2025 Cyber Predictions: What's Next for Digital Security? As we move into 2025, there are both exciting opportunities and emerging threats in digital security.

While technology continues to advance, it's crucial to balance its benefits with a keen awareness of the risks, especially when it comes to safeguarding sensitive documents.

There will be a big rise in AI attacks; phishing and social engineering will be a top cause of data breaches:
Artificial Intelligence (AI) is a double edge sword – it helps and it hinders. AI plays a complex role in cyber security, on the one hand it plays a central role in detecting, analysing and responding to threats (think EDR – End Point Detection & Response). Yet a tool for good can also be a tool for the opposite. Cyber criminals are increasingly using generative AI to develop and enhance attacks. For example, personalised phishing emails can be scaled on mass and platforms on the dark web can impersonate a sender's tone, language and style.

Deep fake audio and video content will continue to rise:
This is one of the scariest aspects of AI and we have already seen examples of it and there may be examples we have not yet realised are deep fake. This happens where hackers research an individual on social media, clone their voice and can use available video footage to trick someone who is trusted by the victim. Social engineering tactics like this are now expanding in other channels such as calls, messaging apps, QR codes, social media and text messages.

The threat of quantum computing:
Quantum computers are emerging and the benefits versus risks are still unknown. What we do know is they are great at solving problems far too complex for traditional computers.

More worryingly, a future with quantum computers will require new encryption methods, or we risk leaving sensitive information vulnerable to hackers, even if encrypted. This means bank accounts, online communications and other vital infrastructure will be at risk. Encryption will have to evolve.

Supply chain security:
In recent years there has been an increase in cyber-attacks resulting from vulnerabilities in a supply chain. You are only as safe as your weakest link, yet evaluating supply chains is still not common practice for most businesses. An example of this is so-called 'water holing'. This is where a website used by many people within a larger organisation (such as a local council or health care body which is the main target) visit a website routinely ie the waterhole. The site is compromised by criminals who instal malware which is then inadvertently distributed by these users to the target organisation. It is happening more and more.

IOT Security – Internet of Things:
The rapid expansion of devices (that connect to the internet and networks) such as smart watches, fitness trackers, smart home appliances and assistants such as Amazon Echo and Google Home present security challenges. Because these devices often have weak security features and connect to each other, a vulnerability in one can result in access to another. For instance an electric vehicle could be put at risk from a Bluetooth vulnerability. You can help by using tactics such as segmenting your networks (ie setting up IOT devices on a different network to your business data) and setting up MFA on devices when available.

Finally:
When evaluating your cyber security, it is wise to adopt a holistic approach which considers education, human risk management, technological solutions and cyber insurance coverage.