12 01732 759725 DISTRIBUTION 1 AI arms race The AI arms race remains the most anticipated and discussed topic. What’s clear is that generative AI models have proliferated in businesses, technologies and services without a huge amount of thought or attention. These tools are still largely free because the industry and the tech haven’t yet reached a point of maturity. However, fee models are coming!! Companies that have been using free tools should start to feel nervous about where the data is going. Key considerations for cybersecurity are: 1) DLP (Data Loss Prevention) applied to GenAI models is a good guardrail and source of insight for organisations; 2) If you’re building/ developing an LLM you’ll need a purposebuilt tool; 3) focus on AI runtime through more robust chipset security and softwarebased runtime security solutions; and 4) Information governance will become more important, covering both data discovery, leading to data security posture management, and data encryption. 2 Ransomware-as-a-service There is absolutely nothing (so far) that can truly protect us from ransomware. There is plenty of tech that can mitigate risks by trying to prevent us from falling foul of the exploits that lead to the payloads that infect us, but should ransomware arrive, even EDR has been proven utterly useless in preventing it, especially when it takes hold. 2025 will see What does 2025 have in store for the IT channel? Here, Distology CTO Lance Williams highlights 10 trends set to shape the tech discourse over the next 12 months Ten trends to watch in 2025 Lance Williams the first technologies that take the fight to ransomware with anti-ransomware features, such as prevention, recovery and data exfiltration prevention. 3 Identity takes ZTA main stage In 2025 identity security technologies will become a greater focus and standard practice for many organisations, as it’s core to ZTA (zero trust architecture). Knowing who is accessing, what they have accessed and for how long (and controlling and governing what they can access) will deliver invaluable insights into the ‘normal’ behaviours of each individual. This is essential for spotting abnormal behaviour, a key sign of compromise, and will ensure that access is governed and managed effectively. 4 Key target: supply chain & CNI Supply chain and critical national infrastructure (CNI) continue to be key targets for cyber attack. The reality is attackers will continue to exploit weaknesses in CNI, largely via the OT and IoT environments, and also through third party suppliers whose defences may be less robust than the target organisation. Technologies that address this have emerged throughout 2024 and will enjoy rapid adoption into 2025. 5 IoT & 5G security With the proliferation of IoT and the continued adoption of 5G to improve connectivity, we’re expecting IoT and 5G security to be areas of concern and interest. We’re monitoring developments in this space. 6 Biometric security & authentication There is an increasing shift towards passkeys and growing use of biometrics to authenticate someone or something. Fingerprint scanners are commonplace on mobiles and laptops, which is pushing us to be passwordless. Concern about biometric data breaches will rise as a result. 7 Data security, regs & threats The focus in recent years has been on endpoint, secure access service edge technologies and cloud security solutions, but as data breaches continue data security will return as an area of focus to an extent we haven’t seen for almost ten years. ‘Post quantum readiness’ is becoming a staple of industry events and this places importance on technologies, such as encryption, to be post-quantum ready. 8 Cyber resilience & readiness Cyber resilience and readiness is the name and aim of everything cybersecurity heading into 2025. Just as we all have to work on developing good cybersecurity practices, it’s important that every organisation can bounce back from an attack through technology and services-based resiliency measures and that people know how to be adaptable, as we can’t perfectly plan our response for every scenario. Cybersecurity incidents will happen on a small, medium and even grand scale so businesses need to sharpen their focus on disaster recovery and business continuity planning. 9 Get ‘secure by default’ Never mind all the technological advancements we’ve seen over the past 20 years, the weakest link is us! HRM (human risk management) is an essential evolution of security awareness training and testing (SATT) helping us to be conditioned better as individuals and the organisations we work for to be more aware of what ‘normal’ behaviour looks like for each person. 10 Quantum computing readiness What is quantum computing? It is the principles of quantum mechanics being applied to computing. Traditional computing is based on the bit, quantum computing is based on the quantum bit, or qbit, and this is millions of times faster. Because it will be able to compute things millions of times faster, it will break current encryption methods in milliseconds. We are 10 years off quantum computing becoming a reality and the subject is still largely dominated by academics. However, it represents such a fundamental shift in everything we know about computing that people are talking about it more and, as stated above, are investigating technologies that seem to address ‘post quantum readiness’. With threat actors purportedly stealing encrypted data to decrypt in a post-quantum world, the snowball is already forming, even if it is not yet rolling down the hill.
RkJQdWJsaXNoZXIy NDUxNDM=