Dos nuevos informes\u00a0\u2014Perspectivas de Ciberseguridad Global 2025 del Foro Econ\u00f3mico Mundial\u00a0y\u00a0Cybertrends 2025 de Thales: \u00bfCu\u00e1les son las tendencias cibern\u00e9ticas clave a tener en cuenta en 2025? \u2014 sugieren que cuatro factores principales impulsan el sector hoy en d\u00eda:
\n\u2022 Nuevas tensiones geopol\u00edticas, \u2022 Cadenas de suministro complejas, \u2022 El uso de nuevas tecnolog\u00edas por parte de los ciberdelincuentes, \u2022 La creciente carga de cumplimiento normativo para las organizaciones.<\/p>\n
Every year, cybersecurity experts face new vulnerabilities. Two new reports outline the threat of geopolitical conflicts, GenAI, complex supply chains, shadow IT and more\u2026<\/em><\/strong><\/p>\n Why is cybercrime so hard to defeat? There\u2019s an obvious answer. It is very lucrative.<\/p>\n Indeed, according to one estimate, scammers may have siphoned away $1 trillion in the past year alone. That\u2019s equivalent to the GDP of some nations.<\/p>\n So, there\u2019s a huge financial incentive for the scammers and the spammers to keep working. That said, many cybercriminals are not even doing it for the money. Instead, they\u2019re motivated by ideology or politics. This is all contributing to a worsening risk landscape.<\/p>\n Two new reports \u2013 the\u00a0World Economic Forum\u2019s Global Cybersecurity Outlook 2025<\/a>\u00a0and\u00a0Thales\u2019 Cybertrends 2025: What are key cyber trends to watch in 2025?<\/a>\u00a0\u00a0\u2013 suggest there are four main factors driving the space today.<\/p>\n \u2022\u00a0\u00a0 \u00a0New geopolitical tensions But it\u2019s not all bad news. The reports also reveal that a rising number of enterprises feel well-placed to defend themselves \u2013 thanks to new tools and better training.<\/p>\n There\u2019s a lot to digest in the research. To make things simpler, we crunched the data to surface 25 key trends for 2025\u2026 72 percent of respondents to the Global Cybersecurity Outlook (GCO) survey report a rise in cyber risks.<\/p>\n #2. $1 trillion to the scammers<\/strong><\/p>\n Cybercriminals earned $1.03 trillion in 2024. This cost some countries 3 percent of their gross domestic product (GDP).<\/p>\n #3. Cybercrime is an industry<\/strong><\/p>\n Cyber-enabled fraud is so profitable it has attracted organised crime. It is estimated that 220,000 people have been forced to work in online scam-farms in South-East Asia.<\/p>\n #4. Cybersecurity insurance is set to double<\/strong><\/p>\n The size of the global market for cyber insurance will grow from $14 billion in 2023 to $29 billion in 2027.<\/p>\n #5. One outage: $5bn in losses<\/strong><\/p>\n In 2024 a faulty update to CrowdStrike\u2019s cloud-based security software caused $5 billion in losses. It showed the chaos that can result from an outage.<\/p>\n #6. Ideology is driving more attacks<\/strong><\/p>\n Geopolitical conflicts \u2013 especially the Russian invasion of Ukraine and the conflict between Israel and Hamas \u2013 are fueling more crime. The line is blurring between hacktivists, cybercriminals and states.<\/p>\n #7. Geopolitics is affecting enterprises too<\/strong><\/p>\n Nearly 60 percent of organisations say geopolitical tensions have affected their cybersecurity strategies. One in three CEOs say cyber espionage and loss of sensitive IP is their top concern.<\/p>\n #8. Nearly half of companies have been socially engineered<\/strong><\/p>\n When cybercriminals cannot beat tech defences, they can always trick humans into giving them the keys. Social engineering is a huge problem. 42 percent of organisations experienced a successful attack in the past year.<\/p>\n #9. AI is this year’s biggest threat<\/strong><\/p>\n 66 percent of organisations expect AI to have the most significant impact on cybersecurity in the year to come. But despite this, just 37 percent have processes in place to deploy the tech safely.<\/p>\n #10. The new GenAI threat: Prompt Injection Attacks<\/strong><\/p>\n Hackers now use prompt injections to trick GenAI systems into leaking sensitive data. They are a serious threat as there is still no foolproof way to address them.<\/p>\n #11. The AI deepfakes are here<\/strong><\/p>\n Deepfakes have been discussed for years. Now, they have arrived. There was a 223 percent rise in the trade of deepfake-related tools on the dark web between Q1 2023 and Q1 2024.<\/p>\n #12. AI will create new cybersecurity roles<\/strong><\/p>\n AI is changing the way everyone works \u2013 including cybersecurity teams. 91 percent of chief information security officers (CISOs) expect AI to generate novel roles in the space.<\/p>\n #13. Introducing the AI CISO assistant<\/strong><\/p>\n Many believe AI tools can serve as security advisers \u2013 like a co-pilot to the CISO \u2013 spotting threats and aiding decision-making.<\/p>\n #14. Small firms believe they are 5x more vulnerable to attacks<\/strong><\/p>\n 35 percent of small organisations feel they cannot secure themselves against cybercrime. By contrast, only 7 percent of large enterprises think the same.<\/p>\n #15. The public sector is more vulnerable<\/strong><\/p>\n When it comes to cyber defences, there\u2019s a huge gap between the public and private sector. 38 percent of public sector respondents feel they lack resilience, compared to just 10 percent of medium-to-large private-sector organisations.<\/p>\n #16. Developing nations need better defences<\/strong><\/p>\n Cybercrime at the state level is a rising concern. The good news is that just 15 percent of respondents in Europe and North America lack confidence in their country\u2019s critical infrastructure defences. More worryingly, this proportion is 36 percent in Africa and 42 percent in Latin America.<\/p>\n #17. CEO\u2019s biggest worry? The supply chain<\/strong><\/p>\n 54 percent of large organisation leaders say supply chain is the biggest barrier to achieving cyber resilience. The problem is rising complexity and a lack of visibility into the security levels of suppliers.<\/p>\n #18. Regulations make companies feel safer\u2026<\/strong><\/p>\n 78 percent of leaders from private organisations feel that cyber and privacy regulations effectively reduce risk in their ecosystems.<\/p>\n #19. \u2026But regulation needs to consolidate<\/strong><\/p>\n Cybercrime laws might help, but there are too many of them. The research found that 76 percent of CISOs say fragmentation is affecting their ability to maintain compliance. Meanwhile 69 percent find regulations too complex and struggle to know if third-party suppliers are compliant.<\/p>\n #20. More cyber skills needed<\/strong><\/p>\n Two out of three organisations report moderate-to-critical skills gaps. Only 14 percent of organisations are confident they have the people and skills they need.<\/p>\n #21. Ransomware is the CISO’s biggest fear<\/strong><\/p>\n 57 percent of CISOs named ransomware is the biggest cybercrime concern, compared with 22 percent for supply chain disruption.<\/p>\n #22. Cybercrime-as-a-Service (CaaS) is spreading<\/strong><\/p>\n CaaS is on the rise, allowing individuals without technical expertise to commit cybercrime. This model makes malware harder to detect as there are so many different perpetrators, each using different techniques and behaviour patterns.<\/p>\n #23. The infostealer is the cyber criminals\u2019 new weapon\u00a0<\/strong><\/p>\n Infostealers take credentials from compromised devices, browsers, cookies, and logins. They can even steal one-time passwords (OTPs), and can be bought for as little as \u20ac5.<\/p>\n #24. Zero-day vulnerabilities have surged<\/strong><\/p>\n A zero-day vulnerability is a flaw in software that is unknown to the programmer\/vendor. State-sponsored actors are investing more resources into finding these flaws in 2025.<\/p>\n #25. IoT boosts the Shadow IT threat<\/strong><\/p>\n The IoT will continue to increase the attack surface in 2015. A particular problem is Shadow IT, where \u2019things\u2019 are integrated into corporate networks without the knowledge of IT teams.<\/p>\n
\n\u2022\u00a0\u00a0 \u00a0Complex supply chains
\n\u2022\u00a0\u00a0 \u00a0The use of new technologies by cybercriminals
\n\u2022\u00a0\u00a0 \u00a0The rising compliance burden for organisations<\/p>\n
\n#1. The cyber threat is rising<\/strong><\/p>\n