Application Protection Platform (CNAPP) technologies becoming increasingly prominent. The shift in focus anticipates cloud security functions taking a significant portion of the security budget, influencing the structure and skill requirements of security teams.

Ford describes the transformation, "With respect to vulnerability management, the technology now exists to make the process of Continuous Threat Exposure Management (CTEM) a reality, facilitating widespread adoption." He expects that CTEM will replace traditional vulnerability management, aiding in the reduction of time to manage high-risk vulnerabilities.

The interplay between human and machine interaction in cybersecurity is another aspect organisations must watch closely. As AI technologies advance, techniques such as deepfakes are becoming more sophisticated. Ford highlights the need for security awareness training to evolve, noting, "Employees need to become the first line of defence, transforming them into active participants in safeguarding the organisation against evolving threats." Effective leadership and clear communication of cybersecurity risks are essential to embedding a strong security culture within organisations.