From cyber resilience to AI and security at the edge
Trends in cyber security 2025
The agencies Web and Tech PR and Touchdown PR in Puchheim obtained statements from industry experts on the subject of cyber security.
Times are uncertain - how can this fact be ignored by IT? It is no coincidence that experts in IT security and storage solutions see several tasks for the security and backup of data and applications in 2025: From the edge to IT provisioning to backup, all areas of IT will be the target of a successful attack sooner or later. Not only new attack technologies such as artificial intelligence, but also geopolitical tensions or the increased demands on IT availability due to the digital transformation are increasing the requirements for IT security and data protection. Cyber resilience will become an important discipline if proactive cyber security can no longer fend off all attacks.
Thomas Lo Coco, Sales Manager Central Europe, Absolute Security: Resilience throughout the IT deployment process
"Resilience is now a very broad term, but it will become more focused: It will be about not reactively trying to prevent problems, but proactively looking for ways to prevent them from occurring in the first place. It is also important to understand that there is no hard line between traditional IT and security when it comes to providing IT and security at the endpoint. Developments in recent years show that the term resilience is increasingly being applied to cyber security in a generalized way. I think that in future, resilience will be used for the entire IT provisioning process. This is because there is a clear added value when potential IT problems are resolved preventively - regardless of whether they are security problems or not. It makes sense for more and more companies to apply the same preventive tools for remedying IT problems and pure security issues to ensure resilience. Cyber resilience is a paradigm that goes beyond traditional cyber security. It's about ensuring that the digital operations at the heart of an organization can withstand cyberattacks, technical disruptions, intentional tampering and new implementations, and recover quickly in the event of an attack."
Jörg von der Heydt, Regional Director Dach at Bitdefender: AI changes attack and defense
"Artificial intelligence, disinformation, skills shortages, the consequences of increasing cloud adoption and weaknesses in software development will open up new attack opportunities over the next twelve months and place additional demands on cyber security. In a nutshell: AI will continue to radically change both attacks and defenses. With AI, cyber criminals can generate code much more easily and control their attacks without human interaction - this makes attacks faster, more far-reaching and, above all, automatable. AI can also play an undesirably optimizing role in the selection of potential victims: Compromisable identities can be enriched by it with additional information, which gives attackers the opportunity to target victims more specifically and effectively. Disinformation through audio and video fakes takes on a new quantity and quality thanks to artificial intelligence. An increase in the number of deepfakes created in a much more professional manner requires an adapted defense strategy that goes beyond traditional IT security tools and systems.
In the coming year, the shortage of skilled workers will force us to use resources even more efficiently. AI will also come into play here - but this time on the right side. AI-based bots can take over repetitive defensive tasks, for example detecting and prioritizing alarms across multiple systems or assisting IT support departments. In addition to the broad field of artificial intelligence, the topic of the cloud will occupy IT security in 2025. The increasing cloud adoption in Germany brings new challenges in the resulting hybrid IT environments. The silo mentality of many stakeholders in companies, including IT teams, is an obstacle. They lack an overview of the entire infrastructure. Another consequence of this limited perspective is the ignorance of many companies towards the risk of manipulation in the software development phase. The protection mechanisms provided in DevOps tools only feign sufficient security, but do not adequately take into account complementary components such as repositories or containers. Professional malware developers are aware of this and will continue to attack the supply chain because of its scaling effects."
Uli Simon, Director Sales Engineering at Commvault: Data security and data availability require resilience
"The major trends of digital transformation are not only opening up new opportunities for productivity - they are also expanding the attack surface on IT. Increasingly, hackers not only want to access data, but also block systems, applications and processes in order to blackmail companies. Cyber attackers are scaling up and their attacks are becoming increasingly complex - in any case, they are becoming the new normal. Data security is therefore faced with the task of detecting attacks preventively, for example through AI-supported early detection of anomalies. But unauthorized access cannot be ruled out. Those responsible for cyber security need to focus on the aftermath of an unavoidable attack. Cyber security without cyber resilience will not be able to guarantee the availability of business processes, applications and systems. Only those who are cyber resilient will not only pass the cyber maturity tests of the present, but also those of the near future. Cyber resilience is based on using AI to determine the last available untouched backup snapshot from a continuous backup and restoring it as quickly as possible. This includes a crisis-proof plan for restoring individual files through to rebuilding entire systems, applications or multi-cloud environments, including configurations.
In order to pass this maturity test, many IT security managers will have to rework in 2025. So far, they have rightly tried to strengthen preventive defenses, but have neglected the emergency plan. Detailed, repeated and documented testing of the emergency plan is the training for successful cyber recovery. The vast majority of IT departments are therefore not yet fully prepared for rapid recovery. Cyber maturity is a joint task. SecOps and ITOps as well as management must work together. IT managers also need new external collaborations. Defense and recovery require the cooperation of an ecosystem with manufacturers, resellers, distributors, managed service providers and hyperscalers. Service and technology partners have recently come a long way on the road to overcoming silos. Continuing along this path will be an important task in 2025. The final subject of the maturity test will be regulations. The Dora Regulation, which will come into force in January 2025, poses a new challenge. Meeting its requirements will not be easy for the banking and financial IT ecosystem, as there is a lack of instructions and specific guidelines. IT service providers are also still working on understanding the criteria and adapting their processes. If they prepare well, they will not only have new tasks, but also new areas of business."
Oliver Keizers, Area Vice President Emea Central at Semperis: More attacks, higher resilience
"In 2025, geopolitical tensions, particularly between the "West" and the Brics/Global South, will lead to an increase in strategic cyberattacks. Critical infrastructure and "random bycatch" will be increasingly targeted, while cyber groups from these regions will expand their activities. At the same time, software supply chain attacks are gaining in importance, bypassing traditional protection perimeters and forcing companies to rely more on "defense in depth." The differentiation between strategic attacks and financially motivated cyberattacks is becoming clearer, making resilience and rapid recovery essential for companies. Preparation and planning can no longer be a side issue: they must become a central management task and be actively anchored in the corporate culture in order to meet the challenges of an increasingly vulnerable digital world."
Tobias Pföhler, Regional Sales Manager Dach, StorMagic: Addressing potential vulnerabilities at the edge
"The trend has been moving away from the public cloud for some time now. The return of data and workloads from the public cloud to local infrastructures will continue in 2025. This trend will continue to be driven by the challenges of cloud lock-in and the need for greater control over data and costs. Companies will prioritize more local computing capacity, particularly to improve data processing at the network edge. This trend will result in more workloads at the edge, requiring advanced approaches to data management, AI and GPU support. However, more edge data also means more security concerns, as edge computing also increases the attack surface. Accordingly, it is expected that companies will need to focus more on security at the edge of the network to address potential vulnerabilities at the edge."
You might also be interested in
Statement on the European Data Protection Day
How companies protect digital identities and data
On European Data Protection Day 2026, Christian Kubik, Manager Field Advisory Services Team EMEA at Commvault, explains why digital identities are at the heart of data protection. He shows how companies can prevent cyberattacks, secure data and...
read more...Cyber threats: Pragmatic approach in three steps
Due to increasing digitalization and networking, systems and machines must be better protected against cyberattacks. Operators of systems requiring monitoring can use the Technical Rules for Operational Safety (TRBS) as a guide. The TÜV association...
read more...Technology challenge with two themes
On October 20 and 21, 2023, IT specialists, students and trainees will come together in Siegen to work together on topics relating to programming and cybersecurity. ifm is organizing a special edition of the hackathon format with its...
read more...Always one step ahead of cyber criminals
Cybercrime is now omnipresent. What can companies and IT managers do to ensure that these attacks remain unsuccessful?
read more...Security for the cloud connection
The large volumes of data that are now being generated in industry are increasingly being moved to public clouds. Hybrid architectures are being used for this. Steve Rymell, Head of Technology, Cybersecurity, at Airbus CyberSecurity, explains what...
read more...Steel wholesaler relies on virtualization
Strong competition, high price pressure and rising customer expectations - the steel industry is under increasing pressure. Uninterrupted, permanent operation and fast response times are essential for wholesalers to remain competitive. They depend...
read more...Infineon strengthens its offering as a partner of Amazon Web Services
Infineon Technologies is an "Advanced Technology Partner" of the cloud services provider Amazon Web Services (AWS).
read more...Serious shortage of IT security specialists on the rise
Every second company fears problems due to a lack of IT security specialists. Skillsoft outlines five measures to close the skills gap and improve IT security.
read more...Business climate in the automotive industry rises slightly in May
German car manufacturers are somewhat more optimistic about the coming months. The latest ifo survey provides new insights into the situation of the German automotive industry.
read more...