speed than traditional methods . As attacks on enterprises continue to grow in prevalence and sophistication , investing in AI to improve security processes , operations and defence is essential to any CISO strategy . gathering encrypted data passed across the Internet to be decrypted once quantum technology becomes viable in the next five to 10 years . So , although Quantum Computing sounds like a problem for the future , it needs to be a security concern now . As such , CISOs must work closely with cloud providers , looking into their post-quantum services offerings , future-proofing data today that will be difficult to crack in five years .
Lincoln Goldsmith , Director of Channels & Alliances APJ , Semperis
Firstly , Active Directory will become a prominent target for cybercriminals . Hackers will increasingly target Active Directory ( AD ) in 2025 . AD is the most widely used authentication and authorisation solution in enterprise IT networks globally , and also a blind spot for many security teams .
For most organisations , Active Directory is at the heart of their operational resilience because it manages access to nearly all users , groups , applications and resources , which also makes it a top target for attackers . Yet , only one quarter ( 27 %) of the companies surveyed globally by Semperis said that they maintain dedicated , Active Directoryspecific backups , which hackers have recognised and are increasingly taking advantage of . The Australian Signals Directorate and Five Eyes Alliance have recently warned Australian businesses of an uptick in attacks on AD , demonstrating that this will be a key priority area for 2025 .
Growing geopolitical instability has increased the likelihood of nation-statesponsored hackers targeting the critical infrastructure of opposing countries .
Today , technology is evolving faster than data governance frameworks and security protocols . With employees increasingly experimenting with AI in the workplace , secure AI integration demands a structured approach that encompasses security protocols baked into all processes and clear direction on accepted AI use . To achieve this , a CISO strategy must prioritise an effective training plan for staff , so employees understand their key role in keeping organisational data secure .
Finally , CISO strategies for the new year need to branch beyond 2025 . CISOs need to be implementing technologies and processes today that your business will be thankful for in the years to come . A great example of this comes from the expected rise in Quantum Computing . Current cryptography methodology will inevitably be ‘ debunked ’ as quantum becomes available at scale and ‘ quantum-capable ’ threats will start to rise as the technology becomes more accessible .
We are already seeing evidence of threat actors adopting ‘ store it now , crack it later ’ strategies ,
The number of attacks on critical infrastructure will also increase , as will their sophistication . While hospitals , government agencies , electricity operators and the like are regularly targeted by cybercriminals , we will see a further increase in the number of attacks on Australian critical infrastructure in 2025 for a few reasons . Firstly , critical infrastructure networks often rely heavily on legacy software , which is only growing older and more insecure as the years go by . A large amount of this legacy software is no longer supported by the vendors who originally made it , meaning they are full of security vulnerabilities and frequently unable to be patched .
Furthermore , critical services such as hospitals and water treatment facilities operate on a 24 / 7 basis with zero room for downtime – which has unfortunately made them more likely to pay the ransom to get their systems back up and running , as opposed to a non-critical service which can wait . To add fuel to the fire , growing geopolitical instability has increased the likelihood of nationstate-sponsored hackers targeting the critical infrastructure of opposing countries .
WWW . INTELLIGENTCISO . COM 39