Cybersecurity Trends for 2025 and Beyond

Estimated read time: 1:20

    Summary

    In a video by IBM Technology, cybersecurity trends for 2025 and beyond are explored. The video revisits past predictions, highlighting advancements in pass keys, generative AI in phishing, and deepfake threats. It emphasizes the evolution of AI roles in cybersecurity, noting both the promising applications in cyber defense and the looming threats, such as shadow AI and quantum computing risks. The presenter stresses the urgency for organizations to adapt to quantum-safe cryptography and invites viewers to share their future cybersecurity predictions.

      Highlights

      • A significant increase in the use of pass keys as a secure alternative to traditional passwords. 🚀
      • Generative AI is now being used to craft highly sophisticated phishing emails, complicating threat detection. 📧
      • The dangerous potential of deepfakes has been realized with notable financial and political implications. 🕵️
      • AI provides potential for improving cybersecurity measures, though cautious application is recommended. 🤔
      • Quantum computing is set to challenge existing cryptographic methods, urging a switch to quantum-safe solutions. 🔒

      Key Takeaways

      • Pass keys have rapidly gained adoption, showing a significant transition from traditional passwords. 🔑
      • Generative AI is advancing phishing techniques, making detecting threats more challenging. 🤖
      • Deepfakes pose serious risks, including financial fraud and misinformation during elections. 🎭
      • AI's application in cybersecurity includes passive analysis but advises caution with automated responses due to potential errors. 🛡️
      • The looming challenge of quantum computing necessitates a shift to quantum-safe cryptography to protect sensitive data. ⚠️

      Overview

      Cybersecurity is rapidly evolving, as shown in IBM Technology's exploration of trends for 2025 and beyond. They revisit previous predictions, verifying the surge in pass key adoption over old passwords as users embrace more security-conscious technology. Likewise, generative AI's role in phishing has heightened the need for advanced defenses against these highly personalized attacks.

        Deepfakes were a prescient concern, already evidenced by incidents of financial and political manipulation. The video highlights a notable case of deepfake trickery resulting in a $25 million fraud, showcasing the technology's potential for misuse. As AI gains prominence in cybersecurity, there are both opportunities and pitfalls, as its potential for defense grows alongside associated risks like shadow AI and prompt injection attacks.

          IBM emphasizes the critical nature of transitioning to quantum-safe cryptography. As quantum computing advances, it poses a threat to current encryption protocols, prompting immediate attention to developing secure alternatives. The video calls for proactive change from organizations still lagging in updating their cybersecurity measures, aiming to preempt quantum risks while tapping into AI's prospective benefits for enhanced security.

            Chapters

            • 00:00 - 01:00: Introduction and Review of 2024 Predictions The chapter begins with a retrospective evaluation of cybersecurity predictions made for 2023 and 2024, setting the stage to discuss predictions for 2025 and beyond. The speaker plans to first review past predictions to assess their accuracy, thus providing a basis to judge future predictions. The first prediction reviewed concerns the shift from traditional passwords to passkeys.
            • 01:00 - 03:00: AI Phishing and Deepfake Risks The chapter titled 'AI Phishing and Deepfake Risks' discusses the advancements in security technology, particularly focusing on the use of pass keys. These are sophisticated, security-conscious technologies developed by FIDO. The transcript highlights a significant uptick in the adoption of pass keys, noting that a password management company reported saving over 4.2 million pass keys in their software over the last year. This marks a major improvement in digital security practices, with 1 in 3 users now storing and presumably using pass keys to enhance their online security.
            • 03:00 - 04:30: Generative AI Hallucinations The chapter titled 'Generative AI Hallucinations' discusses the increased adoption of pass keys by companies and websites, noting a significant improvement as twice as many entities began accepting them. This shift is highlighted as a prediction that has successfully come to fruition and is expected to persist. Additionally, the chapter delves into the realm of AI-generated phishing, emphasizing how generative AI is being utilized to craft phishing emails.
            • 04:30 - 06:00: Securing AI Deployments The chapter discusses the innovations in phishing emails, particularly how they have evolved to become more sophisticated. According to the chapter, an email security company reported an increase in personalized and believable phishing emails that are well-crafted and professional in appearance. This development underscores the challenge of detecting phishing emails by traditional methods such as seeking out grammar and spelling mistakes. The chapter implies that these new threats leverage readily available information on the Web to enhance their credibility and effectiveness, making the task of securing AI deployments even more critical.
            • 07:00 - 10:00: Shadow AI and Deepfake Threats The chapter discusses the impact of generative AI on cybersecurity, particularly in enhancing phishing attacks. It emphasizes the need for improved defensive measures against these threats. Additionally, it touches upon a recent incident involving a deep fake attack, highlighting the escalating challenges posed by such technologies.
            • 10:00 - 13:00: AI-Driven Malware and Exploits The chapter discusses the use of AI-driven techniques to conduct sophisticated cyber attacks. It details a scenario where attackers used deepfake technology to impersonate a company's Chief Financial Officer (CFO) during a video call. The attackers convinced an employee to wire $25 million to the attacker's account, showcasing the potential of AI in executing convincing and high-value digital impersonations. This incident highlights the growing threat of AI in the realm of cybersecurity and the importance of being vigilant against such tactics.
            • 13:00 - 15:00: Challenges with AI Attack Surfaces In the chapter 'Challenges with AI Attack Surfaces,' the main focus is on the use of deepfake technology to influence political events. The chapter reflects on an incident during the US presidential election prep in early 2024, where a deepfake robocall impersonating Joe Biden falsely instructed Democratic primary voters that they could skip voting in the primary and save their vote for the general election. This serves as a real-world example of the malicious application of AI in political contexts, underscoring the risks associated with deepfake technologies.
            • 15:00 - 18:00: Leveraging AI for Cybersecurity The chapter highlights the potential benefits of leveraging AI for cybersecurity, while also acknowledging its current limitations. It discusses the concept of prediction in AI, humorously referring to them as hallucinations due to sometimes being ungrounded in truth. Despite occasional inaccuracies, AI can perform impressively, as illustrated by the anecdote involving a friend's running time conversion.
            • 18:00 - 21:00: Quantum Computing and Cryptography The chapter titled 'Quantum Computing and Cryptography' opens with an anecdote highlighting the importance of accurate conversions and how they impact results. The narrator discusses using a chatbot to convert running pace from kilometers to miles. They humorously point out that the chatbot's response, suggesting a pace of 3.43 minutes per mile, would have been a world record-breaking pace if true. This reflects the potential discrepancies in automated computations and the need for critical assessment of AI-generated solutions, particularly in fields like quantum computing and cryptography where precision is crucial.
            • 21:00 - 25:00: Conclusion and Call for Audience Predictions In the conclusion of the discussion, the speaker shares a personal experience of interacting with a chatbot. Initially, the chatbot provides incorrect information, but upon prompting, it corrects itself. This highlights ongoing issues with AI hallucinations, indicating that while AI is improving, it still faces challenges in providing accurate information consistently.

            Cybersecurity Trends for 2025 and Beyond Transcription

            • 00:00 - 00:30 Two years ago, I did a video on cybersecurity trends for 2023. Then last year I did another one for 2024. Well, let's dust off the crystal ball and take a look and see what I'm seeing for 2025 and beyond. But before we do that, let's take a quick look at what I predicted last year and see if it came true or not. That way you can decide whether you want to believe this YouTube prophet or not. So how did I do on last year's predictions? The first one was about the adoption of pass keys over passwords, moving from passwords to doing this more
            • 00:30 - 01:00 sophisticated, security conscious pass key technology from FIDO. Past Keys. In fact, we found there was a password management company that particularly pointed out that they saw 4.2 million pass keys saved in their software over the course of the last year. That's a big improvement. A big uptick. They found that it was 1 in 3 users are now storing pass keys and hopefully using them as well.
            • 01:00 - 01:30 And that, in fact, they saw twice as many companies, in other words, websites that were accepting pass keys as an option. So I would say that's a big improvement. That one definitely came true and I expect to see that one continue even more as we go forward. Now, my next prediction had to do with AI. phishing. In other words, using generative AI in order to generate phishing emails.
            • 01:30 - 02:00 We've in fact seen this occur as well. There was an email security company that said they are now seeing these perfectly crafted and legitimate sounding phishing emails that look better than anything we've seen before. In fact, these things are highly personalized. In fact, we could use information that's available on the Web in order to make them even more personalized and more targeted and therefore more believable. And that whole business of looking for grammar errors and spelling errors and phishing emails,
            • 02:00 - 02:30 that's slowly going away because generative AI. doesn't make that mistake. So we're in fact seeing and have already seen that AI is improving phishing attacks. Now we need to do something about the defense as well. Okay. Deep fakes. What's happening in that case? It turns out almost two months after I recorded last year's video, there was a an attack where a deep fake was able to.
            • 02:30 - 03:00 Emulate and impersonate the CFO, the chief financial officer of a company, and convince an employee to wire $25 million out of that company into the attacker's account. All using a deepfake in a video call. So the employee thought for sure they were talking to the CFO and therefore following those instructions. In fact, it was a deep fake. It was an AI generated impersonation of the actual person and they lost $25 million in that particular case.
            • 03:00 - 03:30 We also saw another example in the US, the presidential election run up in the early part of 2024. Again, just a few months after I made this prediction about deep fakes in the New Hampshire primary. For the Democratic primary, there was a deepfake robo call of Joe Biden's voice calling people and telling them they didn't need to vote in the primary. They could just save their vote for the general election. So these things have in fact occurred and they started occurring
            • 03:30 - 04:00 almost instantly after I referred to them as a prediction. How about hallucinations. So Generative AI continues to have some issues with the truth. Sometimes it's not well grounded in the truth. Sometimes it does amazing stuff. But just to give you an example, I did one really recently. A friend of mine who is a runner was quoting to me what her time was on a run that she did recently, and she's not from the US, so she quoted me her time as 5.45 per kilometer.
            • 04:00 - 04:30 And I thought, well, I don't think in kilometers, so I need to convert that into a per mile pace. And so I went to a chat bot, a very popular chat bot, and asked it what does that convert to? 5.45km. What is that pace? And Miles, if someone was running it and you know what it said. Said it was a 3.43 which congratulations to her. She would have literally broken the world record by more than 10s if that had been the case.
            • 04:30 - 05:00 It wasn't true. I went to the chat bot and said, That's not right. That's literally all I said. And it said, yeah, well let me correct my numbers. Actually, that would have come out to a 9.15 pace per mile. Well, that's a big difference. That's not a world record. That's respectable. Not a world record. So all I did was just prompt it and say. Tell me again. Try again. And then all of a sudden, it got it right. So we're still having hallucination problems. It's getting better, but it's not solved yet.
            • 05:00 - 05:30 And then the last prediction I made had to do with the use of cybersecurity needing to secure AI. In other words, companies are going to be deploying AI, and they're going to be wondering, how can I use cybersecurity technologies to make sure those deployments can't be attacked, that they're robust? That has, in fact, turned out to be the number one question I get when I'm out meeting with clients. This is the reason, for the most part, they're bringing me in to have conversations. I talk about a lot of other things, but this is the number one concern for all the clients I've seen virtually in the last year.
            • 05:30 - 06:00 How am I going to secure my AI deployment? Now, I think there's also this other part where I which I made a prediction about, and we're seeing this happen also, and that is how can we use AI to do a better job of cybersecurity? Well, one of the thing is we could use this to create essentially an online Q&A type chat bot.
            • 06:00 - 06:30 So in other words, if we had a chat bot that didn't hallucinate, that was grounded in the facts and we could do that with something like retrieval, augmented generation, RAG technology and things like that, it could do a better job of answering questions for cybersecurity analysts just go in and ask questions in natural language and get responses back. We're starting to see that technology make its way to the market. And another one is cases being able to look at incidents and things like that and be able to track them.
            • 06:30 - 07:00 Look at all the indicators of compromise and give a summarize version of a particular case. Because one of the things that generative AI is good at is generating summaries as well. And those summaries can be helpful when you need to pass off an incident or a case to someone else who now is going to pick up the ball and run with it. So overall. I think we did pretty good. Okay. Enough of living in the past. Old man. Let's get rid of those. And now we're going to take a look at 2025 and beyond.
            • 07:00 - 07:30 I don't know exactly what year all of these things will happen. So we're just looking toward the future in general. And even though they say history repeats itself, actually, Mark Twain said it doesn't repeat itself, but it often rhymes. So we're going to see some of the same trends that we saw before that will continue maybe in a little bit different form. And not surprisingly, AI is going to be a big part of everything that happens in technology, and cybersecurity is no different in that regard. We're going to see it give us some pluses and minuses,
            • 07:30 - 08:00 some pros and cons, some things where it'll help us and some things where it might help us. I'm going to start with some of the things where it necessarily will not be helping us. And that's, first of all, a prediction about shadow AI. That is, this stuff is so good and everyone is going to want to do it and everyone is going to do it. And not all of those AI deployments will in fact be authorized, will be the ones that are approved by the organization. So we could have, for instance, in some places
            • 08:00 - 08:30 that somebody goes into a cloud instance, pulls down a model and stuff starts running away. And that shadow AI could present a problem for the organization. Other examples on mobile phones. So people are using AI is being built into mobile phone operating systems and we're going to see more and more of that. If that's not handled well, it could be a source of data leakage. It could be a source of misinformation. So that's this kind of sort of unapproved shadow AI.
            • 08:30 - 09:00 Is going to represent a particular problem for us, and I expect to see that grow as we go into the future. What else? Deepfakes. I mentioned that one before and that one's not going away. In fact, Deepfake technology is only going to be getting better and there are going to be implications to business. I gave an example of that where an organization was basically swindled out of or convinced to send $25 million. There was another case a few years ago where $35 million was sent as a result of a deepfake call,
            • 09:00 - 09:30 just an audio call, and someone followed those instructions. So it's going to effect business. It's going to affect governments as someone puts out a deep fake of a head of state or something like that. Then if we don't have reliable sources for that, people are going to see those messages and some portion of the people will believe it because some portion of belief will of the people will believe anything.
            • 09:30 - 10:00 So how are we going to make sure that what we're seeing are, in fact, the real leaders and not deepfakes? And think about law. The legal aspect of this, we look at evidence and we take those into court, a video of someone committing a crime. What if it was a deepfake and it wasn't really that person committing the crime? Or by the same token, what if it was an actual video? And the defense just argues that it's a deepfake and now that creates some sort of reasonable doubt. So there are going to be implications to all of this, and we have not figured out yet.
            • 10:00 - 10:30 Our legal system, government systems and so forth, have not figured out what all the implications of those will be. The bad guys will continue to use these in ways that will represent a threat to us. Another one is exploits. And writing malware. In fact, we know that generative AI is able to write code. Well, why wouldn't it be able to write malware? In fact, it can. In fact, there was one study that was done that found that one of the very popular generative AI
            • 10:30 - 11:00 chat bots was able to, when given an adequate description of a zero day vulnerability, it was able to generate exploit code 80% of the time, 87% of the time. That's really good. That means a bad guy doesn't even have to know how to write code. They just need to know how to take the information about the description of the problem, put it into the right chat bot, and now they get their exploit and they can launch that. Well, that's a theoretical threat.
            • 11:00 - 11:30 Has it actually happened? In fact, it has already. We've started to see this already. One major online retailer that you're all familiar with has already reported they've seen a seven fold increase in the last six months in their attacks. The number of attacks coming in and they attribute some large percentage of that. They believe that that's not a coincidence, that it's gone seven X in the last six months. They believe generative AI has a is a big part of that, that attackers are starting to use this technology more and more.
            • 11:30 - 12:00 That trend, I expect, will continue. How about the attack surface? Well, every time we add a new piece of componentry into a system, it extends the attack surface. It's one more thing that a bad guy can use to break into. So the attack surface now includes AI So the shadow AI that's out there. Any of these other technologies could potentially be things that someone will exploit.
            • 12:00 - 12:30 So here I was talking more about breaking into the existing IT infrastructure using generative AI In this case, I'm saying the use of the AI itself will become something that gets attacked. And if someone is able to poison that, it's going to mess up the operations of the business. They may be able to pull data out of it. And we have a data loss of some sort. Another one, that's a big concern. In fact, I've talked about this one before and done a couple of videos on this topic. Prompt injection. Generative AI
            • 12:30 - 13:00 is subject to some of the same failings that humans have. That is, it believes a lot of things and it can be naive and it can be socially engineered in essence. And that's what a prompt engineering prompt injection attack does. We tell it to do things that the originators of the technology did not intend it to do, and that way the bad guys will continue to figure out ways to get this thing beyond and break out of its guardrails. To do anything now, as it's been referred to.
            • 13:00 - 13:30 And we are going to need to be able to have better and better defenses against these kinds of attacks because those in fact, the OWASP organization Open Worldwide Application Security Project says this is the number one attack type against large language models, which are what the generative AIs are based on. So we haven't seen a solution to that. I'm sure we'll see more of it. What else? Well, those are a lot of negatives that we have to face.
            • 13:30 - 14:00 How about at least one positive in here? And I mentioned a little bit of this before, and that is using AI to improve cybersecurity. How can we do a better job of cyber now that we have this AI tool? It's not just an attack surface. It's not just a negative, but let's leverage that tool as well. Well, what we've seen a lot so far is using generative AI in a more passive role where it's doing analysis and things like that. But what if it gets involved a little bit more in response?
            • 14:00 - 14:30 Now, maybe it doesn't automate the response. In fact, I'd be very cautious about doing that because we still have elucidation problems and I don't want it hallucinating. What the answer should be to a particular break in, but giving advice and saying here within the understanding of this AI, we believe this is the most likely response you should take. Then here's our our confidence in that and here's the next most likely thing that you should do and the next priority thing that you should do. So giving us that kind of expert advice, or at least
            • 14:30 - 15:00 for an expert to look at, here's a bunch of suggestions, and now I can decide which ones I want to do and which ones I want to discard. So that's a potential positive use of generative AI in doing cybersecurity. And then one thing that's not related to I just saw that, you know, not everything is about AI, and that is quantum computers, quantum safe cryptography. Quantum computers are going to do some amazing stuff. But one of the things they're going to do, we wish it didn't, is it's going to be able to break our cryptography at one point.
            • 15:00 - 15:30 We don't know when this will be. Maybe five years, maybe ten years could be tomorrow. Someone is going to be able to read all the encrypted messages that we have put out by using a quantum computer to break that. Now, the quantum computers will do some wonderful things. That's not one of them. But we're going to need to start moving and we need to have already started moving toward these new quantum safe or post quantum crypto algorithms,
            • 15:30 - 16:00 the ones that will not be susceptible to attack and vulnerable to quantum attacks. A lot of people are still sitting in the starting blocks and have not begun this activity and they need to because of a thing called harvest now decrypt later I make a copy of your data right now, and then I wait for a quantum computer to get strong enough and then I can read what your stuff was. And that could be a problem, especially if we're talking nation states where some of the information will be classified for generations to come.
            • 16:00 - 16:30 So we really need to start working on projects to convert to this new quantum safe cryptography. And I expect we will see more organizations realizing that and starting to do that. Okay. So those are a few of my predictions for 2025 and beyond. And by the way, I've got videos on the IBM Technology Channel on virtually every one of these topics, including this one. So go check out those on the IBM Technology Channel. If you want to see a deeper dive into each one of these subjects.
            • 16:30 - 17:00 But enough about my predictions. How about your predictions? What does your crystal ball show you? Go ahead and put in the comments section, what your predictions are so that we can all benefit from your wisdom and.