Exabeam has shared its cybersecurity forecast for 2025, highlighting key trends expected to influence the Asia Pacific (APAC) landscape.
According to Steve Povolny, senior director of security research and competitive intelligence at Exabeam, creating malware will become more accessible to those with minimal technical knowledge as AI capabilities expand. “You won’t need to be a coder to create sophisticated malware in 2025: AI will do it for you,” Povolny explained. AI models designed to produce malware are expected to appear in underground markets, allowing individuals to execute complex cyberattacks with little effort. These tools will automate different stages of attack development and deployment, thereby expanding the scope and frequency of threats.
AI will also play a crucial role in empowering social engineering attacks through the use of deepfakes, Povolny continued. “It is no longer just a theoretical risk, video-based deepfakes will continue their trajectory to become imperceptible compared to reality,” he noted. This advancement allows criminals to convincingly impersonate others, which could lead to significant financial fraud by deceiving victims through seemingly credible communications.
Kevin Kirkwood, head of information security at Exabeam, predicts that the conflict between attackers and defenders armed with AI will intensify. “Malicious actors will increasingly use generative AI to create scalable malware, that is, code that adapts and mutates to evade detection, rendering traditional defenses obsolete,” he said. Kirkwood said. In response, security teams will use AI to improve the efficiency and accuracy of threat detection, flagging anomalous behavior more quickly.
Exabeam predicts an increase in attacks for “living off the land”, particularly in a context of increased geopolitical tensions. Kirkwood suggests that these attacks, which involve the use of legitimate tools within networks, will likely become more widespread as state-based cybercriminals exploit these methods to evade detection. “As geopolitical tensions increase, cybercriminals from countries like Russia, China and Iran may increase their use of this technique,” he added. Organizations must therefore improve their ability to detect deviations from standard operations.
Gabrielle Hempel, Customer Solutions Engineer at Exabeam, warns of increasing cyberattacks on critical infrastructure. “Large-scale cyberattacks against critical infrastructure, such as power grids, utilities and health systems, will reach unprecedented levels,” Hempel said, indicating that such threats pose potential risks to national stability. .
The future of cybersecurity employment may also see changes. Povolny notes that “AI specialists will make traditional security operations center (SOC) analyst roles obsolete, with AI taking over routine tasks. This shift will lead to increased demand for AI specialists and threat hunting roles, where human and AI capabilities converge.
The integration of AI into security operations will become widespread by 2025, according to Steve Wilson, chief product officer at Exabeam. “While AI has become mainstream in tools like SIEM and UEBA, 2025 will see generative AI augment almost every level of cybersecurity,” Wilson explained, urging organizations to adopt security certifications and frameworks in AI to meet future regulatory standards.
Wilson further highlighted the role of AI-based co-pilots in improving defensive measures, forecasting their widespread use among cybersecurity operators by 2025. “On the defensive front, AI-based co-pilots will become essential in cybersecurity operations, accelerating the detection, investigation and response to threats. ” he said.
To address the cybersecurity talent shortage, particularly in the Asia-Pacific region, Gareth Cox, vice president of Asia-Pacific and Japan at Exabeam, sees AI-based co-pilots as a solution. These can help “close the talent gap,” Cox suggested, by automating routine tasks and providing insights that make cybersecurity roles more accessible to more employees.
The approach to managing disinformation and AI-based cyberattacks during the upcoming election season will pose another challenge for Asia, Exabeam suggests. As several countries in the region prepare for elections, there is growing concern about the use of AI to spread disinformation and interfere with electoral processes. Exabeam introduces strategies such as mapping defenses using the MITER ATT&CK framework to help combat these threats.
