2025 Cybersecurity Trends: 7 Trends to Watch

Dissecting the cybersecurity landscape isn’t easy. Organizations are perennially under-prepared. Seemingly every person in the world has been affected by some data breach. Then, we layer in the biggest tech news of the last couple years: the widespread experimentation and use of generative AI.

Today, no one is immune from the threat of an attacker. Each organization must be ready. Organizations of all sizes must understand the evolving cybersecurity landscape in order to defend themselves. Importantly, the impact of cyberattacks is not limited to the digital world. More and more, we see digital attacks having real impact on the physical world.

Fortunately for all of us, the goal and focus of cybersecurity has never been more clearly in focus. We know what we need to do, we just have to do the hard work. So, 2025 is a great year to reevaluate — and perhaps refocus — your security posture.

Lookback at recent trends

First, let’s take a quick stroll down memory lane. Technology writer Kayly Lange explored eight trends a year ago — let’s see how those landed now.

• Ransomware attacks will increase, become more professionalized. This truism remains, and with a new twist: the biggest trend in ransomware is extortionware, a new flavor of attack.
• Machine learning as the next attack vector. We are seeing more instances of data exfiltration, which could poison your ML datasets.
• Deglobalization pressures turn cybersecurity local. More local laws are emerging, especially around data privacy, and we’ll see how this local spin plays out in another trend below.
• It’s still a great time to work in cybersecurity. That’s because we need more security professionals than we currently have.
• Omnichannel attacks are on the rise. This has never been truer! More channels for us to live and work — social media, chat, phone calls, video, SMS — means more surfaces to attack.
• The CISO role expands. True: the stakes of security grow, so attention in the board room does too. In fact, nearly half of CISOs now report directly to their CEO.
• Requirements for cyber insurance will increase. Though estimates vary, you’re likely paying much more for cyber insurance today than you did just a year or two ago.
• Zero-trust is the norm. Yes, zero-trust is still the ideal standard, though many orgs still struggle to get there.

With that background, lets pivot to some top trends for security in 2025.

What’s in? Cybersecurity trends in 2025

Seven trends, in no particular order.

Trend 1: "Materiality" for cybersecurity will be defined

“Right now, no jurisdiction clearly defines materiality for cybersecurity incidents,” says Splunk CISO Michael Fanning. The current SEC definition is certainly vague: any event considered significant to an investor when making investment decisions.

That needs to change. Without a meaningful definition of "materiality", companies, organizations, and governments are missing out on exactly what will cause the most problems for their users: it's not just about cybersecurity, it's about structural resilience.

Defining materiality will be a welcomed regulatory change benefiting governments, businesses, and the public. By creating unified standards and guidelines, companies will better respond to incidents and build long-term security and trust.

(Read more from our 2025 Trends & Predictions.)

Trend 2: Threat hunting & detection engineering on the rise

Here at Splunk, we’re having more conversations about threat hunting than ever before. That alone is a reflection on cybersecurity going mainstream: we’re all being attacked, so how can we go on the offensive and hunt out these threats?

Threat hunting generally combines manual and machine-assisted processes — driven by curiosity and pattern recognition. Expert hunter and researcher David Bianco explains the relationship between automation and threat hunting:

The ultimate goal of threat hunting is not only to find more security incidents — but to improve automated detection capabilities over time.

Indeed, its this relationship between humans and automations that will power the most robust security mechanisms. Which explains the similar rise in detection engineering, a cyber discipline focused on building and continuously fine-tuning your systems to detect risky or unauthorized activities.

(For the latest in threat hunting, explore the new, agnostic PEAK Threat Hunting Framework.)

Trend 3. Cyber talent gaps to be filled by students

In 2023, federal agencies reported over 32,000 cyber incidents to the Cybersecurity and Infrastructure Security Agency (CISA). That's a 9.9% increase from the year prior. (View the CISA PDF.)  To manage this influx of threats, governments will tap into one of our most precious resources: students. 

“Given talent shortages and the vast budget differences between the public and private sectors, governments have an even steeper hill to climb. This will have to change because they’re targeted more than anyone.” -- Frank Dimina, Splunk SVP and general manager, Americas 

Student-powered SOCs are a foundational pillar of the “Securing Your Future State” initiative that aims to unite state agencies, higher education, the private sector, and local communities to safeguard their state’s digital ecosystem while fostering the next generation of cybersecurity experts. Student-powered SOCs enable the public sector to address mounting security concerns head-on while lowering costs and solving the growing talent crisis — all while serving as training grounds for students, where they gain real-world experience. 

Our prediction? Though student-powered SOCs are not widespread in the U.S. or Europe yet, they will become a common model. That's due, of course, to the widening talent gap we've heard about for years and budget shortages. As organizations, particularly governments, strengthen their academic relationships, we'll see more student-powered SOCs that, like all modern SOCs, provide 24/7 monitoring and threat detection.

Even better? They're an additional resource during incidents, relieving some of the burden on state and local government security teams

Trend 4: Fully embracing security automation (finally!)

Another thing our security pros have found: many, many people are interested in security automation. That’s because more and more people understand how their actions can have risk — and automation is one way to lower that risk. Automation enables critical functions to protect against regular attacks and known vulnerabilities.

Here at Splunk, we’re seeing significant growth in the amount of people looking for information about security automation, including security solutions like SIEM and SOAR. Learn more about these concepts:

• Security automation
• SIEM vs. SOAR solutions

Trend 5: A smarter focus on data

Dovetailing with the automation trend is a renewed focus on data. Data is the enabler for cybersecurity science. Its not about having enough data — its about ensuring the quality, security, and privacy of that data.

Data quality is important because it ensures that your data is accurate, complete, consistent, unique, valid, and maintains its integrity. If you’re basing your security on inaccurate, bad data, your cybersecurity will also be bad.

Not sure where to start? This guide to data types will help you prioritize.

Trend 6: AI for security

Shocking no one, AI is certainly on everyone’s trends list this year. More people are using AI — and using it well. And the more attention something in technology gets, the more it becomes a target for bad actors.

The biggest uptick is in the use of generative AI. Despite a lot of handwringing about AI leading to more cyberattacks, our SURGe security team researched this exact phenomenon and found that…at least for now, nothing is a huge deal.

In fact, it might be that AI will actually be helpful in the long run — it certainly will be central to how we do cybersecurity. That’s because AI on its own isn’t going to revolutionize anything, according to Gary Steele, Splunk’s President and CEO.

“What is crucial is the purposeful application of [AI] rather than widespread, undirected use.”

Indeed, Steele and others believe that AI will transform how the world’s most complex organizations will keep digital systems both secure and reliable. He predicts that “we will see AI bring enormous value by”:

• Automatically detecting anomalies.
• Leveraging predictive models to provide better ways for security teams to distill information, find patterns and prioritize threats.
• Recommending actions and focusing users’ attention where it’s most needed based on intelligent assessment of risk.

(Learn about Splunk AI & our trustworthy AI principles.)

Companies are already using genAI for cybersecurity. (The CISO Report)

Trend 7: Security becomes the #1 area for tech spending

With increasing interest rates globally, more organizations are dialing back unnecessary — or less justifiable — spending while going all-in on cybersecurity. With AI developing as rapidly as it is, organizations might be smart to define and strengthen your security posture right now, as preparation for the future.

(Learn more: IT Spending Forecasts & The State of Security Annual Report.)

What’s out for 2025

• Worrying about every little vulnerability. That’s because we don’t know what we don’t know: we can only guess which vulnerabilities are likely to present genuine threats to our systems in the near future. Instead, focus on the threat at hand.
• Data operations being limited to data scientists and data engineers. Today, everyone is using data at work. This is a blessing — people can understand their work better — and a curse: its yet another risk that security teams must consider. (Related reading: today’s top data trends.)
• Rolling your own encryption. It’s never cool.

The state of cybersecurity in 2025

To remain secure in the face of increasing threats, 2025 will require modern cyber-defense and offensive strategies to meet the evolving cybersecurity landscape. Both individuals and companies must look at their current digital footprint and consider how to lower their risk of attack — both now and in the years ahead.