As businesses make plans for the year ahead, they shouldn’t lose sight of the growing risks from cyberattacks. Threats such as ransomware are likely to increase in 2025, but fortunately, there are proactive steps employers can take. Here are some predictions that professionals at Forvis Mazars have for this year based on their observations, along with tips to help companies prepare for potential threats.
Artificial Intelligence (AI)
As AI continues to develop, expect the technology to affect both cyberattacks and cyber protection.1 Industry professionals have noticed that the time keeps dwindling between the moment a vulnerability is identified and when it is exploited—meaning that potential attacks can occur in minutes, not days. And those attacks don’t necessarily need a lot of technical expertise.
Cybercriminals with minimal cyber and development skills can easily conduct automated attacks utilizing AI in which malware is created through AI platforms and can be utilized to steal an individual’s money or organization’s data. In the past, thieves often required a skill set and funding for attacks, but the technology has made their efforts more cost-effective. On the flip side, AI also can help organizations more quickly identify threats, respond, and protect data if utilized in threat monitoring and response technologies and tools.
Ransomware Attacks
Ransomware is expected to continue to give businesses of all sizes headaches, including the risk of double extortion.2 That’s an attack in which malicious actors initiate a ransomware attack but also steal data from an organization and threaten to sell it on the dark web, resulting in either a backup plan for a failed ransom or a secondary threat. The entity may pay $1 million to have its data unlocked, only to have the cybercriminal say later that they kept a copy of the data and will sell it unless they receive another million.
Professionals at Forvis Mazars recommend pursuing all other remedies before resorting to paying a ransom. Our cyber team can help entities find ways to restore systems and potentially unlock their data.
More Breaches Utilizing Internet of Things (IoT) & Operational Technology (OT)
It is expected that in 2025, cybercriminals in foreign countries wishing to destabilize the U.S. economy could attempt to utilize technology to target critical U.S. infrastructure.3 A Chinese hacking operation identified in 2023 reportedly compromised thousands of devices in the U.S., prompting a federal investigation.4
Higher Cyber Insurance Costs
Companies may see continued increases in costs for cyber breach insurance, potentially significantly more than in prior years, given the prevalence of threats.5 To survive, insurance companies may either drastically raise prices or drop cyber breach coverage for organizations they perceive as highly risky. As a result, some companies may not be able to afford the insurance they need and be forced to devote the money to their cyber program.
Insurance companies also may increase evaluations of their clients’ security control programs. They may hire businesses such as Forvis Mazars to do assessments before providing an insurance quote.
U.S. National Data Protection Law
Given the use of the General Data Protection Regulation in the European Union, the U.S. is likely to see some type of data protection law next year. Some state-level information disclosure act laws currently exist, but companies can have difficulties knowing which state law to follow. The SEC has rules regarding the disclosure of breaches and organizations’ security structures for public companies,6 but a national law would help with the protection of U.S. citizen personal data.
Increased Centralized Attacks
During the past year, there have been a lot of supply chain attacks,7 which can potentially allow a cybercriminal access to multiple organizations with one breach. For example, instead of focusing on one business, the attacker goes after a supplier providing services to several companies. Unlike many ransomware attacks, which tend to be random, these crimes are often more targeted.
Actions Companies Should Consider
Companies wanting to take proactive measures against cyber risks are encouraged to do the following:
- Perform a cyber risk assessment. Build a road map to help improve your security.
- Conduct tabletop testing. Make sure you are prepared for a ransomware attack.
- Patch your systems, including firmware on IoT and OT.
- Do penetration testing, including web app testing.
- Make sure security controls are where your data is. If you move data to the cloud or Software as a Service (SaaS), make sure security controls are maintained. Perform a cloud security assessment.
- Have multifactor authentication everywhere.
- Use good endpoint protection with firewall services on.
- Logging and monitoring. Centrally log endpoint logs, security toolset logs, cloud logs, and SaaS logs. Make sure someone is actively monitoring.
The cybersecurity team at Forvis Mazars can help you protect your digital assets and assist your organization in staying compliant and secure. If you have any questions or need assistance, please reach out to one of our professionals.
- 1“FBI Warns of Increasing Threat of Cyber Criminals Utilizing Artificial Intelligence,” fbi.gov, May 8, 2024.
- 2“#StopRansomware Guide,” cisa.gov.
- 3“DHS warns of escalating threats to US critical infrastructure in 2025 Homeland Threat Assessment,” industrialcyber.co, October 4, 2024.
- 4“Exclusive: US disabled Chinese hacking network targeting critical infrastructure,” reuters.com, February 1, 2024.
- 5“With Attacks on the Upswing, Cyber-Insurance Premiums Poised to Rise Too,” darkreading.com, January 18, 2024.
- 6“How businesses should respond to the SEC’s cybersecurity disclosure rules,” thomsonreuters.com, April 16, 2024.
- 7“Companies Take a Closer Look at Supply Chains After Recent Cyberattacks,” wsj.com, March 20, 2024.