Claroty 2025 Cyber Security Predictions

Critical Infrastructure | Identity & Access Management | OT Security | Reports & Predictions

Posted: Thursday, Nov 28

KBI.Media
$
Posts
$
TECHNOLOGY
$
Critical Infrastructure
$
Claroty 2025 Cyber Security Predictions

i 3 Table of Contents

Claroty 2025 Cyber Security Predictions

From Leon Poggioli

The use of cyberattacks in executing modern warfare, which is already happening, will enter public awareness

A major cyberattack will be executed on critical infrastructure as part of a wartime scenario and this will enter mainstream news, as world leaders recognise the need to protect their domestic critical infrastructure from being attacked by an act of war from their enemies. Proposed legislation to protect Australia’s critical infrastructure sectors will be formally legislated, which will expose organisations that under-invested in cyber security and haven’t made efforts to improve their cyber posture. A successful attack on critical infrastructure will also become an election issue in some jurisdictions as citizens demand their governments to protect the critical infrastructure they rely on from cyberattacks.

A “back to basics” approach to OT cybersecurity

In 2025, we will see at least one “invisible” cyber attack on a critical infrastructure organisation, i.e. where the attack proceeds completely undetected due to an organisation’s lack of knowledge regarding its network and connected devices. An example of this was the Danish Power grid attack in 2023, where one electricity operator didn’t even realise it had a device in its network with a critical vulnerability. These undetected attacks will prompt other critical infrastructure organisations to properly map their attack surface, keep an accurate and up-to-date inventory of all connected assets to their network, and understand the highest-risk devices in their environment that need to be remediated.

A renewed focus on Identity Access Governance in OT environments

Organisations will place a renewed focus on user access in their Operational Technology (OT) environments – targeting both internal and external users. Organisations will increasingly move away from jumpboxes and VPNs, to simpler, fit-for-purpose solutions designed to appropriately govern “Just in Time” Access to OT systems. This will also result in organisations clamping down on unsanctioned remote access methods in OT, like hidden 4G modems and FTP servers for file uploads. Password sharing will also be removed in favour of better user identity and control methods for these critical systems.

Leon Poggioli

Leon Poggioli is the ANZ Regional Director at cybersecurity company Claroty. His focus is to help Australia’s critical infrastructure and industrial organisations on their journeys to discover, assess and protect their entire cyber-physical infrastructure - assets which are not typically protected by IT Security Cyber Controls. Leon also runs the YouTube channel @XIoTCyber, where he talks about different cyber-physical security topics in easily consumable, bite-sized thought leadership pieces. Furthermore, Leon is the Author of The Trust Matrix, a book about how trusted relationships between different people helps teams work together more effectively. Leon’s articles are regularly featured in Australian Technology Publications and he has appeared on National Television sharing advice on cybersecurity in a way which is accessible to the general public.