When I started learning about cybersecurity, I thought it was only about firewalls and antivirus software. I didn’t know how fast things change and threats evolve. Whenever I felt like I had a handle on things, something new came in headlines: ransomware, phishing kits, zero-day attacks. It’s a lot.
If you work in tech, you’ve probably felt that too. Even if cybersecurity isn’t your full-time job, it still touches everything. And keeping up with everything is not easy.
That’s why I pulled together the biggest cybersecurity trends to watch in 2025.
Before getting into what’s coming in 2025, here’s a quick check-in on a few trends we called out last year:
Now let’s look at some key trends I’m seeing this year and what they may mean for your organization and everyday life.
Like it or not, AI is being adopted everywhere. While it’s helping us work smarter, it’s also creating new risks.
Here’s how: AI needs data to do its thing. Lots of it. You can think of customer records, internal documents, financial info, all the stuff we don’t want to go into the wrong hands. That’s what makes this trend so tricky.
Cybercriminals are using it too, and they’re getting much better at it. Take phishing, for example. Now, AI tools like ChatGPT can mimic a company’s writing style so well that you may think this email did come from your team. And the numbers back it up: In Q4 of 2024 alone, more than 989,000 phishing attacks were reported.
So yes, AI can help us do more with less. But we also have to understand how it’s being used on the other side and stay ready. Because the attackers are already living in the future.
In 2025, more women will enter the cybersecurity field. They’ll bring new perspectives and lived experiences to drive change. Back in 2013, women made up only 10% of the global cybersecurity workforce. But that rose to 20% by 2019, 25% in 2022, and it’s expected to reach 30% by 2025. The pace is picking up as more companies recognize the value women bring to the table.
And that value is clear. Harvard Business Review shows women consistently score higher than men in most leadership skills. The notion that women possess inherent strengths as risk modelers and managers is gaining recognition. This is a key strength in a field built around risk.
But there’s still work to do. 50% of women interested in cybersecurity say they don’t feel confident enough to pursue it because they lack field knowledge. Without enough exposure and support, the field can feel out of reach.
But thankfully, we now have programs that are making a real impact:
Still, real change takes long-term commitment. So, we need more:
Ransomware is still one of the most aggressive threats and it’s not going anywhere. Cybercriminals break into our systems, encrypt data, and demand payment to unlock it.
In 2024, victim organizations paid around $813.55 million in ransom, 35% less than in 2023. And these attacks aren’t hitting big companies only. Smaller organizations have become frequent targets, too, because of weaker defenses and tighter budgets.
The numbers are constantly increasing:
That’s why you must double down on three primary defenses:
The idea behind zero trust is simple: don’t trust anyone or anything automatically. Just because someone’s inside your network doesn’t mean they should have access to everything. Every user and every system have to prove it, every time.
By 2026, 81% of organizations plan to implement zero trust. Its market is expected to hit $38.37 billion in 2025 and more than double by 2030.
This growth comes down to three things: more attacks, more remote work, and tighter privacy regulations. Companies need a better way to secure things and Zero Trust offers exactly that.
Here’s how two major industries are putting it to work in smart ways:
Insider threats aren’t new, but they’re becoming more common and expensive. These threats happen when someone inside your organization (like an employee, contractor, or vendor) misuses their access intentionally or unintentionally.
According to the Insider Threat Report:
Remote work has made the problem worse. North Koreans have been using fake identities to get IT jobs at international companies and pretend to be someone else, get hired remotely, and then use their access to make money for the North Korean government. It's a serious violation of international laws.
Looking ahead, the average cost of insider threats reached $17.4 million in 2025. That’s a wake-up call.
Here’s what you can do to reduce such risks and their associated hefty costs:
Cybercriminals don’t always go after companies directly. Sometimes, they take a side door by targeting third-party vendors or partners with weaker defenses. These are known as supply chain attacks, and they’re growing fast.
Gartner predicts that by 2025, nearly 45% of organizations will experience a supply chain cyberattack, which is three times the number from 2021. And last year alone, 81% of businesses said they were negatively affected by one.
One of the biggest wake-up calls was the SolarWinds breach in 2020. Hackers got in through a trusted software vendor and ended up inside thousands of organizations, including U.S. government agencies. It shows how far the damage can spread from a single point of failure.
Since this was quite a serious breach, the U.S. issued Executive Order 14028 to help protect critical infrastructure and software supply chains.
Deepfake technology has come a long way, but not in a good way (at least, that’s what some think). Threat actors can now generate hyper-realistic videos, audio clips, and images to show people saying or doing things they never did. The results are convincing enough to spread false information and damage reputations.
In one case, a finance employee at a global company was tricked into sending $25 million after joining a video call where every participant, including the CFO, was a deepfake. The scammers used AI to mimic real colleagues so convincingly that the employee believed the request was legitimate. It’s one of the most extreme examples yet of deepfakes being used to commit fraud.
But as deepfakes get more sophisticated, so do the tools designed to spot them:
Quantum computing is making big leaps, and that has serious implications for cybersecurity. Once quantum computers reach a certain level of power, they’ll be able to break the 2048-bit public key encryption we rely on to protect our data. That might sound far off, but IBM predicts it could happen by the late 2030s.
That’s why in the next couple of years, we will see quantum-resistant cryptography becoming a priority. Also called post-quantum cryptography, this new approach uses algorithms to withstand the processing power that quantum computers will bring. They’re far more complex than current standards, so much harder for even a quantum machine to crack.
In fact, NIST has already announced the first set of four quantum-resistant algorithms:
In short, quantum computing may still be years away from breaking modern encryption, but we can’t wait that long to prepare. Businesses and governments should plan for that shift and adopt quantum-resistant cryptography now to avoid major disruption later.
Although cyber threats are growing fast, the public sector struggles to keep up with these rapid changes. Budgets are tight, talent is scarce, and attackers are targeting government systems. In 2023 alone, U.S. federal agencies reported over 32.000 cyber incidents to CISA, a nearly 10% increase from the year before.
As Frank Dimina of Splunk put it: “Cybersecurity is a never-ending arms race.” And right now, public agencies are at a disadvantage. But student-powered Security Operations Centers (SOCs) are a promising solution.
These centers are part of a growing effort, called Securing Your Future State, to bring together state agencies, universities, private companies, and communities to both strengthen cybersecurity and train the next generation of talent.
Here’s why they matter:
That’s why Splunk’s LaLisha Hurt explains, it’s a win-win: “Higher education provides the talent, training, and staffing at a much lower cost, while the public sector provides the digital infrastructure, data centers, and funding. This is a powerful combination that leads to a shared service that can be scaled to other local agencies.”
More states are investing in these programs, and the trend is spreading internationally in Europe, where academic partnerships are gaining ground. Some programs are even expanding to retrain veterans, making cybersecurity more inclusive and community driven.
Cybersecurity isn’t slowing down, and neither are cybercriminals trying to mess with our systems. But that’s not new. What is new is how much more connected everything is: our data, devices, and daily lives. And with AI, deepfakes, and quantum threats rising, protecting trust has become a major aspect of security.
Some of these trends might fade. Others will stick and evolve. But if there’s one thing that’ll never go out of style, it’s staying alert and our ability to adapt. Because cybersecurity is a mindset, and in 2025, this mindset is going to be our best defense.
See an error or have a suggestion? Please let us know by emailing splunkblogs@cisco.com.
This posting does not necessarily represent Splunk's position, strategies or opinion.
The world’s leading organizations rely on Splunk, a Cisco company, to continuously strengthen digital resilience with our unified security and observability platform, powered by industry-leading AI.
Our customers trust Splunk’s award-winning security and observability solutions to secure and improve the reliability of their complex digital environments, at any scale.