We’re delighted that Partner Wayne Cleghorn has been featured in Architecture & Governance Magazine, with an article discussing cybersecurity trends.
Wayne identifies five cyber attack trends that businesses need to prepare for in 2025.
He notes, “Cyber attacks are increasing in frequency, complexity, and intrusiveness… The World Economic Forum’s Chief Risk Officers Outlook in October 2024 ranked cyber security risk among the top three threats severely affecting businesses.”
The trends Wayne lists are:
- Threat landscape increasing due to AI software and Generative AI – with 66% of organisations anticipating AI’s impact on cybersecurity, it’s concerning that only 37% have measures to assess the security of these tools before deployment.
- Geopolitics – businesses must understand that many attacks are now driven by geopolitical factors rather than personal motives. The rise of APT groups, particularly from nations like Russia and China, poses significant risks to critical infrastructure.
- Cloud Services – the latest CrowdStrike Global Threat report reveals a 75% surge in cloud intrusions over the past year, with hackers are now employing stealth tactics.
- Supply Chain – with cybercriminals targeting backdoors, businesses must take proactive measures to secure their supply chains. Comprehensive monitoring, auditing, and collaboration on threat intelligence are crucial steps to safeguard against future breaches.
- AI for Cyber Security and Resilience – AI is transforming the cybersecurity landscape by improving threat intelligence and fortifying firewalls. The use of Large Language Models (LLMs) allows for deeper insights into attacker behavior, while continuous monitoring ensures real-time visibility into vulnerabilities
Wayne concludes by providing useful practical steps for managing cyber risks, including leadership engagement in cybersecurity; constantly improving technical cybersecurity resilience measures, applying systematic patching, and educating staff; taking time to fully assess the security and cyber risk credentials of new systems and services; and auditing supply chains to remove risky suppliers.
