IT Brief New Zealand - Technology news for CIOs & IT decision-makers
Story image

CrowdStrike reveals security predictions for 2025

Thu, 5th Dec 2024

Stopping cloud breaches will require a hybrid approach. With a 75% increase in cloud intrusions over the past year, securing the cloud is more critical than ever. But today, tools protecting the cloud alone are not enough. Attackers are increasingly moving laterally between cloud platforms and on-prem environments to evade detection and achieve their objectives, taking advantage of the complexity of hybrid environments and protection gaps created by disconnected point products.

To regain control in 2025, businesses must have full visibility across public and private clouds, on-prem networks and APIs from the same unified console and workflow. A holistic security platform that integrates runtime, posture management, identity and data security across hybrid environments will be essential to protect against these sophisticated threats.

Identity Will Open the Door to More Cross-Domain Attacks. Identity-based attacks continue to rise – 75% of attacks to gain initial access are now malware-free. As adversaries become more skilled at exploiting stolen credentials, they will increasingly target interconnected domains within a victim's architecture—identity, cloud, endpoint, data and AI models. These attacks leave minimal footprints in each domain, appearing as isolated events, much like separate pieces of a puzzle—making them difficult to detect.

In 2025, security leaders must integrate unified visibility across the entire kill chain, enabling cross-domain threat hunting to detect deviations from normal user behaviour and catch anomalies before they escalate into breaches. While a strong focus on identity protection will be key to early detection, organizations cannot rely on automation alone to safeguard all areas of enterprise risk. Solving the cross-domain puzzle requires a combination of advanced technology, irreplaceable human expertise, and cutting-edge telemetry to inform proactive decision-making.

AI Security Will Dictate Innovation. AI is transformative, and its evolution is unfolding rapidly across public and private clouds. As adversaries increasingly target AI services and large language models (LLMs) deployed in these environments, protecting the integrity and performance of AI systems is more critical than ever. The data driving these models—and the applications they power—must be safeguarded against sophisticated threats. To secure AI innovation in the cloud, security teams will need specialized technology and services that monitor AI services and LLMs, detect misconfigurations, and identify and address vulnerabilities, unified with protection across the entire cloud estate: from infrastructure and applications to data.

The SIEM Renaissance Will Continue. 2024 marked a pivotal year of transformation for SIEM vendors, driven by a surge of mergers and acquisitions that show no signs of slowing down into 2025. As the competition heats up, innovation, seamless integration and cost-efficiency will separate the leaders from the rest. Organizations are now demanding scalable, cloud-native platforms that not only handle the explosion of modern data volumes but also consolidate redundant tools and integrate effortlessly with their existing ecosystems. Security Operations Centers (SOCs) are rethinking total cost of ownership and time to value, as next-gen SIEM platforms bring critical data sources like endpoint, cloud, and identity under one roof, slashing data management costs and eliminating performance delays. In the face of increasingly sophisticated threats, in 2025, expect SOC teams to continue demanding real-time intelligence, high-fidelity detections, and automation that puts actionable context at their fingertips, powering workflows that move as fast as today's adversaries.

Platforms Will Continue to Dominate Security in 2025. Consolidation will once again be a central focus for security in 2025. The current threat landscape is too dynamic to leave infrastructure vulnerable to threat actors who have been known to exploit gaps in point solutions. That's why security teams will continue to prioritize the elimination of complexity and costs associated with a patchwork of point solutions. A cloud- and AI-native platform approach with threat intelligence built natively within is the only way to supercharge the convergence of security and IT, helping organizations to remain agile and secure. The integration of GenAI into security platforms will further accelerate this trend by significantly reducing alert-to-resolution times and transforming hours of work into mere minutes, enhancing both the speed and effectiveness of response and remediation efforts.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X