Matt Aldridge, Principal Solutions Consultant at OpenText Cybersecurity says: The biggest change to the way enterprises approach cybersecurity

November 2024 by Matt Aldridge, Principal Solutions Consultant at OpenText Security Solutions

“Enterprises will need to adopt formalized approaches to the secure deployment and management of AI solutions in 2025. Guardrails will need to be in place to ensure that every latest and greatest AI adoption program is not automatically greenlighted until the proper assessments can be made and controls put in place. ROI on AI solutions along with risk will start to be top of mind when such programs are being considered.

I predict that we’ll see more enterprises begin to embrace the latest NIST Cyber Security Framework version 2.0, and that the broader and more pragmatic approach of this latest iteration will empower a much greater range of organizations to benefit from its best practices. Any organization will be able to assess their current posture against the standard, using its baselines to inform strategic investment of resources, targeting their areas of highest risk exposure.”

Biggest SMB security challenge you’re seeing and what will be the greatest area for SMB security investment in 2025 to counter this issue.

“Last year, our prediction came to pass that phishing attacks would become more sophisticated, targeted and difficult to spot, due in large part to the proliferation of generative AI. We predict that this trend will continue, as attackers continue to become better armed with AI-integrated solutions such as next-generation phishing kits. Ensuring that all bases are covered will need to be top of mind for SMB defenders. Getting the basics right has never been more critical.

We are coming towards the tipping point at which alternatives to password authentication can become a true practical reality. I foresee SMBs continuing to enhance their authentication implementations, and this may include the adoption of Passkeys, FIDO2 tokens and other password-free solutions to largely sidestep the current phishing and credential stuffing techniques used by attackers.”

How generative AI will become more real for security professionals next year.

“In the cybersecurity arms race, defenders are continually trying to keep pace with attackers and their latest techniques. 2025 will see this cat and mouse game continue, with AI-enhanced attacks increasingly going up against AI-powered defenses. Defenders will need to focus on understanding the AI capabilities and limitations of their solutions, helping them to avoid complacency, while increasing their speed and agility when detecting and responding to attacks.”

How will fraudster’s technique will evolve in the coming year

“Fraudsters will continue to evolve their approach regarding Business Email Compromise (BEC) and related social engineering attacks. We have already seen multiple communication vectors being used creatively to make their campaigns even more convincing, but I predict that in 2025 fraudsters will take this to the next level, leveraging AI models to deliver highly crafted and targeted deepfake voicemails to targets while also hitting them with more elaborate video calls and online meetings which will also be further empowered by AI and deepfakes. Combining this sophistication with the already highly crafted email, SMS and IM manipulation, these types of fraud will continue to deliver huge paydays for criminal gangs.

We didn’t see a catastrophic software supply chain attack during 2024, I suspect that work is underway by criminal groups and nation-state teams who have special focus in this area, we may see the fruits of their labour during 2025. It is critical that organisations continue to increase scrutiny across all of their suppliers to validate that an upstream vendor cannot be the weakest link in their chain of security, however with proprietary software this is an extremely tough challenge. SBOMs have been helping a little in this regard, but they do not address the whole issue. Continued network segmentation and anomaly detection are fundamentally crucial to a rapid detection and response for this type of attack.”