It’s that time of the year, again, when we reflect on what happened during the past 12 months in the world of cybersecurity and what 2025 has in store.
Generative AI has been reshaping digital threats this year, as attackers increasingly use the resource to craft convincing scams and malware. On the other hand, security software providers have also begun to harness the power of AI to fight back against new threats.
We can’t talk about 2024 without mentioning data breaches. These incidents reached an all-time high during this period, with what’s been nicknamed the “mother of all data breaches” kicking off the year with 26 billion records leaked. Over 1 billion records were exposed throughout the past 12 months according to NordLayer data.
With this in mind, let’s dive into our top 5 cybersecurity predictions to look out for in 2025.
1. AI will keep having a two-fold impact on cybersecurity
“In 2025, I expect we’ll see a dual impact from AI on cybersecurity: increased productivity and heightened risk,” said Dror Liwer, co-founder of cybersecurity firm Coro.
For instance, he explains, attackers could infiltrate AI chatbots to access the private data you willingly share through your inputs to the large language models (LLMs). Attackers will also keep using generative AI to write better malware, build fake shops, and spread other digital scams.
At the same time, though, security software providers are expected to continue their work in harvesting the power of AI to fight back AI-powered threats.
On this point, Eyal Benishti, Founder and CEO of cloud email service Ironscales, said: “At the moment, the threat actors of the world are a couple of steps ahead. In 2025, we can only hope that the hard work and innovation among cybersecurity developers will help us to close that gap.”
2. Love and hate for encryption will continue
The encryption conundrum is also expected to dominate the year ahead. On one side, US authorities are urging citizens to switch to encrypted messengers in the wake of an unprecedented attack on the country’s telecoms. At the same time, though, law enforcement bodies are still looking for ways to implement backdoors in these services to catch criminals – like the controversial Chat Control in the EU.
“We see 2025 as a defining year in the political arena,” Jan Jonsson, CEO at Mullvad VPN, told TechRadar. “There are forces seeking to erase secure and private communication through lawful access, and people need to become aware of this and the consequences it has for free and open societies.”
Privacy experts, cryptographers, encrypted messaging providers, and other technologists have long been very vocal about the threats of undermining encryption – meaning the scrambling of data into an unreadable form to prevent unwanted access.
We can expect this advocacy to intensify in the year ahead as encryption-breaking laws gain traction elsewhere worldwide.
3. Phishing attacks get more creative
As mentioned earlier, generative AI is helping criminals craft more convincing attacks, especially phishing emails – malicious messages designed to trick you into clicking on a dangerous link or providing sensitive personal information. This is why experts predict that, in 2025, scammers will get increasingly more creative.
According to Shai Mael, Director and Global Sales Engineer, at Ironscales, threat actors are set to increasingly turn to creative social engineering strategies to drive impersonation and other forms of attacks.
He said: “We’re already beginning to see a growing number of voicemail phishing attacks, as well as attacks in which malicious links are being embedded in email attachments – both of which are proving to be some of the most effective phishing strategies in use today.”
Although some security providers have begun to offer more advanced scam protection – the new NordVPN Threat Protection Pro has been named as a top tool for malware and phishing protection – you should keep your guard high at all times as your critical judgment is set to remain your strongest weapon against phishing in 2025.
4. VPNs will become a more crucial resource
Once again, the use of the best VPN apps has soared everywhere throughout the past 12 months. People worldwide have turned to this versatile security software for different reasons, including navigating stricter online restrictions, protecting their data against third-party snooping, or simply boosting their overall internet experiences.
A virtual private network (VPN) lends itself to many different uses. It encrypts all the data leaving your device while spoofing your real IP address to make it appear as though you’re browsing from a different place within a couple of clicks.
With AI threats, data breaches, and other privacy-related dangers expected to rise, experts predict that VPN usage will also keep increasing in 2025.
Commenting on this point, Lauren Hendry Parsons, Digital Rights expert at ExpressVPN, told TechRadar: “As concerns about online privacy continue to grow, I believe we’ll see even more people and businesses turn to VPNs for protection.”
5. Getting ready for a post-quantum world
Preparing for post-quantum cryptography is one of the trends that, according to Google’s Cybersecurity Forecast 2025, will shape the future of cybersecurity in the new year.
With the full implementation of quantum computing expected to kick off between 2030 and 2035, it’s just a matter of time before current encryption methods become obsolete – potentially broken by the ability of these machines to process computations that today’s computers can’t handle, within minutes.
This is why the cybersecurity industry has already begun thinking about a post-quantum world. 2024 saw the National Institute of Standards and Technology (NIST) officially releasing its first three quantum-resistant encryption standards. In 2025, NIST’s work is set to continue and software providers using encryption like VPNs, secure email, and messaging apps, will increasingly implement post-quantum cryptography alongside traditional protections.