In 2024, the cybersecurity landscape saw several significant developments—from the Cyber Resilience Act (CRA) entering into force to the global CrowdStrike incident during the summer. Now that we have entered 2025, the obvious question is: What’s next?
Of course, nobody can predict the future with certainty. Nevertheless, our Practice Heads have taken a look into the crystal ball to share their perspectives on the cybersecurity trends and challenges that may shape 2025.
Today we’re speaking with Florian Walther, Head of Defensive Security.
Although 2024 is behind us, let’s start with a quick look back. From your perspective, what were the biggest cybersecurity challenges for organizations?
Florian Walther: In my view, the biggest challenges in IT and information security have remained the same for years—they all come down to getting the basics right.
Secure system configurations, responsible IT operations, timely patch management, and a backup and recovery strategy that actually works.
We are now at the beginning of 2025. Which cyber threats do you expect to be particularly relevant this year?
Florian Walther: The quality of social engineering attacks will continue to improve, largely driven by advances in artificial intelligence.
As a result, I expect both the number of cyber incidents and the resulting damage to increase.
At the same time, organizations continue to outsource more and more IT services. That increases both the overall risk and the potential impact of cyberattacks.
Supply chain attacks will also become even more attractive for attackers.
Hit one, hack many.
How do you expect the regulatory landscape for cybersecurity to evolve during 2025?
Florian Walther: Several important regulatory developments will arrive in 2025—including NIS2, the Cyber Resilience Act (CRA), and DORA.
That said, I don’t expect their real, measurable impact to become apparent until the coming years.
What I do see positively is that Europe is finally moving in the right direction. For far too long, software vendors and manufacturers of digital products operated with virtually no meaningful liability. I’ve never understood why a small snack stand or a simple keychain is subject to stricter liability rules than software—even though software has become fundamentally more important to the functioning of modern society.
Those days are coming to an end.
For the first time, manufacturers are increasingly being held responsible for the software and digital products they develop and place on the market. Admittedly, the level of liability is still not comparable to that of the physical world—but it’s a major step forward.
These regulations fundamentally change the equation for manufacturers. Companies that fail to take product security seriously will increasingly face legal and financial consequences. That creates a strong incentive to invest in cybersecurity, information security and secure product development, ultimately resulting in more secure digital products for everyone.
In the past, vendors were often able to shift much of their security risk onto their customers.
Think of the old saying: “Banana software—it ripens at the customer’s site.”
In the future, that approach will carry significantly greater liability risks.
From my perspective, increasing accountability in the digital world is long overdue. We’re finally heading in the right direction.
What role will Artificial Intelligence play in cybersecurity during 2025—both as a defensive tool and as a threat?
Florian Walther: Like in many other fields, AI will continue to accelerate both offensive and defensive cybersecurity capabilities.
We’ve already been seeing this trend for quite some time, and I fully expect it to continue.
That said, I don’t believe AI will become a true game changer for cybersecurity during 2025.
Looking back over recent years, which cybersecurity developments have surprised you the most—and what do you expect for 2025?
Florian Walther: What continues to surprise me is that the IT industry keeps creating more complexity and more dependencies, while simultaneously wondering why cybersecurity problems and cybercrime aren’t getting any better.
At some point, people will hopefully realize that you don’t find the needle in the haystack any faster simply by adding more hay.
What advice would you give organizations that want to be well prepared for 2025?
Florian Walther: Make sure you’ve actually mastered the fundamentals.
Get your configurations right. Establish proper patch management. Make sure your backup and recovery processes really work.
Reduce unnecessary complexity and dependencies.
And invest in people and expertise rather than chasing questionable cloud services.
Finally, what are your personal wishes for 2025 from the perspective of your practice area?
Florian Walther: Interesting projects—without extreme workload peaks (laughs).
New colleagues.
And continuing to make CERTAINITY, and especially our Defensive Security team, an even better place to work.
