Beyond AI, cybersecurity challenges continue to evolve. Effective vulnerability management requires more than just CVSS scores, and supply chain attacks highlight the need for greater scrutiny of third-party providers. Meanwhile, advancements in quantum computing could reshape encryption and cloud security.
As we navigate 2025, understanding these trends will be key to staying ahead in an increasingly complex digital landscape.
AI is everywhere but does it need to be?
There’s been something of a stampede by vendors to add AI functionality into products. It seems almost every product now has a Copilot or similar feature claiming to make life easier. Understanding how beneficial this is to users is unclear at present. When evaluating new products, KedronUK does cast a critical eye over the “datasheet benefits” and how they many actually work in the real world.
AI and ML does suit some applications very well though. Surfacing performance or security detections (events / alerts) in large amoun’ts of data, such as raw network traffic in NDR tools or logs in a SIEM solution, is a great use case.
AI isn’t just all good though
I’m sure every IT professional has seen a terrible attempt at a phishing e-mail, either offering them money lost in a foreign bank account or one claiming to be from a senior colleague asking them to help with an urgent action. Easy access to AI tools will make these harder to spot as they mimic the writing style or even voices of colleagues. Alongside appropriate security tools, user awareness will be very important in helping combat this threat.
Managing the use of AI platforms will also continue to challenge organisations from a GRC perspective. The leaking of sensitive data could occur thanks to careless but well-intentioned use of AI to help with productivity.
Look beyond just the vulnerability
Vulnerability scanners are a common and essential part of any IT’s team tooling. Finding and addressing vulnerabilities early is important in maintaining a good secure posture. However, just considering a CVSS score in isolation may not deliver the best results. Leveraging additional data sources such as the CISA KEV catalogue can provide extra context to help prioritise remediation work. As an example, a CVE with a score of 9.8 would, at first glance, look to need immediately addressing. However, it may not be actively exploited. Thus, a CVE with a lower score (eg 6.5) which is being commonly exploited should be addressed first.
Incorporating vulnerabilities (with all import context) and other signals can provide a much wider and more complete view of your attack surface.
Trusted Partners
The December 2024 attack on the US Department of the Treasury used BeyondTrust’s remote support tools to gain access to the Department’s infrastructure. Supply chain attacks are nothing new though – the SolarWinds Sunburst and Supernova attacks date back to 2020/21. Whilst SaaS (or other XaaS) still has many benefits, it can be extremely difficult to audit and build trust in a provider. Major SaaS providers will continue to be a ripe target for nation state attackers. This may encourage organisations to move back to self-hosted solutions, especially critical parts of the infrastructure such as ZTNA.
This topic doesn’t just cover technology service providers though. With the change of government in the USA and their “unsettling” statements on subjects such as security, borders and tariffs, both private business and public sector users may start to reconsider the implications of hosting applications and storing data in cloud platforms owned by US technology companies such as Microsoft and Google. Could unexpected policy announcements have sudden legal implications for data sovereignty and local compliance regulations?
The World of Quantum
For large enterprises, interest in quantum computing will continue to grow as they research and plan how the new age will impact their operations. The applications of aspects quantum computing, such as Quantum Random Number Generation gives financial businesses the chance to improve the accuracy and speed of simulations. QRNG also offers a truly random source of random numbers to provide an ideal basis for encryption keys. Entropy as a Service offers a way to benefit for cloud applications and IoT devices to benefit from QRNG.
For more information please get in touch!
Chris Booth
Solution Architect
Listens to your problems, the indentifies the best tools and products to build solutions.
Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL