Author: bacohido

As one of his final official acts, President Joe Biden issued a landmark directive, addressing the evolving challenges posed by cyber threats while charting a strategic course toward a more secure digital ecosystem.

Related: How Trump views of AI, crytocurrency, cybersecurity

As a new White House administration takes charge, one can only hope that the U.S. follows through on this commitment to fortify cyber defenses at home, as well as cooperate with allies abroad to safeguard critical infrastructure, businesses and citizens, globally, from escalating cyber threats.

In recent years, the frequency and sophistication of cyberattacks have surged, targeting industries ranging from healthcare and energy to finance and education. Nation-state actors, ransomware groups, and hacktivists have compromising sensitive data, disrupted essential services and interfered with elections.

Against this backdrop, Biden’s cybersecurity executive order (EO) delivers a much-needed framework for enhancing cybersecurity resilience across public and private sectors.

Biden’s EO builds on earlier initiatives, such as the Cybersecurity and Infrastructure Security Agency’s (CISA) “Shields Up” campaign and the federal government’s Zero Trust Architecture (ZTA) mandates. It goes further by introducing actionable measures to address systemic vulnerabilities and promote collaboration between government entities, private enterprises and international allies.

Biden’s key provisions

At its core, the Biden EO emphasizes a proactive approach to cybersecurity, with several key provisions:

•Critical infrastructure security: Recognizing that critical infrastructure underpins national security and economic stability, the EO mandates stricter security protocols and encourages the adoption of advanced technologies to detect and mitigate threats.

•Supply chain integrity: To counter risks posed by compromised software and hardware, the EO calls for comprehensive supply chain risk assessments and adherence to secure software development practices, including the Software Bill of Materials (SBOM).

•Public-private partnerships: The EO strengthens collaboration between government agencies and private sector stakeholders. By fostering information-sharing initiatives and incentivizing the adoption of best practices, the administration aims to close communication gaps that have historically hindered incident response efforts.

•Workforce development: Addressing the cybersecurity talent shortage, the EO allocates resources to expand training programs, scholarships, and pathways for underrepresented groups to enter the cybersecurity field. Building a diverse and skilled workforce is vital for long-term resilience.

•Global cyber norms: Recognizing that cybersecurity is a transnational issue, the EO reaffirms the U.S. commitment to international cooperation. Establishing global norms and agreements can reduce the risk of conflict and promote collective action against cyber adversaries.

Why this matters now

This EO arrives at a pivotal moment when cyber threats are not only increasing in number but also in complexity. The ongoing digitization of critical infrastructure—from water systems to transportation networks—exposes the nation to unprecedented vulnerabilities. Furthermore, the rise of generative AI has introduced new attack vectors, enabling threat actors to launch sophisticated phishing campaigns and exploit emerging technologies.

However, what sets this EO apart is its holistic perspective. It does not merely respond to threats but seeks to anticipate and mitigate them by integrating cybersecurity into the fabric of governance, commerce, and innovation. By emphasizing collaboration and systemic improvements, the EO lays the groundwork for sustainable progress.

While the challenges are formidable, Biden’s EO inspires optimism for several reasons. First, its emphasis on Zero Trust principles signals a paradigm shift in cybersecurity, moving away from perimeter-based defenses to a model that assumes breaches will occur and limits their impact.

This approach aligns with industry best practices and reflects a growing consensus on effective defense strategies.

Cultivating talent

Second, the EO’s focus on workforce development and diversity has the potential to catalyze a new era of innovation. By investing in the next generation of cybersecurity professionals, the U.S. can cultivate talent capable of addressing both current and future challenges.

This initiative also positions the country as a leader in cybersecurity education and training, setting an example for other nations to follow.

Third, the commitment to public-private partnerships represents a significant step forward in bridging the gap between policy and practice. Cybersecurity is a shared responsibility, and the EO’s collaborative framework encourages stakeholders to work together toward common goals. This unity is essential for creating a resilient digital ecosystem.

Global norms needed

Finally, the EO’s emphasis on global cyber norms reflects an understanding that cybersecurity is a global issue requiring coordinated action. By leading international efforts to establish norms and agreements, the U.S. can foster a more secure and stable digital environment for all nations.

President Biden’s cybersecurity EO is a bold and comprehensive response to the pressing challenges of our time. By addressing vulnerabilities, promoting collaboration, and investing in the future, it paves the way for a more secure and resilient digital landscape.

Implementation will require sustained effort and cooperation – meaning President Trumo must embrace this blueprint for progress. In the face of relentless cyber threats, this initiative stands as a beacon of hope and a testament to what can be achieved through collective action.

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

---

 

The post MY TAKE: Here’s why Donald Trump really needs to fully embrace Joe Biden’s cybersecurity EO first appeared on The Last Watchdog.

To wrap up our 2024 year-end roundtable, we turn our attention to new technologies and trends that are emerging to help bridge the gaps.

Part four of our  four-part series

From cybersecurity skills shortages to the pressures of hybrid work, the challenges facing organizations are at an all-time high. Experts here explore the importance of fostering a resilient workforce, backed by AI-enhanced training and layered security strategies.

The encouraging news is that new technologies, like Zero Trust architecture and AI-enhanced security tools are gaining traction – for instance, AI is expected to take a much larger role, going forward, in helping organizations address the persistent talent shortage, which in turn, will make automated defenses, focused at the Internet edge, even more effective.

As companies continue to grapple with rising threats and the shifting needs of a digital world, building a strong, adaptable team may be the ultimate key to survival.

Dr. Madhu Shashanka, Chief Data Scientist, Concentric AI

Generative AI in 2025 will bring transformative opportunities but heightened cybersecurity risks, including data exposure, AI misuse, and novel threats like prompt injection attacks. Enterprises must secure AI agents, adopt proactive data governance, and deploy AI-based security platforms. Collaborative efforts between security vendors, AI providers, and businesses will be key to counter automated, scalable attacks. Real-time defense and a robust security mindset are crucial to staying resilient.

Karl Holmqvist, CEO, Lastwall

In 2025, the “Steal-Now, Decrypt-Later” threat will accelerate post-quantum cryptography (PQC) adoption. Quantum computing advances are making traditional encryption obsolete, and adversaries are stockpiling data for future decryption. FIPS-203 enables legal PQC deployment, prompting CISOs to overhaul encryption strategies. Without action, quantum-enabled breaches threaten critical data, national security, and global stability.

Pedram Amini, Chief Scientist, Opswat

The sophistication and abuse of AI are escalating as costs drop, driving a surge in ML-assisted scams and attacks on physical devices. Organizations face rising risks of AI-driven social engineering and personal device breaches. As compute costs decrease, autonomous operations and AI-discovered zero-day exploits loom. While fully agentic AI malware remains years away, the industry must prepare now.

Or Shoshani, CEO,   Stream Security

In 2024, 65% of breaches involved cloud data, highlighting a critical gap in cloud security. Despite widespread cloud adoption, most SecOps teams rely on outdated, on-premises alert tools, leading to missed threats and wasted resources on false positives. To reduce cloud-based attacks, organizations must integrate real-time cloud insights into SOCs, ensuring consistent threat detection, faster responses, and lower risks of material breaches in 2025 and beyond.

Jimmy Xu, Field CTO, Cycode

In 2025, application security will evolve from vulnerability identification to intelligent prioritization and automated remediation, enabling developers to address critical risks within their workflows. With tighter budgets, organizations will adopt integrated platforms for efficiency and cost-effectiveness. Traditional AST tools disconnected from the SDLC will fade, while AI capabilities will become essential, augmenting security teams and protecting AI-powered applications.

Bojan Simic, CEO, HYPR

The era of passwords will further decline as credential misuse rises, with AI both aiding and challenging security efforts. Our research reveals 69% of breaches are rooted in inadequate authentication and 78% of organizations have been targeted by identity-based attacks. The growing sophistication of cyber threats demands robust identity assurance solutions that include multifactor authentication, risk monitoring and adaptive verification – collectively forming multi-factor verification (MFV.)

Theresa Lanowitz, Chief Evangelist,   LevelBlue

In 2025, cybersecurity success hinges on integrating it into core business operations. DevSecOps shifts security from a reactive process to a proactive framework, embedding it early in development. Collaboration between cybersecurity, development, and business teams requires data-driven insights and shared priorities. By addressing attack vectors upfront and aligning security with business goals, organizations can build resilience and make cybersecurity a fundamental business requirement.

Oliver Tavakoli, CTO, Vectra AI

In 2025, the initial excitement surrounding security copilots will begin to diminish; we’ll see a shift in the narrative toward more autonomous AI systems designed to operate independently, requiring minimal human intervention. Marketing efforts will increasingly highlight these autonomous AI models as the next frontier, touting their ability to detect, respond to, and even mitigate threats in real-time – all without human input.

Tim Freestone, Chief Strategy Officer, Kiteworks

Organizations can address the privacy and compliance talent gap by using AI to automate tasks like audit trails, data access logs, and compliance monitoring. This frees teams for strategic efforts like risk management. Promoting continuous learning in privacy tech, AI governance, and Zero Trust, alongside partnerships with educational institutions, helps build a skilled workforce to meet evolving regulatory demands.

Doug Dooley, COO, Data Theorem

In 2025, cybersecurity threats will escalate across APIs, cloud setups, supply chains, and cryptocurrency. API exploits will target shadow APIs and broken object-level authorization (BOLA) flaws, while cloud misconfigurations in hybrid setups expose sensitive data. Supply chain attacks will intensify through poisoned APIs and unchecked software dependencies. AI-powered cryptocurrency attacks will automate phishing and exploit vulnerabilities. Organizations must automate cloud monitoring, fortify supply chains, and leverage AI defenses.

Sagie Dulce, VP Research, Zero Networks

In 2025, AI will empower both defenders and attackers—improving incident response for the former while accelerating exploits and phishing for the latter. Securing AI poses challenges due to unpredictable backends and access to sensitive data. To mitigate risks, organizations must enforce Zero-Trust principles, limit AI access to privileged accounts, and sanitize AI prompts. As tech complexity rises, Zero-Trust remains critical for robust cybersecurity.

Tim Tang, Director, Enterprise Solutions, Hughes Network Systems

As cyber threats escalate, AI-enabled technologies are enabling enterprises to mount an effective defense. Enterprises are using AI-enabled automations to satisfy the Tier 1 cyber activities. Network Detection and Response (NDR) solutions use AI to extrapolate and identify latent threats. Anti-ransomware solutions incorporate AI to aggregate system-level insights and protect against zero-day attacks. AI is also easing cyber talent gap — by increasing productivity, job satisfaction and thus retention.

Alex Thaman, CTO, Andesite

Criminals and nation states will become much faster and more sophisticated at gaining unauthorized access — and acting on that access. I would expect to see a stepwise increase in sophistication in 2025 leaving many organizations unprepared until improved defense technology and better training is adopted. We can expect security teams feeling pressure to adopt new technology quickly.

Ratan Tipirneni, CEO, Tigera

To maximize GenAI’s value, enterprises will customize models using proprietary data and Retrieval-Augmented Generation (RAG) architectures tailored to their specific needs. With flexibility in deploying GenAI across cloud and on-premises environments, Kubernetes is emerging as the dominant platform. This shift heightens the focus on securing Kubernetes with microsegmentation, continuous monitoring, vulnerability management, and runtime protections to safeguard sensitive data as GenAI adoption surges in 2025.

Stephen Kowski, Field CTO, SlashNext Email Security+

Organizations can address the cybersecurity talent gap by using AI-powered automation for routine tasks like threat detection and incident response. This enables security teams to focus on strategic priorities and complex investigations. AI acts as a force multiplier, reducing alert fatigue and burnout while processing vast security telemetry. Key applications include automated phishing detection, real-time behavior analysis, and intelligent event correlation across channels, enhancing efficiency and impact.

Mario Vargas Valles, VP Global Technology Alliances,   Protegrity

AI’s ability to read and interpret compliance requirements through Natural Language Processing (NLP) will help ensure regulatory alignment, adding layers of security across regions and industries. And as regulations tighten globally, AI itself will need to meet high transparency standards, actively supporting data governance with automated discovery, classification, and quality control processes.

Prashanth Nanjundappa, VP, Product Management,   Progress

Quality Assurance Operations (QAOps)  helps ensure quality assurance is part of the software development lifecycle. QAOps will help DevSecOps adoption by fostering better collaboration between QA, development, operations and security teams. This integrated approach reinforces that security is a shared responsibility and helps confirm all teams are aligned on security goals.

Amit Zimerman, Chief Product officer, Oasis Security

The shortage of AI security skills is a growing concern. Organizations must invest in AI security training, focusing on foundational knowledge and emerging threats like prompt injection. Partnering with universities and certification bodies can standardize curricula, while fostering collaboration between AI, security, and engineering teams enhances threat response. Integrating AI-enabled security tools requires real-world testing, updating legacy frameworks, and adopting flexible policies to stay ahead of evolving threats.

Ariel Parnes, COO, Mitiga

In 2025, the convergence of generative AI and SaaS adoption will redefine cybersecurity. AI will enable attackers to craft adaptive phishing campaigns, exploit SaaS vulnerabilities, and evade detection, lowering the skill barrier for cybercriminals. Simultaneously, SaaS sprawl will create visibility gaps, leaving organizations vulnerable. To counter this, businesses must adopt AI-driven security tools for real-time monitoring, threat detection, and anomaly identification across cloud applications.

Scott Kannry, CEO, Axio

Cybersecurity is now a business-wide concern, requiring user-friendly, business-focused risk quantification (CRQ) tools to guide decisions on technology adoption and legacy systems. CRQ fosters collaboration via shared risk language and ensures tech stacks align with risk tolerance. As regulations evolve, CISOs are taking on compliance and disclosure roles, prompting some companies to split security leadership into technical and business-focused positions to address these expanded demands.

Chris Jones, CTO & Chief Data Officer, Nightwing

In 2025, Chief Data Officers (CDOs) must evolve beyond compliance and risk management to unlock data’s strategic potential. As global data complexity grows, CDOs will drive value by enabling advanced analytics, uncovering insights, streamlining operations, and identifying new opportunities. Balancing data management with business innovation, CDOs will bridge the gap between defense and growth, ensuring organizations capitalize on accessible data to achieve strategic goals.

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

---

 

The post LW ROUNDTABLE:  Predictive analytics, full-stack visualization to solidify cyber defenses in 2025 first appeared on The Last Watchdog.

Today, part three of Last Watchdog’s year-end roundtable zeroes in on the regulatory and compliance landscape.

Part three of a four-part series

In 2024, global pressure on companies to implement advanced data protection measures intensified, with new standards in encryption and software transparency raising the bar.

From the push for quantum-resilient cryptography to Software Bill of Material (SBOM ) requirements aimed at bolstering supply chain security, this installment examines the regulatory changes and evolving technical standards poised to reshape compliance expectations.

Our experts discuss the impact of these standards and how organizations can position themselves to adapt to the shifting requirements of a complex, compliance-driven worl

Dr. Leila Powell, Head of Data, Panaseer

In 2025, more organizations will face increased pressure to measure and demonstrate their security posture, especially as regulatory requirements expand. With new regulations like NIS2, companies will need to prove they have the necessarysecurity controls in place to avoid penalties. This shift is expected to place significant pressure on organizations that haven’t yet developed trusted data to manage risk effectively.

Dane Sherrets, Innovation Architect, HackerOne

We’ll see greater industry adoption of AI security and safety standards. One  example of is AI model cards, which inform users about how AI models are intended to be used . . . I’m also confident we will see more organizations become more concerned with responsible AI adoption and use adversarial testing methods, like AI red teaming, to identify safety and security challenges in GenAI.

Ravi Srivatsav, CEO, DataKrypto

Non-compliance with regulations, such as the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), risks severe penalties. And industries like healthcare face persistent targeting due to their outdated systems and high-value data. To mitigate risks, businesses will invest in modern, privacy-enhancing technologies (PETs), such as trusted execution environments (TEEs) and fully homomorphic encryption (FHE).

Mark Wojtasiak, VP of Research and Strategy, Vectra AI

In the coming year, we’ll see the initial excitement that surrounded AI’s potential in cybersecurity start to give way due to a growing sense of disillusionment among security leaders. Vendors will need to demonstrate tangible outcomes, such as reduced time to detect threats, improved signal accuracy, or measurable reductions around time spent chasing alerts and managing tools.

Frank Balonis, CISO, Kiteworks

By 2025, 75% of the global population will be protected under privacy laws, including U.S. state privacy laws, the EU’s governance of ethical AI deployment, and updated regulations in India and Japan. Similarly, software bills of materials (SBOMs) underscore the need for better accountability in third-party software. Fostering cross-department collaboration between compliance, IT and legal teams can help organizations stay ahead — and maintain stakeholders’ trust.

Howard Taylor, CISO, Radware

The EU’s AI First regulation aims to protect individuals from AI-based profiling and decision-making. However, compliance officers must also address emerging risks from Generative AI, like unintentional copyright violations from copied protected content. With regulators unlikely to act soon, the risk management community must proactively define issues and establish rules to address these challenges.

Vishal Gupta, CEO, Seclore

In 2025, cyber regulations will shift focus from privacy to geopolitics. Following decades of security control mandates and privacy rights protections, new laws will prioritize national interests amid rising geopolitical tensions. Policies like the CHIPS Act and stricter ITAR/EAR rules reflect a “country over collaboration” mindset, with regulations aiming to shield supply chains and counter perceived adversaries, reshaping the global cybersecurity landscape.

Marielle Ehrmann, Chief Security Compliance & Risk Officer, SAP

The convergence of AI and cloud computing is reshaping the regulatory landscape. Key measures like the EU Cybersecurity Act, US software transparency rules, and AI-focused laws (e.g., EU AI Act) demand proactive adaptation. The SEC Cybersecurity Disclosure Rule highlights transparency in governance. To stay compliant, organizations should centralize compliance management, automate monitoring, conduct regular audits, and enforce AI governance to align with evolving global standards.

Wade Barisoff, Director of Product – Data Protection, Fortra

In 2025, new global regulations like the EU AI Act, GDPR updates, Malaysia’s privacy laws, and U.S. state privacy laws are reshaping compliance. Smaller businesses must now adhere to strict standards, focusing on tools and processes to protect data and partners. Failure risks fines or supplier bans. These rules, targeting first-party suppliers, will likely expand as attackers exploit vulnerabilities, driving evolving compliance requirements.

Jose Seara, CEO, DeNexus

Recent regulatory updates highlight a shift toward robust cyber risk governance, requiring organizations to adapt. The NIST Cybersecurity Framework 2.0 emphasizes governance, while the SEC mandates cyber risk reporting and incident disclosures. CISA updated its “Secure by Design” guidance, and the EU’s Cyber Resilience Act and NIS2 added new requirements. Proactive collaboration and cyber risk quantification are key to ensuring operational resilience and security.

Dana Simberkoff, Chief Risk, Privacy and Information Security Officer, AvePoint

Thoughtful regulation can drive innovation by creating guardrails that foster trust and safety while maintaining flexibility. The EU’s AI Act exemplifies this balance, potentially inspiring global standards. New EU cybersecurity regulations, akin to GDPR’s transformative impact, will reshape defense-in-depth strategies. Heightened focus on third-party risk, spurred by incidents like CrowdStrike, underscores the urgency of supply chain transparency, SBOMs, and proactive vendor risk management to avoid costly vulnerabilities.

Alex Hoff, Chief Strategy Officer, Auvik Networks

As technology evolves, regulations struggle to keep pace, especially around AI and data privacy. National and international organizations must navigate compliance complexities from differing state, federal, and global requirements. Adhering to frameworks like NIST or CIS can help, but compliance alone doesn’t guarantee security. Overemphasizing compliance risks diverting resources from advanced security challenges. Success lies in balancing regulatory demands with proactive security innovation.

Dale Hoak, Director of Information Security, RegScale

By 2025, AI-driven compliance tools will dominate as regulatory demands grow, replacing manual GRC processes. Organizations will automate real-time checks, audits, and risk monitoring, fueled by stricter frameworks like GDPR and FedRAMP. Privacy law convergence will ease global commerce by standardizing rules, urging businesses to adopt agile GRC systems. Supply chain cybersecurity certifications will rise, driving demand for platforms offering vendor risk assessment, monitoring, and reporting.

Bruno Kurtic, CEO, Bedrock Security

By 2025, rising AI regulations and security risks will push organizations to prioritize data visibility, classification, and governance. Creating a data bill of materials (DBOM) for AI datasets will become standard, detailing data origin, lineage, and sensitivity to ensure responsible AI training. Scalable solutions and strict entitlements will enhance access control, advancing data governance and reducing exposure risks as data volumes grow.

Jeff Krull, cybersecurity practice leader, Baker Tilly

In 2025, stronger regulations like GDPR and CCPA, along with advancements in security technology, will enhance consumer device protection. Tech companies are adopting “cybersecurity by design,” embedding encryption, biometrics, and multi-factor authentication into products. Government initiatives and awareness campaigns will educate users on phishing and malware threats. Despite progress, the human element remains a challenge, underscoring the need for ongoing digital literacy to complement these evolving protections.

Dylan Owen, CISO, Nightwing

In 2025, cyber regulations will impact key sectors like Defense, Healthcare, Finance, and Energy. The Cybersecurity Maturity Model Certification (CMMC) rollout will require Defense contractors to upgrade systems, incurring costs. AI/ML regulations will address ethical concerns like bias and transparency, while federal and state efforts push for unified privacy laws. Critical Infrastructure reporting rules from CISA and TSA could also reshape compliance, highlighting cybersecurity’s bipartisan importance.

Rahul Kannan, President, COO & Head of GTM, Securin 

The recent CrowdStrike outage underscored the impact of flaws in development, demonstrating that secure coding practices are crucial to preventing disruptions. As breaches continue to escalate in frequency and cost, the demand for cyber insurance and heightened regulatory compliance will rise, pushing companies to not only protect their data but to prove adherence to evolving security standards.

Nick Mistry, SVP, CISO, Lineaje

Most companies work with 11 third parties — 98% of whidh have experienced a breach. Amazon’s third-party property management vendor came out as the latest victim in the MOVEit Transfer incident . . . . businesses need to proactively detect and address risks in the software supply chain and use solutions that provide frequent security audits, assessments, and ongoing third-party software monitoring.

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

---

 

The post LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold first appeared on The Last Watchdog.

Continuing our look back at 2024, part two of Last Watchdog’s year-ender roundtable turns its focus to emerging threats vs. evolving defense tactics.

Part two of a four-part series

The explosion of AI-driven phishing, insider threats, and business logic abuse has forced a shift toward more proactive, AI-enhanced defenses. The drivers are intensifying. Gen AI threats and quantum computing exposures must be accounted for. Meanwhile, while business logic hacks, supply chain holes, and cyber extortion continue to loom large.

Defenders must evolve – more rapidly that ever — to meet these growing challenges. Today’s insights offer a close look at how the most agile organizations are tackling these threats head-on.

Brandon Williams, CTO, Conversant Group

Predictions for 2025 point to attack speeds increasing by up to 100X, necessitating faster detection and response times. Businesses must adopt tools and automation capable of invoking immediate action, even at the risk of false positives. IT teams need greater trust to act decisively, such as disconnecting systems during threats. Raising security baselines across industries is essential, with risk mitigation—not acceptance—becoming the standard.

Shirley Slazman, CEO, SeeMetrics

In 2025, organizations will recognize that adding more tools doesn’t equate to better security. Similarly, relying on compliance checkboxes for static reassurance will no longer suffice. True visibility requires the ability to blend data from multiple tools. By correlating this data with programs, certifications and threats, businesses can manage their defenses with full context. This empowers them to proactively prioritize what matters most.

Dr. Darren Williams, CEO, BlackFog

Lesser-known ransomware groups like Hunters International will grow rapidly, leveraging AI for more efficient attacks, while “gang-hopping” by cybercriminals complicates attribution and containment. Deepfake scams will escalate, with threat actors using AI to create convincing impersonations of executives, risking personal and corporate brands. Meanwhile, ransomware attacks on healthcare providers will persist, targeting outdated systems and jeopardizing patient care, emphasizing the need for stronger defenses to protect critical services.

Jim Alkove, CEO, Oleria

Identity is cybersecurity’s biggest challenge. Attacks targeting identities rose 71% last year, with valid accounts as the top entry point. Attackers aren’t hacking in — they’re logging in. Legacy IAM systems can’t keep up as AI-powered phishing and deepfakes grow more sophisticated. Organizations must adopt adaptive, automated identity security and fine-grained access controls, like the solutions Oleria is developing, to stay protected.

Bindu Sundaresan, Cybersecurity Director, LevelBlue

In 2025, cybercriminals will exploit supply chain vulnerabilities, ransomware, IoT botnets, and AI-driven phishing. Ransomware targeting critical services highlights the need for secure software lifecycles and vendor verification. Rising IoT use demands standards to prevent device weaponization, while AI-enabled phishing challenges defenses. Organizations must fortify supply chains, adopt IoT standards, and leverage AI to stay ahead in this evolving threat landscape.

Pascal Geenens, Director of Threat Intelligence, Radware

In 2025, AI-driven exploitation will challenge cybersecurity teams with shrinking windows between vulnerability disclosure and attack. Automated one-day exploits will demand real-time responses, rendering traditional patching cycles inadequate. Success will require adaptive, AI-driven defenses and a proactive, strategic mindset. Agility and innovation will define the defenders who can stay ahead in this escalating battle.

Ayan Halder, Principal Product Manager, Traceable AI

The Bot Protection industry has traditionally focused on browser automation attacks using client-side signals. However, the rise of APIs and Crime-as-a-Service tools enables attackers to bypass traditional methods and target APIs directly. By 2025, traditional bot detection and advanced API analytics will converge, expanding API security to include robust bot detection and safeguards against business logic abuse, reshaping API runtime protection strategies.

Bruce Kornfeld, Chief Product Officer, StorMagic

As edge infrastructure expands, the associated attack surface will also grow, necessitating heightened security measures. By 2025, CIOs must adopt comprehensive security frameworks that address vulnerabilities at the edge without compromising overall IT integrity.

Sohrob Kazerounian, Distinguished AI Researcher, Vectra AI

In 2025, a flood of vulnerabilities will result from apps built on large language models (LLMs.) LLMs grant access to private data and take actions on behalf of users. Compromised LLM-based applications could expose large amounts of personal information, disrupt essential services, or lead to manipulations of decision-making processes. Security teams will need to address the unique risks posed using LLMs in mission critical environments.

Wayne Hurd, VP of Sales, Luminys 
Video Surveillance as a Service (VSaaS) advancements will provide more accurate threat detection that allows security teams to focus on real risks, minimizing false alarms. VSaaS can support regulatory compliance across the supply chain, helping to build trust among stakeholders.  VSaaS reduces hardware requirements and energy consumption, supporting organizations’ environmental goals while meeting customer expectations.

Neil Jones, Director of Cybersecurity Evangelism, Egnyte

If there’s any cybersecurity topic you need to familiarize yourself with in 2025, it’s wiper technology, which could potentially be leveraged by malicious insiders and even business competitors who want to gain an illicit market advantage. Effective Business Continuity & Data Recovery (BCDR) procedures can help. This includes taking snapshot snapshots of your data environment on a regular basis. And immediate  detection of suspicious log-ins can discourage such attacks.

William MacMillan, Chief Product Officer, Andesite

In 2025, we’ll see AI platforms analyze massive amounts of threat intel in seconds. That’s the easy part. The hard part? We’ll see CISOs increasingly demand answers about why models flag certain malicious activity and how that activity is impactful at enterprise scale. To this end, we’ll see greater investment in AI that is transparent and explainable, because machine-speed decisions will need human-level trust and outputs.

Craig Jones, Vice President of Security Operation, Ontinue

The debate around AI-driven attacks often obscures the reality that many rely on established tactics executed with greater speed and efficiency. Attackers use machine learning for tasks like phishing, but polished tiattacks—manual or automated—are often indistinguishable. Organisations should focus on evolving tactics, not the tools, by investing in behavioural detection, identity controls, and monitoring to counter threats effectively, regardless of AI’s involvement.

Karsten Chearis, US Security Sales Engineer – Team Lead, XM Cyber

Resiliency involves four stages, while compromise has three phases: about to be compromised, compromised, and recovering. Assuming breaches are inevitable, security leaders must map critical business assets and ensure their resilience. To avoid tool fatigue, organizations need integrated platform solutions. Leveraging frameworks like CTEM can enhance EDR, SIEM, and attack path mapping, driving faster solutions, reducing costs, and demonstrating ROI—empowering CISOs to defend and communicate effectively.

Nicole Carignan, Vice President of Strategic Cyber AI, Darktrace

If 2023 was the year of generative AI and 2024 the year of AI agents, 2025 will spotlight multi-agent systems, or “agent swarms.” These systems promise innovation but also introduce risks. Vulnerabilities like data poisoning and prompt injection could have far-reaching impacts due to interconnected agents. As multi-agent systems handle sensitive tasks, robust security and data guardrails are essential to prevent exploitation and ensure trust.

Ken Dunham, Cyber Threat Director, Qualys Threat Research Unit

Nation-state attacks and cloud compromises with long dwell times are rising as security lags behind post-Covid digital transformation. Complex DevSecOps, APIs, and cloud integrations will become leading attack vectors, while insider threats and accidental disclosures drive data leakage risks. With adversaries destroying backups to increase extortion payouts, recovery will grow harder and slower, emphasizing the need for stronger security controls and architecture.

Andrew Harding, Vice President, Security Strategy, Menlo Security

AI-driven attacks and browser vulnerabilities, such as recent exploits in Chrome, Edge, and Safari, underscore the need for robust security measures. State-sponsored groups are deploying evasive tactics that bypass traditional defenses. Prioritizing AI-driven browser security mitigates advanced threats, reduces insider risks, and strengthens user protection. A layered approach with zero-trust access, AI defenses, and visibility into user activity can safeguard sensitive data and counter evolving cybercriminal tactics.

James Fisher, Director of Security Operations, Secure Cyber

Accelerated automation is crucial as AI-driven attacks shorten timelines, requiring security tools to automate responses and enhance resilience. Global political volatility has heightened the focus on supply chain resilience, prompting organizations to scrutinize providers and refresh disaster plans with seamless backup strategies. Meanwhile, identity-based attacks are rising, pushing teams to address weak credentials and adopt solutions like Single Sign-On with hardware tokens for stronger, user-friendly security.

Eric Knapp, CTO of OT, Opswat

The shift to cloud for ICS/OT systems is accelerating, with 26% of organizations adopting cloud solutions, up 15%. While cloud offers flexibility, it introduces new cyber risks. Robust perimeter controls, data diodes for secure data flow, and OT-specific remote access pathways are essential. In 2025, the focus will likely shift toward balanced, layered security investments to improve visibility and resilience against evolving threats.

George Gerchow, faculty, IANS Research; Interim CISO, MongoDB

Nation-state actors are using AI-generated identities to infiltrate companies, bypassing traditional hiring checks with stolen credentials and fake profiles. The FBI reports over 300 companies unknowingly hired imposters who siphoned sensitive data. Meanwhile, AI empowers novice hackers to execute sophisticated attacks, demanding AI-enhanced defenses. Additionally, rising supply chain attacks will push cloud providers to mandate MFA, urging tighter collaboration to address escalating security threats.

John DeSimone, CEO at Nightwing

In 2025, AI will enhance both cybersecurity defenses and adversaries’ attacks, enabling advanced malware, deepfakes, and misinformation. While streamlining threat response, AI’s rapid integration raises ethical concerns, especially in national security. Transparent, traceable, and accountable AI practices are crucial to mitigate biases and align actions with ethical standards. As international guidelines emerge, organizations must prioritize ethical AI use to balance innovation with responsibility.

Sumedh Barde, Chief Product Officer, Simbian

Organizations face a growing cyber threat landscape alongside a global security talent shortage of 3.4 million (NIST, WEF). This has fueled rapid adoption of autonomous AI agents, which matured significantly in 2024 and will become mainstream in 2025. These agents, while not replacing skilled staff, will scale key functions like SOC and AppSec. Despite challenges, their business value ensures continued progress.

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

---

 

 

The post LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025 first appeared on The Last Watchdog.