What is the future of cybersecurity?

The future of cybersecurity is notoriously hard to predict. After all, every aspect of the industry changes continuously. Cyber threats evolve and the tools that defend against them mirror those changes, evolving in their own right to better defend increasingly complex networks.

We’ve explored how cybersecurity has changed in past years, threats to keep an eye on, and security trends small businesses should watch for. Now it’s time to look further ahead.

In this blog, our experienced analysts share their thoughts on the future of cybersecurity.

Cyber threats that'll remain an issue

Certain cyberattack tactics are bound to stick around—and that’s because they've proven to work. As such, these are the threats that our experts believe still pose a serious cybersecurity risk.

Malware and ransomware

The malware threat continued to evolve in 2024, becoming more pervasive and specialized. As the number of threat actors increased, so did the frequency, scope, and sophistication of malware attacks.

A key shift was the growing adoption of modular malware designs, enabling threat actors to adapt attacks to new environments and targets quickly. At the forefront of this trend was the rise of malware-as-a-service (MaaS) platforms. These platforms have significantly lowered the skill barrier for launching advanced attacks, allowing even inexperienced cybercriminals to deploy devastating malware.

For instance, the Redline Stealer MaaS, available on dark web forums, enables attackers to extract credentials and payment information from infected systems. With that information, the hacking opportunities are endless.

Want more expert insights into the future of cybersecurity?

Download a copy of the 2025 State of Cybersecurity eBook for an even closer look at:

• Trending cyberattacks
• Emerging tactics
• The role of AI in cybersecurity

Download now

This commoditization of malware lowers the barrier to entry for cybercriminal activities, requiring better security measures and user education to defend against such threats. Organizations need to adopt behavior-based detection and response tools to counteract increasingly undetectable malware variants.

Social engineering

We mentioned social engineering last year and it stands true still. Since social engineering relies on human error, it can effectively target even well-secured organizations, making it a persistent and challenging threat to mitigate.

Users can and will continue making mistakes that lead to data loss. We’ll continue to see social engineering and phishing attacks, but we’ll likely see more complexity there as social engineers make greater use of AI and similar technologies.

After all, social engineering requires crafting messages and sending legitimate-sounding emails that lure victims into clicking on a link. Instead of the typical “password reset” or “mailbox full” scams, AI will allow threat actors to become more sophisticated with their messages.

The future of cybersecurity: Trends, threats, and more

Our cybersecurity analysts continuously research, investigate, and uncover emerging threats and attack tactics. Here are some key cybersecurity trends we've observed recently that we may continue to see. 

APTs expanding their tricks

Advanced persistent threats (APTs) are highly sophisticated, well-funded groups—often state-sponsored—that target specific organizations or sectors to gather intelligence or disrupt operations.

In 2024, APTs demonstrated an increased use of proximity-based and infrastructure-specific attack methods. For instance, the "nearest neighbor attack" saw APT 28 breaching Wi-Fi networks by targeting devices physically close to their high-value targets. This physical closeness allowed the attackers to bypass certain technical security measures, essentially focusing on exploiting an environmental vulnerability.

Organizations should consider non-digital attack vectors and implement zero-trust architectures that extend to physical environments. This approach will be especially critical in sectors such as energy, finance, and government.

Attacks that circumvent MFA protections

In 2024, Field Effect reported on a new adversary-in-the-middle (AiTM) attack which allowed threat actors to intercept and manipulate communications between two parties, often without detection, to capture credentials and session tokens.

This interception allowed attackers to bypass multi-factor authentication and gain unauthorized access to accounts.

During our investigation, we identified a campaign where attackers used Axios-based lookalike M365 login pages to harvest credentials. Victims were directed to these fraudulent pages, which proxied authentication requests, capturing passwords and MFA codes. The attackers then used the Axios HTTP client to log into M365 accounts, effectively bypassing MFA.

Additionally, the rise of platforms like the Mamba MFA Phishing Kit, a phishing-as-a-service tool, made it easier for cybercriminals to replicate AiTM attacks. For a small subscription fee, threat actors could capture authentication tokens, circumvent MFA, and compromise M365 accounts.

Cyber insurance will drive demand for cybersecurity assessments

The cyber insurance market has faced many challenges, most notably the difficulty of assessing and pricing cyber risk due to the lack of historical data, the dynamic and evolving nature of cyber threats, and the potential for systemic and catastrophic losses.

To ease this burden, we expect cyber insurance providers to require or incentivize their clients to undergo cybersecurity assessments as part of the underwriting process or the policy conditions. This could help the insurers evaluate the risk profile and premium of the clients, and provide recommendations and guidance for improving their cybersecurity.

These assessments can demonstrate a client’s compliance with the cyber insurance policy requirements or lower their premiums by showing their security maturity and use of best practices.

Increased targeting outside of endpoints

In 2024, attackers shifted their initial access focus from endpoint devices to critical network infrastructure, such as routers, firewalls, and VPN gateways.

There are a couple of reasons that this might be the case:

• Network infrastructure gets patched less frequently than endpoints and is more likely to run outdated and vulnerable software.
• Attackers know that many organizations prioritize protecting their endpoints more than their network, cloud apps, and other areas of the threat surface.

The ArcaneDoor campaign, in which state-sponsored cyber actors targeted perimeter network devices from several vendors, is just one example of this increase. Targeting edge devices such as firewalls, switches, and routers are popular among threat actors seeking initial access to targets of interest.

Control of these devices could allow threat actors to monitor and reroute traffic, obtain credentials that could provide access to more sensitive systems and accounts, or launch Adversary-in-the-Middle attacks. 

Set your staff up for cybersecurity success.

Armed with The 2025 Employee Cybersecurity Handbook, your team can be a strong first line of defense.

Download the eBook

Threat actors know this, and we expect to see an increase in the targeting of these services, especially those handling high-value data that can be used for extortion or to facilitate financial fraud.

AI & the future of cybersecurity

We can’t talk about 2024, 2025, and beyond without highlighting AI.

It has been a huge year for artificial intelligence with tools like ChatGPT and DALL E enjoying more mainstream use with integrations into powerhouse ecosystems like Microsoft’s Copilot.

It's clear that threat actors use AI in their cyberattacks, but defenders rely on this new technology too. Here are just a few ways AI is improving cybersecurity for the future:

Threat detection and hunting

AI models, built from vast amounts of data, will help to identify patterns and anomalies associated with cyber threats. Learning from this and historical attack information, AI will help to detect new quickly and precisely.

Behavioral analysis

Defenders will use AI to study user and system behavior and establish baselines. Deviations from these baselines will help trigger cybersecurity alerts, detecting potentially malicious behavior earlier than before.

Predictive analytics

AI models will predict potential vulnerabilities and attack vectors. By analyzing historical data, they will forecast emerging threats and recommend proactive security measures. These predictive analytics will aid in the prioritization of patch management and vulnerability assessments.

Protect your business from tomorrow's attacks.

Field Effect MDR combines sophisticated technology and a team of cybersecurity experts to detect and respond to known and unknown cyber threats, keeping you safe from tomorrow's attacks today.

Natural language processing (NLP)

NLP-based AI systems that analyze textual data such as emails, chat logs, and social media will help identify phishing attempts, malicious URLs, and suspicious content. This data will then be used to improve email filtering tools, DNS firewall products, and user awareness materials.

Adaptive authentication

AI-driven authentication systems will assess user behavior during login attempts. If the behavior deviates from what's considered the norm, this will trigger additional authentication steps, enhancing security without causing inconvenience to legitimate users.

Zero-day vulnerability detection

AI will help identify zero-day vulnerabilities by analyzing code and system behavior, learning from known vulnerabilities and predicting potential weaknesses. We expect AI-driven efficiencies in quality assurance testing to help discover and remediate vulnerabilities before software is released.

Dive deeper into the future of cybersecurity

It’s tricky to look at the calendar and predict what the future holds, especially in an industry as complex and fast-paced as cybersecurity. That said, we see the same patterns again and again. If threat actors are finding success by doing things one way, they’ll continue to.

Take the time now to build up your cybersecurity knowledge to set your business up for lasting success as changes arise and new threats emerge.

Find out what’s in store for cybersecurity—including emerging trends, insights, and predictions from the experts at Field Effect—in our eBook, The State of Cybersecurity: Your Guide to this Year and Beyond.