Freely subscribe to our NEWSLETTER

1. While we have focused on the need for data privacy and security with the explosion of generative AI, how will generative AI benefit security teams and leaders in 2025?
• Generative AI will be used to enhance and automate threat detection and response. Currently, threat detection and response typically involve extremely large and fast-moving data sets (particularly endpoint, network, and cloud data) that are all generating alerts, anomalies, and other signals that are triaged and correlated through simple or manual means, leading to both false positives (noise) or false negatives (missed attacks). By analyzing and automating much of the pattern detection and triage process, generative AI will allow understaffed security teams to manage increasing workloads, detect zero-day threats faster, and focus on genuine attacks more effectively.
2. What breakthroughs in AI-driven cybersecurity defenses and the relationship between AI and cybersecurity do you predict for 2025? How might they change the way organizations approach threat detection?
• While there are many interesting technical breakthroughs that I am looking forward to in 2025, the most impactful one will be a non-technical breakthrough: societal alignment on what constitutes ethical and responsible applications of AI, in the context of cybersecurity. Regulations, governance models, and best practices continued to be proposed, released, and modified in the past two years to try to keep up with the technology, with data privacy and acceptable usage at the center of much-needed discussion. Cybersecurity use cases are an important component of ethical AI and will greatly shape allowable usages of AI in this field in the coming months.
3. Do you foresee any new AI-powered attack vectors emerging in 2025?
• AI-powered spear-phishing and social engineering. As AI continues to enable highly personalized and adaptive phishing, the ability to automate AI at scale reduces the economic gap between phishing and spear-phishing to near zero. In other words, it will be just as easy for someone to send the same email to 100 individuals, as to send 100 highly personalized emails to 100 individuals. This unfortunately will greatly increase the number of successful social engineering attacks, with highly convincing text, and even potentially audio or video.

4. In 2025, where will generative AI do the most good? Where will it cause the most harm?
• My answer to both questions is the same: war. As usual, generative AI is a powerful but neutral tool that doesn’t take sides. In cybersecurity, the bad guys will exploit generative AI to launch more sophisticated cyberattacks and targeted spearphishing attacks, while simultaneously generative AI plays a crucial role to bolster and strengthen our cyberdefenses through enhanced detection and powerful automated responses. This will play out most critically in 2025 on the world stage as, unfortunately, global warfare now has a strong cyber component alongside the traditional physical component. We have already observed the rise of both cyberattacks and cyberdefenses in the Russian-Ukraine conflict, as one example, and this machine versus machine conflict will continue in 2025.