When it comes to cybersecurity in 2025, artificial intelligence is top of mind for many analysts and professionals.
Artificial intelligence will be deployed by both adversaries and defenders, but attackers will benefit more from it, maintained Willy Leichter, CMO of AppSOC, an application security and vulnerability management provider in San Jose, Calif.
“We know that AI will be used increasingly on both sides of the cyber war,” he told TechNewsWorld. “However, attackers will continue to be less constrained because they worry less about AI accuracy, ethics, or unintended consequences. Techniques such as highly personalized phishing and scouring networks for legacy weaknesses will benefit from AI.”
“While AI has huge potential defensively, there are more constraints — both legal and practical — that will slow adoption,” he said.
Chris Hauk, consumer privacy champion at Pixel Privacy, a publisher of online consumer security and privacy guides, predicted 2025 will be a year of AI versus AI, as the good guys use AI to defend against AI-powered cyberattacks.
“It will likely be a year of back-and-forth battles as both sides put to use information they’ve gathered from previous attacks to set up new attacks and new defenses,” he told TechNewsWorld.
Mitigating AI’s Security Risks
Leichter also predicted that cyber adversaries will start targeting AI systems more often. “AI technology greatly expands the attack surface area with rapidly emerging threats to models, datasets, and machine language operations systems,” he explained. “Also, when AI applications are rushed from the lab to production, the full security impact won’t be understood until the inevitable breaches occur.”
Karl Holmqvist, founder and CEO of Lastwall, an identity security company based in Honolulu, agreed. “The unchecked, mass deployment of AI tools — which are often rolled out without robust security foundations — will lead to severe consequences in 2025,” he told TechNewsWorld.
“Lacking adequate privacy measures and security frameworks, these systems will become prime targets for breaches and manipulation,” he said. “This Wild West approach to AI deployment will leave data and decision-making systems dangerously exposed, pushing organizations to urgently prioritize foundational security controls, transparent AI frameworks, and continuous monitoring to mitigate these escalating risks.”
Leichter also maintained that security teams will have to take on more responsibility for securing AI systems in 2025.
“This sounds obvious, but in many organizations, initial AI projects have been driven by data scientists and business specialists, who often bypass conventional application security processes,” he said. “Security teams will fight a losing battle if they try to block or slow down AI initiatives, but they will have to bring rogue AI projects under the security and compliance umbrella.”
Leichter also pointed out that AI will expand the attack surface for adversaries targeting software supply chains in 2025. “We’ve already seen supply chains become a major vector for attack, as complex software stacks rely heavily on third-party and open-source code,” he said. “The explosion of AI adoption makes this target larger with new complex vectors of attack on datasets and models.”
“Understanding the lineage of models and maintaining the integrity of changing datasets is a complex problem, and currently, there is no viable way for an AI model to unlearn poisonous data,” he added
Data Poisoning Threats to AI Models
Michael Lieberman, CTO and co-founder of Kusari, a software supply chain security company in Ridgefield, Conn., also sees poisoning large language models as a significant development in 2025. “Data poisoning attacks aimed at manipulating LLMs will become more prevalent, although this method is likely more resource-intensive compared to simpler tactics, such as distributing malicious open LLMs,” he told TechNewsWorld.
“Most organizations are not training their own models,” he explained. “Instead, they rely on pre-trained models, often available for free. The lack of transparency regarding the origins of these models makes it easy for malicious actors to introduce harmful ones, as evidenced by the Hugging Face malware incident.” That incident occurred in early 2024 when it was discovered that some 100 LLMs containing hidden backdoors that could execute arbitrary code on users’ machines had been uploaded to the Hugging Face platform.
“Future data poisoning efforts are likely to target major players like OpenAI, Meta, and Google, which train their models on vast datasets, making such attacks more challenging to detect,” Lieberman predicted.
“In 2025, attackers are likely to outpace defenders,” he added. “Attackers are financially motivated, while defenders often struggle to secure adequate budgets since security is not typically viewed as a revenue driver. It may take a significant AI supply chain breach — akin to the SolarWinds Sunburst incident — to prompt the industry to take the threat seriously.”
Thanks to AI, there will also be more threat actors launching more sophisticated attacks in 2025. “As AI becomes more capable and accessible, the barrier to entry for less skilled attackers will become lower while also accelerating the speed at which attacks can be carried out,” explained Justin Blackburn, a senior cloud threat detection engineer at AppOmni, a SaaS security management software company, in San Mateo, Calif.
“Additionally, the emergence of AI-powered bots will enable threat actors to execute large-scale attacks with minimal effort,” he told TechNewsWorld. “Armed with these AI-powered tools, even less capable adversaries may be able to gain unauthorized access to sensitive data and disrupt services on a scale previously only seen by more sophisticated, well-funded attackers.”
Script Babies Grow Up
In 2025, the rise of agentic AI — AI capable of making independent decisions, adapting to their environment, and taking actions without direct human intervention — will exacerbate problems for defenders, too. “Advances in artificial intelligence are expected to empower non-state actors to develop autonomous cyber weapons,” said Jason Pittman, a collegiate associate professor at the school of cybersecurity and information technology at the University of Maryland Global Campus in Adelphi, Md.
“Agentic AI operates autonomously with goal-directed behaviors,” he told TechNewsWorld. “Such systems can use frontier algorithms to identify vulnerabilities, infiltrate systems, and evolve their tactics in real-time without human steering. “
“These features distinguish it from other AI systems that rely on predefined instructions and require human input,” he explained.
“Like the Morris Worm in decades past, the release of agentic cyber weapons might begin as an accident, which is more troublesome. This is because the accessibility of advanced AI tools and the proliferation of open-source machine learning frameworks lower the barrier for developing sophisticated cyber weapons. Once created, the powerful autonomy feature can easily lead to agentic AI escaping its safety measures.”
As harmful as AI can be in the hands of threat actors, it can also help better secure data, like personally identifiable information (PII). “After analyzing more than six million Google Drive files, we discovered 40% of the files contained PII that put businesses at risk of a data breach,” said Rich Vibert, co-founder and CEO of Metomic, a data privacy platform in London.
“As we enter 2025, we’ll see more companies prioritize automated data classification methods to reduce the amount of vulnerable information inadvertently saved in publicly accessible files and collaborative workspaces across SaaS and cloud environments,” he continued.
“Businesses will increasingly deploy AI-driven tools that can automatically identify, tag, and secure sensitive information,” he said. “This shift will enable companies to keep up with the vast amounts of data generated daily, ensuring that sensitive data is continually safeguarded and that unnecessary data exposure is minimized.”
Nevertheless, 2025 could also usher in a wave of disappointment among security pros when the hype about AI hits the fan. “CISOs will deprioritize gen AI use by 10% due to lack of quantifiable value,” Cody Scott, a senior analyst for Forrester Research, a market research company headquartered in Cambridge, Mass., wrote in a company blog.
“According to Forrester’s 2024 data, 35% of global CISOs and CIOs consider exploring and deploying use cases for gen AI to improve employee productivity as a top priority,” he noted. “The security product market has been quick to hype gen AI’s expected productivity benefits, but a lack of practical outcomes is fostering disillusionment.”
“The thought of an autonomous security operations center using gen AI generated a lot of hype, but it couldn’t be further from reality,” he continued. “In 2025, the trend will continue, and security practitioners will sink deeper into disenchantment as challenges such as inadequate budgets and unrealized AI benefits reduce the number of security-focused gen AI deployments.”
