Safety & Security Predications - 2025 - X-Industry

Several years ago, I presented a joint panel discussion in Las Vegas on the integration of Physical and Cyber Security, in conjunction with Human Relations departments. I am not sure that message has resonated within all the various business sectors, but many are adopting this new synergy. Red Sky would like to provide some security predictions for 2025.

Cyber Security - 12 CIS Experts' Cybersecurity Predictions for 2025: The 2024 general election...the CrowdStrike Falcon outage...insider threats from nation-state actors, these developments created new risks for organizations like yours in 2024. In doing so, they shifted the conversation around your cybersecurity priorities going forward. There's so much change in the cybersecurity field to decipher. Where do you focus your efforts? To put next year into context, below are observations and predictions by a dozen experts at the Center for Internet Security (CIS) about their cybersecurity predictions for 2025.

Marci Andino | VP of the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC): While the increase in attention generated by a presidential election is over, election officials will continue to experience the impact of generative artificial Intelligence (GenAI). GenAI makes it easier, faster, and more economical to create higher quality phishing emails. But it’s not all bad news. There will likely be more positive uses of technology, as well.[1]

The EI-ISAC will also continue to adapt to multidimensional threats to better meet the needs of our election members. Cyber-attacks on critical election infrastructure can be combined with information operations, physical attacks, and election disruption tactics to impact election operations.

Sean Atkinson | CISO: Sean Atkinson, Zero Trust Enablement with the Focus for 2025 on Identity: The emphasis on unauthorized access and privilege escalation will act as a catalyst to drive a robust assessment of identity management and drive adoption of zero trust security models. AI-Enabled Attack and Defense: We will continue to see new artificial intelligence (AI) capabilities and maturity in this space as attackers integrate this capability into sophisticated attack strategies and defenders/vendors integrate better models into defensive capability.

Supply Chain Risk Management: An increased focus on assessment strategies for vendor due diligence, vendor alignment to more robust security compliance frameworks, a start of the "shift left demand" from the customer base, as well as organizations and thought leaders building governance assessment models for AI integrations into products and services.

Jason Emery | Director of Cybersecurity Advisory Services Program: AI-Assisted Cybersecurity Tools: I believe we will see the continued evolution of AI-assisted cybersecurity tools that help offset the lack of cybersecurity professionals in smaller US State, Local, Tribal, and Territorial (SLTT) government organizations. These tools will provide operations-oriented IT staff the ability to manage and secure their environment even while overwhelmed by the daily tasks of “keeping the lights on.” Managed service providers (MSPs) and managed security service providers (MSSPs) will also leverage these tools to become nimbler and to stretch their limited human resources further when supporting their clients.

Governance Focus in K-12: In my work, I see many small to medium-sized K-12 school districts starting to focus more on formalizing their cybersecurity programs, including governance from the top down. Many district superintendents and school boards are realizing the importance of top-level support in these programs. A good cybersecurity program is not just an IT concern but is, in fact, a strong business concern. I see districts implementing proven cybersecurity controls like the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) and the CIS Critical Security Controls (CIS Controls) more in the coming year to help them be strategic in their efforts and investments.

IT-OT/ICS Convergence: IT and Operational Technology (OT) / Industrial Control Systems (ICS) will continue to see more convergence. These systems are used to manage our water, wastewater, power, etc. Traditionally, these platforms have remained outside the IT environment. I see more of these systems being connected to the general network for remote management, additional capabilities, etc. This adds cybersecurity risk to these environments. We will see more emphasis being placed on proper vulnerability management, threat detection, and cybersecurity frameworks for OT/ICS environments. The key to success will be to take into account the unique nature of these systems to avoid affecting uptime negatively.

Don Freeley | VP of IT Services: Don Freeley Zero Trust Advances in the Enterprise: Embracing a zero-trust approach to securing company assets, access, and systems will gain momentum in organizations of all size in 2025. Employees and customers demand access to resources and data from multiple locations and devices. Each link in the access chain needs to be treated as untrusted, with access and authorization continuously verified. Secure websites or VPNs, even with MFA enabled, are not enough to prevent unauthorized access, data loss, and exfiltration.

Secure by Design Becomes Part of IT’s DNA: Recent high-profile security breaches will drive adoption of secure by design principles in IT projects. The idea that security can be bolted on to a service or project at the end has shown itself to be hard and inefficient. Incorporating security, compliance, and governance into early stages of a design leads to better overall outcomes and helps foster a culture of security across the organization. IT organizations will accelerate the move in this direction in 2025.

Stephen Jensen | Sr. Director of Plans, Programs, & Exercises: 2025 is bringing with it more connected devices than ever before. The Internet of Things (IoT) has revolutionized how organizations collect data about the day-to-day lives of their customers and employees. The intersection of conventional networks with wirelessly enabled devices of all sizes and types creates new avenues for attack as well as new areas of focus for security professionals. Securing these connected devices by using network segmentation, improved network protocols meant for these types of connections such as Wi-Fi HaLow and ensuring that your devices are patched and updated when available will help to keep your environment(s) secure.

Angelo Marcotullio | CIO: Angelo MarcotullioTraining and adhering to basic cybersecurity practices ensure that even non-technical staff can recognize and mitigate risks. Cyber-attacks such as phishing, ransomware, and malware often exploit human errors, making employees the first line of defense. By focusing on these basics, employees help safeguard the organization’s reputation, financial stability, and customer trust. Moreover, prioritizing cybersecurity fosters a culture of responsibility and awareness across the workforce. Employees who are vigilant about spotting suspicious activities and following security protocols not only protect themselves but also contribute to the organization's overall resilience. This collective effort minimizes the likelihood of successful cyber-attacks and demonstrates the organization’s commitment to safeguarding its stakeholders. Empowering all employees to recognize and report potential cybersecurity attacks can lead to the prevention of cyber-attacks.

Lee Myers | Sr. Director of Security Operations - Consolidation of Operations: For many years, there has been a rush to spend cybersecurity funding to bring in the latest and greatest technology to aid in cyber defense efforts against an ever-evolving cyber-attack ecosystem. Organizations' technology footprint now exceeds their ability to successfully leverage the tools "in house," with them relying on third-party consultants or service providers to utilize these tools and leverage the collected data on their behalf. As expertise grows within these organizations and a more mature cyber strategy emerges that aligns with business or organization goals, we will see a reduction in redundant or unused technology within individual organizations. This will lead to increased efficiency and impact from the tools that remain, with resources being reprioritized for their use and the value that they bring to the organization.

Lee Noriega | Executive Director of Cybersecurity Services Organization and Acting General Manager of Sales and Business Services - Executive Director, Cybersecurity Services Organization at Center for Internet Security Going into 2025, the security risks of AI will continue to be a huge area of concern for many organizations.

Cybercriminals will continue to leverage AI to enhance the sophistication and scale of their attacks.
AI-Generated phishing emails and adaptive malware will make it increasingly difficult for traditional security measures to detect and mitigate threats.
AI will contribute to the evolution of ransomware, increasing the speed and precision of these attacks as well as making them more difficult to defend against.
The combination of social media and generative AI will enable more sophisticated scams and impersonations.
As AI tools become more integrated into business operations, there will be a growing risk of data breaches caused by improper use of these tools.

Randy Rose | VP of Security Operations & Intelligence: Increased Uses for Quantum Outside of Research: In 2025, expect to see application of quantum computing outside of the university research lab. Advances in quantum are expected to challenge current cybersecurity measures by potentially breaking common cryptographic algorithms. In response, there will be a surge in adopting quantum-resistant algorithms (aka post-quantum cryptography) to protect sensitive data across all industries. Additionally, quantum computing will enhance threat detection and predictive analytics; it will be marketed to enable a shift from being reactive to being proactive. In software development, quantum computing will drive innovation in algorithm design, improving efficiencies in code execution and problem-solving capabilities.

Expect well-resourced early adopters to start implementing soon and less resourced followers to face technical and financial challenges in updating systems to keep up pace.

Evolution of IoT and Edge Computing: The industry continues to move from the cloud to the "fog" of edge computing, placing data processing closer to the data source and even using crowdsourcing techniques of other nearby devices. This is going to put an increased focus on IoT as an increasingly attractive target for attackers, as one of the biggest beneficiaries of edge computing is the IoT device handling real-time data. IoT devices are now ubiquitous; they're found throughout homes and businesses globally, including smart appliances, HVAC systems, solar and other power systems, and smart speakers, to name a few. As the attack surface for IoT grows, so too will the need for IoT security tools, frameworks, and best practices.

Focus on Socio-Political Impacts of Emerging Technology: While AI and machine learning (ML) have been around for a long time now, their use historically was mostly hidden from the public consumer. That changed in November 2022 with the public release of ChatGPT followed by other large language models (LLMs). We're now leaving the honeymoon phase and beginning to shift focus onto what we've learned these past two years on the social, political, and technical impacts of GenAI. Expect more research on the impact of GenAI on everyday life, the use of GenAI to augment skills that once took years to hone (such as coding), and the democratization of creative works. There will be significant challenges to intellectual property claims and authenticity which we may start to see play out in court in 2025. Based on the way the models are trained, some LLMs have been shown to widen existing gaps in equity and increase digital repression. While GenAI has the potential to enhance learning and accessibility, without proper oversight, it risks deepening the digital divide, supercharging disinformation and information operations campaigns, and amplifying global concerns around human rights.

Marcus Sachs | SVP, Chief Engineer: Sachs Artificial Intelligence: In 2025, artificial intelligence (AI) will play an even larger role in cybersecurity, both for good and bad. Attackers are likely to use AI to automate attacks, create adaptive malware, and avoid traditional detection methods. Unlike manually controlled attacks, AI-powered adversaries will use adaptive algorithms to change and carry out attack strategies in real time. These strategies could adjust based on what they detect and exploit, making it harder for defenders to keep up. Meanwhile, defenders will also increase their use of AI to improve threat detection, anomaly spotting, and predictive analysis. This AI "arms race" will redefine how attackers and defenders tackle cybersecurity.

Compliance and Regulation: As AI systems become more common, cybersecurity issues related to data privacy, manipulation of AI models, and misuse of AI-generated content will grow. To address this, compliance frameworks will be introduced to ensure organizations secure their AI training data, model accuracy, and interactions with users. This new focus on "AI security compliance" will push companies to improve defenses around AI models, reducing risks of disinformation, theft of intellectual property, and misuse of sensitive data in AI systems. Beyond AI, traditional regulatory actions will impact critical infrastructure, with governments likely to enforce minimum cybersecurity standards and response protocols to boost resilience against physical and cyber threats. Expect new policies requiring cybersecurity education and proactive risk assessments for critical infrastructure to mitigate major risks. Cyber-Informed Engineering principles may gain traction as an essential tool for embedding resilience into critical systems.

Cloud Security: With more organizations moving data and operations to the cloud, there will be greater attention on cloud security and data location. In 2025, new laws may require that sensitive data stay within national borders, affecting how companies manage and store data across regions. This emphasis on data sovereignty will lead companies to adopt multi-cloud strategies to stay compliant with evolving regulations while ensuring flexibility and security. As businesses and critical services become increasingly dependent on cloud services, some countries may prioritize cloud availability in national emergency plans, recognizing that stable cloud access is mandatory for crisis management. This shift could lead towards the establishment of a new program like Cloud Service Priority (CSP), treating cloud infrastructure as important as utilities like electricity and telecoms.

Zero Trust: Zero trust architectures, which do not assume any inherent trust within or outside an organization’s network, will likely become the default approach for cybersecurity in organizations with hybrid or remote workforces. As employees work from various locations on different devices, zero trust will gain importance for securing both on-premises and cloud environments. This approach will drive investments in identity and access management, endpoint security, and continuous monitoring technologies, changing how companies secure both internal and external access.

TJ Sayers | Director of Intelligence & Incident Response: A Bolstered Cybercriminal Market for Phishing as a Service Models. AI-Driven tools have all but eliminated classic human errors within traditional social engineering activity. Typos and formatting mistakes in text-based phishes are increasingly rare, and advanced voice and video deepfakes are near-indecipherable from reality. Exploiting humans as an initial attack vector still reigns supreme, and customizable phishing kits under a fee-for-service model will lower the bar of entry for threat actors and greatly increase their social engineering successes against end users. My predictions from last year will also apply in 2025. Ransomware and associated extortion-based threats will undoubtedly remain the leading and most disruptive threat facing SLTTs, and blurred lines between threat actor groups will grow increasingly opaque

Valecia Stocchetti | Sr. Cybersecurity Engineer, CIS Critical Security Controls

Headshot of Valecia StocchettiAI Embedded in Software: AI has exploded in many ways over the past 1–2 years. This rise in the use and abuse of AI will likely continue to grow in 2025. Organizations will face many complex challenges because of this. For one, vendors will continue to embed AI features into their software and applications, producing a forcing-function for organizations to either adopt or drop these new features. In some instances, these AI features can't be turned off or removed. Organizations will need to be vigilant in what is acceptable risk in terms of using AI features. Questions to ask include the following: Where is my data being stored? Is it being kept confidential and is it protected? Am I still in compliance with certain regulations I need to comply with? Regulations on AI are still emerging. It remains to be seen whether end-organizations will be able to keep up with demands on the vendor side.

AI-Based Threats: On the other hand, AI-based threats will continue to grow, impacting both our personal and professional lives. Organizations will face an increase in phishing attacks created with AI, making them more lifelike and less like the former “Nigerian prince” email scams we once solely faced. This means that users will need to be even more observant and, more importantly, “think before they click.” According to the 2024 Verizon DBIR, human elements are still responsible for 68% of data breaches. While that figure may have fluctuated somewhat over the years, it remains quite high. Organizations will need to continue to implement a defense-in-depth strategy to block these threats and prevent themselves becoming tomorrow’s news headline.

AI For the Better: While AI can pose all sorts of “doom and gloom” in the cybersecurity world, it can also do a lot of good. Depending on the technology, we can become more efficient at our jobs, reducing the need for manual work. For example, it can help us with intrusion prevention systems so that we can detect and prevent the less “noticeable” threats as well as reduce the rate of false positives. There is also the benefit of AI models learning from the data that is fed into the system, making it (hopefully) more effective. Overall, AI will continue to spark innovation, bring about new threats, and continue to raise privacy concerns. As with anything in the field of technology, it’s a balance between usability and security. This is why it is important for organizations to:

Practice due diligence when it comes to vetting software vendors
Consider the benefit that AI can bring and weigh it against the risk
Keep up to date with emerging threats
Stay Current with Multidimensional Threats

Physical Security - With another year comes new security strategies and challenges. Here, security experts are sharing their insights into physical security predictions for 2025.[2]

Artificial intelligence (AI), from Fred Burton, Executive Director of Protective Intelligence at Ontic: The rise of misinformation and disinformation has put a lot of pressure on companies to beef up their intelligence verification procedures. It’s hard to know what issues coming through various feeds are true. At the same time, the volume of information is astounding. There’s been some talk about deploying AI for it but given the propensity of some AI applications to provide misleading information, the technology isn’t ready for prime time. Casting a wide net for intelligence isn’t really feasible at the moment. To get a handle on the problem, companies will need to fine-tune their feeds to make sure they are only focusing on information that directly impacts their environment. The guideposts of compliance and oversight are the new frontier here. Companies must focus on creating structures that ensure ethical and legal responsibility as they navigate complex issues like AI-driven disinformation.

Mike Lahiff, CEO and Co-Founder at ZeroEyes: I believe that in 2025 we will see even more school districts, public spaces and businesses adopting AI-based security solutions. Reliance on computer vision is rapidly growing, thanks to a mix of new product innovations, rising demand from different industries, and breakthroughs in technology. As the problem of gun-related violence continues in this country, thoughts and prayers just aren't enough. There is no 'one size fits all' solution, but a layered security program that includes perimeter security, access control, intrusion detection, and other advanced technologies is proving to be the most effective approach. We are seeing schools, hospitals, houses of worship, commercial businesses, public transit and other organizations increasingly investing in proactive AI-based solutions, and I expect this to continue into next year and beyond. I also think we will be seeing more state legislatures granting funds so schools can invest in AI technology.

People are realizing that AI has a valid role to play in preventing violence. Our Research Center has found that most shootings occur outside buildings as the result of an escalated dispute. AI can detect and warn others the second that a weapon is illegally brandished, so that action can be taken before the first shots are fired.

Employee Training by Cynthia Marble, Senior Director, Threat Assessment Management Operations at Ontic: Gone are the days of “See something, say something.” Instead, it’s “See what? And say what?” In 2025 organizations are going to place more focus on employee training on the specific types of things that raise red flags. One factor that is driving this trend: an increasing number of employers fall under regulations or legislation that require them to build workplace violence prevention programs, which affect employers in New York and California, and hospitals around the country. Simply having a program isn’t enough. Employers will need to focus on training that helps them understand what behaviors raise concerns and where to report them.

Budgeting concerns by Charles Randolph, Chief Security Officer at Ontic: The biggest threat facing many companies in 2025 will be a lack of money and resources due to an uncertain economic environment. Many of the folks one would typically see at security conferences in 2024 weren’t there because some companies seem to be holding on to their cash. Security leaders will need to contend with a threat environment that is not diminishing, in the face of no increased resources. How will they manage? I think technology is going to be the throw line.

Video intelligence by Steve Lindsey, CTO at LVT: Companies will evolve beyond video surveillance and leverage true video intelligence in 2025, implementing solutions that gather real-time data that is richer than we have ever seen to enable proactive crime fighting. This shift is inevitable because video security solutions can now not only passively record environments but also collect meta-data and turn that information into actionable insights. This video intelligence will result in more informed security personnel, greater optimization of resources, and overall boosts to safety across environments.

These capabilities can be enabled without requiring new equipment in many cases, however, organizations will likely adopt more cloud services to accelerate the transition. It is much easier to operate video intelligence through cloud solutions than by building on-premise infrastructure that enables artificial intelligence and the necessary cross-platform connectivity. Cloud solutions provide ongoing access to the latest AI advancements and intuitive features and interfaces that can significantly improve security operations and lower upkeep costs.

Redaction and evidence sharing by Andreas Conrad VP of Marketing, Physical Security for Hexagon’s Safety, Infrastructure & Geospatial Division at Hexagon: The need for compliance also extends to the sharing of CCTV with external stakeholders, including law enforcement. New masking and blurring capabilities available within the latest VMS systems are making this far easier to manage. However, getting video footage to the police continues to be a challenge for many organizations.

The traditional method for exchanging video evidence (typically CCTV) has largely been a painstakingly slow manual process involving officers visiting a site to review footage and save it to a storage device. This can be further complicated if, for example, a retailer does not have the recording on-site, or the store manager cannot access the recording device. This has led to many retailers choosing not to report incidents, due to a lack of confidence in follow-up, and not wanting a law enforcement presence on premises during operating hours.

In the UK the National Business Crime Centre is urging businesses to ensure their CCTV systems have “the capability to upload and share CCTV footage electronically with the police to speed up investigations and identify offenders.” In the US the NYPD is running an initiative to help reduce instances of shoplifting by allowing businesses to feed security camera footage directly to the police department. However, there is good news. Law enforcement agencies are investing in new systems to help them request and receive video footage electronically (known as DEMS and DAMS systems). Additionally, retail businesses can do a lot to improve the process. VMS systems can speed things along, giving them the ability to access video from the control room and beyond, quickly source all incident-related footage from across multiple cameras and, of course, redact sensitive information.

The next 12 months will see the world continue to face commercial and economic challenges, geopolitical instability, issues of extremism and societal unrest, and the physical security industry will continue to do what it does best: take advantage of new innovations and best practices to be the front-line of defense.

Proactive crime deterrence by Steve Lindsey, CTO at LVT: We will see a necessary transition from passive evidence collection or simple alarm solutions to proactive crime detection and deterrence systems in the coming months, empowering teams to prevent crime instead of just detecting it, forever changing the whole notion of security.

Security solutions have advanced to the point where artificial intelligence can gather real-time information about threats happening and constantly augment intelligence based on threat patterns. What used to take weeks or months to analyze will now take seconds, allowing security operations to scale in ways we could never scale before.

AI-powered solutions will provide teams with intuitive and highly actionable alerts about potential threats before a crime happens, and if a situation does occur, the systems can identify critical moments instantly to deliver the necessary evidence to help stop bad actors for good.

Human Relations - Unpredictable. That’s the word I keep coming back to as we look ahead to 2025. With significant changes likely coming in the US government landscape, we don’t yet know how they’ll impact organizations, especially employees. But here’s what we do know: we need to be ready, and human relations (HR) and employee relations (ER) will be more important than ever.[3] As 2024 winds down and setting aside a crystal ball to share where employee relations headed in the next 12 months: change is coming, and we’ll need to stay nimble.

First, ER will become even more data-driven. For too long, employee relations has been seen as the reactive “clean-up crew” but we know there’s both a science and an art to what HR does. The ER function of the future will be proactive and possibly predictive. Yes, HR will continue to document and manage cases, but professionals will also analyze trends, identify predictive indicators, and address risks before they escalate. HR will start connecting the dots across our data and uncover hot spots, becoming as much data scientists as truth seekers. On that note: keep an eye out for HR Acuity’s upcoming report on the 10 KPIs every ER team should track, posting in early January. These metrics will help you focus your strategy for the year ahead.

Second, mental health will remain a top driver of ER cases. In this year’s Employee Relations Benchmark Study, 70% of organizations cited mental health as a leading driver of increased case volume and this trend shows no signs of slowing down. We are living in uncertain times, and it’s natural for employees to feel overwhelmed. They’re going to turn to HR for support, and all need to rise to the occasion.

If a company has 1,000 or more employees, we encourage you to sign up to participate in our 2025 Employee Relations Benchmark Survey. Your input will help HR/ER leaders everywhere understand how we’re tackling challenges and what’s working best.

Third, aftercare will evolve into ThroughCare,™ The Edelman Trust Barometer recently found that business is the most trusted institution far ahead of government and media. As HR leaders, we have a responsibility to act on that trust. HR cannot just close a case and move on. Employees need to feel supported throughout the process and beyond. That’s why we are so passionate about ThroughCare™ — HR Acuity’s approach to supporting employees across their full experience with ER. Done well, ThroughCare provides intentional, consistent follow-up after something goes wrong, helping employees re-engage and rebuild trust.

Let’s not forget our company leaders. Managers are the first line of defense for workplace culture. They need to be equipped with tools to identify concerns early, address mental health issues, and reduce turnover, all while creating a psychologically safe environment.

Fourth, Workplace Balance will drive employee trust and business results.[4] Experts suggest using Workplace Balance, as it’s the foundation for a healthy organization. A different lens than employee experience which often focuses on engagement and perks, Workplace Balance is about ensuring consistency, fairness, and trust—particularly in those critical moments when things go wrong. Think of moments like layoffs, workplace misconduct, or extended leaves, which are situations that can quickly erode trust if not handled well. It’s about handling the hard stuff well, because that’s when trust is either built or broken.

Workplace Balance works like a seesaw: for the system to function smoothly, both sides, organizations and employees, must move in sync, each contributing to maintain equilibrium. When one side outweighs the other, the balance tips, causing trust to erode: leading to disengagement, increased attrition, and strained business results. Organizations must actively manage this balance, particularly during challenging moments, to ensure employees feel supported and trust remains intact. In 2025, organizations that embrace Workplace Balance and empower HR/ER to lead the charge, by ensuring fairness, taking swift action, and following through with meaningful support, will build trust and achieve stronger results.

Finally, we will end these predictions with one resolution: Don’t do this alone. As HR people, it is their nature to think of everyone else first, but your mental health matters too. Lean on your communities and seek out partners whose strengths complement your weaknesses. As always, we remain in this together.

Red Sky strongly suggest that Cyber and Physical Security need to work closely to keep our workplaces safe, secure and productive.

This article is shared at no charge for educational and informational purposes only.

Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com

Weekly Cyber Intelligence Briefings: