OPSWAT executive predicts his Top 10 cybersecurity trends for 2025

Sertan Selcuk, VP for METAP & CIS, OPSWAT, has provided his 10 cybersecurity trends that the critical infrastructure sector should keep an eye on in 2025.

As we head into 2025, the United Arab Emirates (UAE) looks forward to yet another year of innovation that takes us yet another step closer to the fulfillment of Vision 2030.

As business leaders flesh out strategies for investment, operations, and recruitment, they will try to anticipate the unexpected. In 2024, the UAE Cyber Security Council identified 155,000 vulnerable assets, with two in five critical vulnerabilities remaining unaddressed for over five years.

Let 2025 be the year we fight to secure our economic future. Below are 10 predictions about cybersecurity for the coming year that should help focus the defenders’ actions.

1. Fighting AI fire with AI fire

Cheaper AI has lowered entry hurdles for threat actors. In some cases, this has been done by plugging technical knowledge gaps for attackers; in others, AI has provided more grammatically and aesthetically convincing phishing messages, increasing the likelihood of success in credentials theft. The same tools can be leveraged by potential targets to bolster their cyber defenses, but so far, we see UAE organizations often lagging behind their adversaries’ adoption. In 2025, we believe this trend will begin to reverse itself, with business and technology leaders collaborating on ways to focus cyber investments where they will have the greatest impact.

2. A return to basics

Both because of increases in the sophistication and volume of attacks and because of the lack of skills and resources in the cybersecurity function (significant budget will now be swallowed by AI), UAE businesses will focus more on the basics in 2025. They will prioritize critical sites and assets, prioritizing segmentation to segregate their crown jewels. With the right strategy, the enterprise can secure the environment while preserving its ability to glean actionable business insights. To accomplish this, it will rely on one-way data transfers using data diodes, backed by traditional scanning policies for inbound removable media and mobile devices.

3. Constant vigilance

As the cost of machine learning continues to fall and phishing campaigns become more convincing, UAE enterprises should brace for an increase in attacks on employees’ devices. Where its people have long been an organization’s greatest cyber-vulnerability, they remain its greatest potential weapon. This year, we will see a greater focus on awareness training and novel detection controls to protect against AI-powered social engineering.

4. Securing the supply chain

The targeting of the latticework of vendors, suppliers, distributors, and other partners that make up the modern business environment will continue in 2025. As OT becomes ever more vulnerable because of its merger with IT, the energy, utilities, and manufacturing sectors will become points of concern. Threat actors will target suppliers or subcontractors to compromise critical infrastructure. Since these attacks represent existential threats to the economy at large and to public health and safety, we expect to see an escalation in investment in their protection in 2025.

5. Accountability to regulators

At a GITEX Global 2024 panel, it was pointed out that amid the explosion in advanced technologies like AI, attackers still commonly exploit basic vulnerabilities with basic infiltration methods. Outdated software is a persistent vulnerability for organizations, and this could be the year when UAE businesses recognize the risks, not only to operations but to their legal standing with regulators. Unfortunately, investments in awareness training have not been enough to prevent people from falling for social engineering. To address their compliance shortfalls, businesses must intensify their training efforts, tailoring each lesson to the learner, and making sure it is immersive enough to ensure retention.

6. The cloud crisis

When OT-heavy organizations adopt cloud technologies for flexibility and scalability, they expand their attack surfaces. This transition calls for strong network perimeter security protocols. Cloud-connected devices must communicate with host services through data diodes for secure, one-way data transfer. Where remote access to OT environments is necessary, other secure pathways should be used that are tailored to specific OT tasks and use the least-privilege principle. In 2025, we expect to see increased adoption of such cloud-aware solutions.

7. Ransomware, of course

According to the UAE Cyber Security Council, half of all cyberattacks in the country are ransomware attacks. It is expected to continue this year, signifying the need for preventative measures such as staff awareness and N-tier backup facilities.

8. A return to premises

As we already mentioned, the cloud is vulnerable. Consequently, businesses worldwide are moving their data from cloud storage solutions to on-premises setups. Inspired by high-profile incidents such as the 2023 MOVEit attacks, we expect this migration to continue through the coming year as UAE organizations dial back their reliance on third parties.

9. Securing Web apps

The rise of the multi-cloud environment has brought with it new vulnerabilities. In 2025, organizations will look to multi-layered defenses recommended by the Open Worldwide Application Security Project (OWASP) to secure Web apps. Many organizations have relegated security to an afterthought when adopting AI tools.

This may be because best practice standards have yet to emerge on the tools or practices that most effectively protect enterprises as they use AI. This leads to vulnerabilities being overlooked, including those in Web apps.

10. Consolidation of vendors

The art of cybersecurity continues to be non-holistic among regional businesses. Companies work with point solutions, each geared towards a specific area, such as endpoints or networks.

This leads to data silos and an open field for attackers who understand how to decipher their attacks so no one tool can detect a breach. As such, the visibility of the security team is compromised. In 2025, we expect to see UAE enterprises prioritize vendor consolidation, not only to cut costs but to give the SOC a single pane view of the attack surface.

Rays of hope

Yes, attackers are becoming more sophisticated. Yes, they use AI. And yes, we can expect the volume of campaigns to increase.

The UAE enterprises do not face this fight unarmed. By returning to the drawing board on protections and training, and by turning to pragmatism on budgets and resourcing, UAE business leaders can prepare for the 2025 cyber battlefield without breaking the bank.