As a Chief Information Security Officer (CISO) and experts in cyber security, we gain valuable insights into developments in the field of cyber security, particularly as part of our “CISO-as-a-Service” retainers. As in previous years, 2024 kept us on our toes with a variety of challenges, gnarly cyberattacks and numerous successes. In this article, we reflect on the most significant developments of the last twelve months and hazard a forecast of trends and expectations for 2025 and beyond.
2024 in the cyber world was one of challenge and progress. Another year in which information security presented a wide range of key issues, addressing new technologies, increasing legal or regulatory requirements and the growing threat landscape.
This review highlights the key moments and developments that have shaped information security and our work as a Chief Information Security Officer (CISO) and security experts over the past year:
Important regulatory changes in the area of cyber security have been introduced in the European Union. The Cyber Resilience Act (CRA) requires companies that develop digital products to fulfil stricter security and lifecycle management requirements. At the same time, the NIS2 directive came into force, prescribing national laws to improve network and information security. A key factor in both regulations is the transfer of responsibility and liability to management, with potential fines for any offences. In Switzerland, the revised Electricity Supply Ordinance (StromVV) was enacted, which sets out binding information security requirements for energy suppliers. In the financial sector, the has published specific supervisory guidelines that provide financial institutions with clear guidelines for dealing with cyber risks.
Ransomware groups such as LockBit and ALPHV increasingly focused on blackmail strategies in which they threatened to release sensitive data instead of just encrypting it. This development placed greater demands on the prevention and management of data breaches.
Artificial intelligence (AI) is being used increasingly to support attacks, enabling attackers to tailor convincing phishing messages to individuals. At the same time, Deepfakes represent a new dimension of social engineering: attackers can use deceptively real audio and video manipulation to imitate CEOs or high-ranking employees, or spread targeted disinformation. These developments make it considerably more difficult to detect and defend against such attacks.
What’s more, with the advent of AI, cyber attackers have increasingly turned to AI models to identify vulnerabilities and carry out attacks.
Attacks within supply chains were particularly targeted at smaller companies, which are often less well protected. Cyber criminals exploited vulnerabilities in their security systems to gain access to larger organisations. For that reason alone, security standards along the entire supply chain are becoming increasingly important. Incidents at suppliers (e.g. Crowdstrike / Microsoft etc.) have made it clear that integrated security standards can have a real impact on business and information security.
The proliferation of “Internet of Things (IoT)” devices has created new attack surfaces. These devices often had less robust security measures and were susceptible to attacks that could lead to data loss or malfunctions.
In 2024, the topic of cyber hygiene (best practices to ensure basic resilience) became more of a focus for companies, but implementation and prioritisation varies depending on the industry and company size. Deficient vulnerability management, insufficient backups, a lack of security culture, inadequate sensitisation of employees and only partial monitoring for suspicious activities remain core factors that facilitate a successful attack.
Organisations have invested in strengthening capabilities to quickly detect, contain and respond to cyber incidents, including through resilience solutions.
Contingency plans for resilient hybrid, complex infrastructures that continue to function even after an attack and ensure business continuity were scrutinised and put to the test.
In 2024, there was still a significant shortage of specialists in the field of information security. This has even intensified as the demand for information security experts has continued to rise sharply with the growing threats and increasing use of new technologies. Contributing factors include the increase and growing complexity of attacks, a lack of specialised training programmes, the complexity of new technologies and regulatory pressure from compliance requirements.
Overall, information security 2024 focused on resilience to new technological and regulatory requirements and the growing importance of AI.
Information security will continue to develop in several key areas in 2025 and also over the long term. This outlook highlights trends, challenges and innovations that are likely to shape our security standards in the near future:
Companies are increasingly relying on AI and automation to recognise and fend off threats in real time. AI-supported systems analyse large volumes of data and use pattern recognition to identify unusual activities and as a result potential attacks at an early stage. At the same time, however, attackers are also using AI to make phishing and ransomware more targeted and harder to detect, which makes defence even more difficult. The comparison with a game of cat and mouse seems appropriate here. Do you know the vulnerabilities and risks that the use of AI can cause in your company? Find out how! Employee cyber hygiene therefore remains essential: in 2025, training and awareness programmes should increasingly promote safety culture and awareness among employees.
Many companies are now using generative AI models to increase efficiency, but this can also pose a security risk. CISOs must ensure that generative AI solutions are used securely in the company and prevent sensitive data from falling into the wrong hands through such systems. Shoring up these models in organisational and technological terms and developing guidelines for the use of AI will be of central importance in 2025.
The rapid advances in quantum computing technology could jeopardise conventional encryption methods that are widely used to protect data transmissions and stored data. Companies will therefore increasingly invest in post-quantum-resistant encryption in order to be prepared for the potential threat.
As ransomware attacks become increasingly destructive (deleting data instead of encrypting it) and sophisticated, using techniques such as double or triple extortion, organisations are investing in robust backup and recovery strategies. Segmented networks and endpoint detection measures (EDR) will be crucial here.
The implementation of Zero-trust models to strengthen internal security, especially for hybrid working environments, will gain momentum. CISOs will continue to work on zero-trust strategies and their optimisation in the coming years as identity protection increasingly takes centre stage.
Building resilient infrastructures and strengthening resilience measures that continue to function even after an attack is becoming increasingly relevant. The ability to use redundant systems, multi-layered backup solutions, crisis simulations and employee training for rapid response and recovery will play a central role in minimising the financial and operational burden after incidents and thus ensuring business continuity (BCM).
The increasing use of IoT devices and the spread of 5G networks are expanding the attack surfaces that can be exploited by cyber criminals. It is becoming increasingly important for companies to develop and implement security measures for IoT devices and 5G infrastructures.
The increase in exploitable vulnerabilities in open source software (OSS), for example, has shown that vulnerabilities in the supply chain can have far-reaching consequences. Stronger security measures within the supply chain, such as Software Bills of Material (SBOM), including detailed checks and data monitoring, will be required in 2025.
Passkeys are becoming increasingly important as companies such as Google, Apple and Microsoft push ahead with passwordless authentication. The FIDO Alliance is developing interoperability standards (CXP and CXF) to enable secure data transfer between platforms and facilitate the use of passkeys.
The growing need for data protection and cyber security is leading to even greater regulatory pressure. Companies have to adapt to new standards and compliance requirements, which often requires additional (financial and human) resources and expertise. In 2025, even more countries are expected to tighten data protection laws, particularly with regard to AI and data transparency. The Digital Operational Resilience Act (DORA), an EU Regulation to strengthen digital operational resilience in the financial sector, will come into force on 17 January 2025. DORA will be adopted across the European Economic Area (EEA).
Despite growing threats, many security budgets are too low compared to the complexity of the challenges, and the lack of skilled labour makes it difficult to implement critical security measures. In 2025, companies will have to utilise budgets more efficiently, increase automation, use managed security services and provide employees with targeted security training.
The ability of Deepfakes to create credible but fake content is constantly improving, making it increasingly difficult to detect and posing a dynamic and complex challenge.
These trends show that information security will be even more firmly anchored in companies and governments in the coming years and that new technologies and security concepts will be required to cope with the threats of the future. As such, information security becomes even more complex and requires strategic planning and close co-operation with other areas of the company.
Information security remains a dynamic and constantly evolving field. It is crucial for CISOs and security experts to remain agile and stay abreast of new threats and technological developments. This is necessary to ensure the integrity, confidentiality and availability of information and systems.
Are the latest analyses, trends, tips and exciting insights from our cyber security experts a useful addition to your specialist knowledge? Then a blog update subscription is the right source of news for you as the new year starts.
Subscribe now to our blog updates and receive the latest articles conveniently in your inbox!
Caption: with AI generated image