The cybersecurity landscape is poised for transformative shifts in 2025 driven by technological innovation and evolving threats.  As cybercriminals become more sophisticated, organisations must stay ahead by proactively adopting strategies that prioritise identity security and business resiliency.   

Thomas Fikentscher, CyberArk’s Area Vice President for ANZ, outlines his key cybersecurity predictions highlighting a singular truth: businesses must prioritise robust, forward-thinking security measures to stay ahead in an increasingly complex digital environment. 

1. The balance act between AI and security innovation takes centre stage 

The use of AI models promises to deliver significant productivity improvements to organisations along with streamlined automation, and simplified interactions with complex technologies. Yet, the rapid pace of AI innovation continues to outrun advancements in security, leaving critical vulnerabilities exposed.  

It’s imperative that when deploying AI, organisations learn from previous instances where new technologies were implemented without adequate security foresight. The consequences of AI breaches could be severe, making prioritizing proactive security measures from the outset essential.  Relying on cybersecurity teams to play ‘catch up’ after AI security breaches would be a costly and potentially devastating miscalculation. 

2. Non-human identity and workforce identity security will become essential for modern enterprises in 2025 

The rapid adoption of cloud-native technologies and AI means there are more identities to manage at greater speed and with more complexity. Attackers are increasingly zeroing in on non-human identities, particularly in cloud-native, development and broader OT/IoT environments. As Australian organisations continue to shift their workflows and workforces to the cloud, post-authentication breaches will become even more common. Multi-factor authentication does not offer sufficient protections for employees across a variety of business functions who have access to sensitive data, are authorized to manage critical business processes and could become privileged users at multiple points during an ordinary work day. Organisations should be taking active steps to reimagine their workforce identity security. 

 3. Organisations will have an increased focus on resiliency and risk management around third party organisations  

In the wake of high-profile breaches involving major third and fourth-party organisations, there will be a growing demand and need to achieve organisational resiliency and lower risk. In 2025 and 2026, businesses will seek greater transparency and stronger assurances from their vendors, shifting toward resilient, multi-cloud or hybrid architectures to reduce downtime and dependency on single providers. This underscores the growing importance of reliable and secure infrastructure, particularly in sectors where cloud adoption is high and digital services are mission-critical.