6 minutes to read With insights from... Dr. Raphael Reischuk Group Head Cybersecurity & Partner raphael.reischuk@zuehlke.com 1. AI-driven cyberattacks: An arms race in automation AI is rapidly transforming cybersecurity – not just for the defenders but also for the attackers. Malicious actors are leveraging AI to automate attacks, evade detection, and exploit vulnerabilities with greater speed and sophistication. Deepfake-powered social engineering, AI-generated malware, and automated phishing campaigns are all expected to become more prevalent.According to the World Economic Forum’s Cybersecurity Outlook 2025 two-thirds of companies expect AI to have a significant impact on cybersecurity by 2025, but only 37% report having the necessary tools to assess and mitigate related risks. The challenge is even greater for smaller organisations, where 69% lack the safeguards needed to ensure the secure deployment of AI technologies. Additionally, Gartner identifies AI-driven cyberattacks as a top concern, with 80% of executives recognising them as a critical emerging risk. Attackers can use AI to customise malware, enhance penetration testing, and generate highly convincing phishing campaigns, making traditional security measures less effective. To mitigate these risks, organisations should: Integrate AI-enhanced security platforms, such as XDR/MXDR (Managed Extended Detection and Response), to improve automated threat detection.Strengthen SIEM (Security Information and Event Management) systems for real-time monitoring and response.Provide continuous employee training on emerging AI-powered threats, including deepfake social engineering and AI-generated phishing tactics. More insights on AI’s impact on cybersecurity can be found in our analysis of AI-driven security threats in What does AI mean in the context of security? 2. The quantum threat: Preparing for cryptographic change Quantum computing is progressing rapidly, and while no one can predict exactly when it will break current encryption at scale, Gartner forecasts that by 2029, existing cryptographic methods will become obsolete. While only 4% of the respondents in the World Economic Forum’s Cybersecurity Outlook 2025 consider quantum technologies as the factor that will “most significantly affect cybersecurity in the next 12 months“, these technologies present a long-term challenge for organisations that rely on secure communications and data protection.A major concern is that encrypted and signed data stolen today could be decrypted and forged in the future once quantum computing reaches the necessary threshold. This makes post-quantum cryptographic readiness an urgent priority. To prepare for the quantum threat, organisations should: Develop a structured migration plan to transition to quantum-resistant encryption algorithms.Identify and secure critical systems that will be most affected by quantum decryption.Stay informed on post-quantum cryptography advancements like key-encapsulation mechanisms to ensure timely adaptation.Explore industry collaborations for post-quantum security solutions. Zühlke’s recent partnership with InfoSec Global, for example, focuses on helping organisations transition to quantum-safe encryption. More details can be found here.For a deeper dive into the implications of quantum computing, read our blog post on Quantum computing and cybersecurity—why it’s time to prepare now. 3. The expanding IoT attack surface As organisations deploy more connected devices across industries – from smart factories and energy grids to autonomous vehicles and healthcare systems – the cybersecurity risks associated with IoT continue to grow. Each connected device represents a potential entry point for attackers, making IoT security a critical priority.The Zscaler ThreatLabz 2024 Mobile, IoT, and OT Threat Report observed a 45% increase in IoT malware attacks from June 2023 to May 2024. According to Gartner, cybersecurity will be one of the top investment priorities for CIOs in 2025, with IoT security receiving a significant share of funding growth. This is understandable, as the existing security structures are often not sufficient to comprehensively protect the complexity of IoT ecosystems. To address this challenge, organisations should: Integrate security by design into product development by embedding robust security measures at every stage, ensuring vulnerabilities are addressed before deployment.Ensure compliance with regulatory frameworks by regularly updating security protocols to meet evolving industry standards and legislative requirements.Implement continuous device monitoring and attestation, leveraging external expertise where necessary, to ensure that security risks are identified and mitigated in real time.Collaborate with third-party security specialists to gain insights into emerging threats and best practices for safeguarding IoT infrastructures. 4. Regulatory complexity: Navigating an evolving landscape The regulatory environment for cybersecurity is becoming increasingly complex, with stringent measures such as GDPR, the Cyber Resilience Act (CRA), DORA, and NIS-2 introducing stricter compliance requirements. While these regulations aim to enhance security standards, multinational organisations face significant challenges due to inconsistencies across different jurisdictions. No wonder Gartner notes that aligning Cyber GRC (Governance, Risk, and Compliance) with overall risk management strategies remains a key challenge.Adapting to these evolving frameworks requires businesses to not only monitor regulatory changes closely but also integrate compliance considerations into their broader cybersecurity strategy. Failure to do so could result in increased financial burdens, operational inefficiencies, and heightened security risks. To navigate the evolving regulatory landscape, organisations should: Track regulatory changes proactively to ensure compliance with evolving laws.Align Cyber GRC (Governance, Risk, and Compliance) strategies with overall risk management.Strengthen supply chain security measures to mitigate compliance risks across vendors and partners. 5. The growing dependency trap: The risks of vendor lock-in The growing reliance on a small number of dominant technology providers for critical infrastructure, cybersecurity solutions, and cloud services poses systemic risks. This concentration of power can result in economic dependencies, reduced competition, and significant vulnerabilities if these providers experience failures or disruptions. Particularly in Europe, where technological self-sufficiency lags behind leading regions, organisations must consider the implications of geopolitical tensions, regulatory shifts, and market imbalances. In their Foresight Cybersecurity Threats For 2030 report, the European Union Agency for Cybersecurity (ENISA) rates “supply chain compromise of software dependencies” as the biggest threat to organisations with the greatest potential impact and the greatest likelihood of occurrence. A lack of diversification in technology supply chains poses significant risks, including monopolistic pricing, constrained innovation, and heightened exposure to cyber threats. The growing reliance on a small number of dominant providers for critical infrastructure, cybersecurity solutions, and cloud services further exacerbates these challenges, introducing systemic vulnerabilities. Overdependence on a few key players not only limits diversification options but also increases the risk of economic exploitation and leaves organisations exposed to disruptions caused by geopolitical instability. Gartner warns that this trend poses long-term economic and security risks, particularly as Europe remains heavily reliant on foreign technology providers. To mitigate vendor lock-in risks, organisations should: Adopt a diversification strategy to avoid over-reliance on a single technology provider, ensuring greater resilience against systemic failures.Invest in open-source solutions to enhance transparency, control, and reduce dependency on proprietary technology.Strengthen local innovation ecosystems by fostering partnerships with regional suppliers and leveraging government incentives to support homegrown cybersecurity advancements.Encourage competition and supplier diversity by promoting interoperability and supporting standards that facilitate a more balanced technology landscape. Future-proofing cybersecurity: Key takeaways Cybersecurity in 2025 will demand a shift from reactive defence to proactive resilience. As threats grow more sophisticated and attack surfaces expand, organisations must adopt a comprehensive approach that integrates advanced threat intelligence, automation, and collaboration across industries. The key priorities for organisations include:Strengthen AI-driven security operations to counter emerging threats.Transition towards post-quantum cryptographic readiness before vulnerabilities arise.Embed security in IoT design to mitigate risks in connected environments.Stay compliant with evolving regulations and adapt to new compliance requirements.Reduce supply chain dependency risks by diversifying vendors and technology stacks. As cyber threats become more sophisticated and regulatory landscapes evolve, organisations must take a strategic, long-term approach to cybersecurity.For further discussion on how your organisation can prepare for these challenges, feel free to reach out.