IT Brief New Zealand - Technology news for CIOs & IT decision-makers
New Zealand
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things
Search
Story image
#
Data Protection
#
Phishing
#
GenAI

Cybersecurity in 2025: Tackling AI-driven phishing threats

Yesterday
Author image
By Catherine Knowles, Journalist

As organisations prepare for 2025, data security emerges as a crucial focus in light of rising cyber threats and potential vulnerabilities.

Todd Moore, Vice President of Data Security Products at Thales, shared insights into the security challenges that leaders should anticipate in the forthcoming year. Among his predictions, the impact of generative AI on phishing is expected to grow significantly.

"With enterprises being targeted by an influx of advanced phishing attacks, the likelihood that someone within their organisation falls victim to an attack is at an all-time high, and we expect to see a steady rise in these across 2025," said Moore. "Once credentials are compromised, an enterprise's entire network security crumbles, and with generative AI rapidly advancing social engineering methods, typical defense measures for credential compromise won't be able to keep pace."

Moore highlighted the persistent threat to critical infrastructure, attributing the risk to the separation between IT and operational technology (OT), alongside geopolitical factors.

"Given that critical infrastructure will always be a prime target for cybercriminals due to its potential for widespread impact, the disconnect between IT and OT, combined with geopolitical issues, creates the perfect storm for insider threats to thrive. In the year ahead, addressing this gap will be crucial to safeguarding critical infrastructure," he explained.

Concerning data fortification, he remarked on vulnerabilities within the supply chain and the necessity of enhanced data protection measures.

"With the proliferation of data via collaboration platforms, companies will need to focus on file activity monitoring and data watermarking to protect sensitive information. Supply chain security will also be a significant concern, as vulnerabilities in the supply chain can lead to widespread security breaches," Moore stated. "The generation of personal data by users through various apps and services will increase the risk of data exposure, necessitating stronger data protection measures."

The role of post-quantum cryptography in organisational security was also discussed, highlighting the importance of agility in cryptography practices.

"While TLS and SSH protocols are being updated to meet NIST's standards, enterprises will need to embrace crypto agility in 2025," said Moore. "The biggest barrier will be ensuring they have the time and resources to identify their exposure, take inventory of their assets, and employ crypto discovery. This will manifest in a steady rise of crypto centers of excellence among major enterprises. Enterprises must place agility at the center of their quantum readiness, ensuring crypto-agile solutions are leveraged to keep pace with emerging quantum-resistant cryptography."

In discussing the role of AI tools in cybersecurity, Moore noted their potential to enhance security roles rather than replace them.

"Cybersecurity vendors are increasingly integrating AI-assisted Copilots to enhance their services for customers. These tools are great for helping to fill talent shortage gaps, which the ISC currently estimates at 4.8 million worldwide, but aren't a replacement for internal teams," said Moore. "In the year ahead, it will be less about the adoption of these tools and more about how security teams leverage AI tools' capabilities. Those looking to remain agile will likely utilise these tools to bring their threat investigation abilities to the next level."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Open source malware up 156%, Sonatype research shows
Cohesity completes acquisition of Veritas data protection unit
Twilio recognised as leader in IDC MarketScape for CDP 2024
Graphiant launches new service to secure data in motion
AI & cybersecurity to shape the tech landscape in 2025
Top stories
Loyalty, CTV, ‘brandformance’: Three martech trends in 2025
The imperative of cybersecurity in manufacturing
LexisNexis to acquire IDVerse for advanced AI fraud tools
Peak performance in peak season: Leveraging EMM solutions for seamless operations
Procurement in 2025: From ‘should we try AI?’ to ‘When can we start?’