By Siroui Mushegian, Adam Khan, and Riaz Lakhani at Barracuda

With 2025 around the corner, the cybersecurity landscape continues to evolve at a breakneck pace, shaped by emerging technologies, evolving threats, and a growing emphasis on resilience and compliance. From a transformative role of AI in both defense and attack strategies to the proliferation of shadow IT risks and the rise of more sophisticated ransomware campaigns, organizations must prepare for the upcoming year by adapting to these anticipated changes. As a company, Barracuda is committed to helping prepare organizations adapt to the ever-evolving landscape. In the next year, we anticipate that businesses will need to proactively navigate these challenges while seizing opportunities to strengthen their defenses.

Siroui Mushegian, Chief Information Officer at Barracuda

• Companies need to approach AI Security with caution: Businesses are at a pivotal moment in AI innovation-a thrilling opportunity that comes with sharp risks. AI is both a shield and a sword in cybersecurity: offering unprecedented potential to strengthen cybersecurity, while giving attackers new tools to exploit. As companies advance their use of AI, they must proceed cautiously. Success hinges on using AI thoughtfully and strategically, not just adopting AI for the hype but strategically deploying it where it truly adds value.

• Building Cybersecurity Resilience Among Rising Threats will become pivotal: As ransomware and supply chain attacks surge, the compliance industry is raising the bar on cybersecurity standards, pushing companies to adapt and fortify their defenses. While there may be overlap globally, regional nuances require tailored approaches to compliance. Cybersecurity resilience is critical - not only to stay ahead of changing regulations, but also to ensure organizations can respond and recover swiftly if the inevitable happens. In the coming year, we'll see companies across sectors embrace a unified approach, making cybersecurity a collective responsibility and improving overall cyber resilience against ever-evolving threats.

Adam Kahn, Vice President of Global Security Operations at Barracuda

• Extended Detection and Response (XDR) will become the backbone of security operations: In 2025, XDR will evolve beyond reactive monitoring to become the backbone of predictive and automated security operations. Expect XDR platforms to integrate with broader ecosystems like SOAR and AI-driven threat intelligence, enabling dynamic risk scoring and prioritized responses across cloud, endpoint, network, and more. AI will play a central role, enabling XDR to analyze vast volumes of data in real time, detect subtle attack patterns, and predict potential threats before they materialize. This AI-driven evolution will transform XDR from a responsive tool into a proactive security strategy, capable of adapting to an ever-changing threat landscape.

SMBs, often seen as low-hanging fruit for attackers, will increasingly adopt XDR as a cost-effective solution to consolidate their defenses, mirroring enterprise-grade security at an accessible scale. AI's automation capabilities will make advanced security attainable even for resource constrained organizations, significantly reducing their reliance on large SOC teams. Think of XDR not just as a 911 system for your business, but as a full service command center, driven by AI, preemptively defusing threats and continuously learning to enhance resilience.

• Data Security will shift to "Securing Data in Use": By 2025, data protection strategies will shift from solely securing data at rest or in transit to securing data in use. Privacy preserving technologies like homomorphic encryption and confidential computing will see widespread adoption, driven by compliance requirements and the need for real-time collaboration without compromising sensitive data. Sectors like healthcare and education will embrace AI-based anomaly detection to safeguard their treasure troves of personal and organizational data, addressing attackers' increasing focus on these industries. Incident response will move from annual table-top exercises to continuous testing through simulated attack platforms, enabling organizations to measure readiness in real time.

Riaz Lakhani, Chief Information Security Officer at Barracuda

• The surge of shadow IT risk will continue: The risk associated with shadow IT will grow significantly unless companies aggressively address it. With so many software-as-a-service (SaaS) services being introduced by employees, contractors, or others as more innovative tools are available for easy deployment without a security review, there's a heightened risk of data leakage and general security threats. Additionally, the use of unsanctioned AI SaaS tools will increase, posing risks of downloading malicious Large-language models (LLMs) or legitimate LLMs that have been tampered with.

• Ransomware for all: Ransomware will continue to be a major issue, affecting not only large corporations but also small and medium-sized healthcare organizations and even individuals. Last year, I highlighted the UHC/Change Healthcare issue, which personally impacted my wife, a doctor who owns her private practice and uses Change Healthcare for revenue cycle management. We've also seen incidents like the one with GM. Threat actors are finding good return-on-investment (ROI) in ransomware attacks and will likely double down. Barracuda published a threat spotlight on a campaign where threat actors targeted individuals by showing pictures of their homes and insinuating physical threats unless a ransom was paid.

• Extremely percussive social engineering: We will see very convincing social engineering attacks like never before. Threat actors will use AI to scale content creation, produce more persuasive content, and employ deepfake/voice replication for sophisticated phishing and social engineering attacks. Phishing already provides a good ROI for threat actors, and I fully expect to see high-quality phishing to warm up the target with layered follow-up social engineering tactics.

The year 2025 will mark a pivotal moment in cybersecurity, where innovation must meet strategy and resilience. As AI reshapes the way organizations detect and respond to threats, the adoption of predictive technologies like XDR, privacy-preserving tools, and advanced compliance measures will become essential. However, with increasing risks such as shadow IT, percussive social engineering, and the ever-present threat of ransomware, organizations must remain proactive and collaborative in their approach to security. By embracing these expert insights and investing in forward-thinking strategies, businesses can not only protect themselves but also foster a safer, more resilient security ecosystem.