Few areas of technology are moving as fast as security, so what gives and how is it going to evolve in 2025? We asked our analysts Andrew Brust, Andrew Green, Chester Conforte, Chris Ray, Howard Holton, Ivan McPhee, Stan Wisseman, and Whit Walters for their thoughts.
First off – is the future of cybersecurity protection agentless?
Andrew: We are seeing the growth of eBPF, which offers more stability compared to past agent-based systems like CrowdStrike. eBPF has built-in verification mechanisms, like memory limits and timeouts, which help to prevent issues like the blue screen of death.
I’ve also seen eBPF-based alternatives that handle runtime security in the kernel without agents, with built-in verification. Note that you can do both kernel and external analysis. Some vendors, like Wiz, gather telemetry in the kernel and send it to the cloud for processing and display.
Whit: That ties back to the business model, especially after the disruption caused by the CrowdStrike outage. Many vendors are moving towards agentless solutions, and this trend is accelerating.
Howard: Analysis has to happen somewhere, even if it’s at the kernel level. If we’re analyzing kernel traffic externally, it’s not built into the kernel, which raises questions. It could be unnecessarily generating new network traffic and the trust needed for kernel access. We need to ensure companies are responsible for maintaining kernel reliability. Stewardship is key.
Chris: Agentless is popular for good reason; however, security doesn’t live in a vacuum. It was previously acceptable to have multiple independent endpoint agents, for detection and response, management, and security. This is no longer the case: all-in-one solutions, or those tightly integrated through official partnerships, have been winning the hearts and minds of security teams. One example is CrowdStrike’s Falcon, which can be licensed to perform EDR, MDR, and (combined with Veeam) recovery.
What security developments are we seeing at the edge?
Ivan: We will see more edge computing and AI: combining 5G with Internet of Things (IoT) will be a major trend next year. However, the increase in rollouts means a broader attack surface, which will drive more regulations for protection. We’re also seeing more deployments of 5G worldwide, and I expect a rapid increase in private and hybrid 5G networks.
Seth: Agreed – as a result, companies are moving toward machine-based identity management.
Stan: We’re also seeing improvements in vulnerability management for IoT, through more frequent firmware updates and the integration of encryption to prevent data exposure. Network or micro-segmentation is becoming more prevalent, especially in sectors like automotive, where adoption was relatively slow. However, given the industry’s lengthy four to five-year rollout cycles, forward-thinking measures are essential to mitigate risks effectively over the long term.
Howard: We’re finally seeing zero-trust concepts becoming feasible for average organizations. Micro-segmentation, which has been valuable but hard to implement for smaller organizations, is now more achievable due to better automation, rollout, and maintenance tools. This will improve the maturity of the zero-trust model.
Chester: I’ve noticed a trend where some established players move away from segmenting everything to focusing on the critical assets—essentially, a more risk-based approach. They’re asking simple questions like, “What are the crown jewels?” and then focusing segmentation efforts there. It’s a more pragmatic approach.
Cyber insurance is on the rise, so what are the ramifications?
Stan: While cyber insurance has become increasingly popular among executives, the escalating costs associated with breaches have put pressure on insurers and underwriters to ensure firms are protecting their assets. As a result, insurers are implementing more stringent due diligence requirements, making cyber insurance more challenging and costly.
Insurers are shifting from point-in-time questionnaires to more robust, periodic assessments. Some insurers employ third-party firms to conduct penetration tests to verify active security controls like multi-factor authentication (MFA). Although continuous testing isn’t yet required, insurers supplement their point-in-time evaluations with more frequent and rigorous checks.
Howard: The insurance industry is complex. Insurers must balance rigorous protection standards with the need to remain attractive to customers. If they’re significantly stricter than their competitors, they’ll lose business, which makes it a constant struggle between thorough protection and marketability.
I’m not sure continuous security validation is entirely a good thing. Security organizations are often not equipped to handle a constant influx of issues. Many customers are excited about continuous testing but need to adjust their operating model to accelerate how they deal with the resulting security incidents.
Finally, how ready do organizations need to be for quantum security?
Stan: While quantum computing may not be a practical reality by 2025, preparing for its impact on cybersecurity is essential now. Quantum computing will fundamentally challenge current digital asset protection best practices, and vendors are already working on how best to implement quantum-resistant algorithms.
In a post-quantum computing world, understanding the potential exposure of sensitive data is crucial. Organizations must begin assessing vulnerabilities across new and legacy systems to identify where updated controls and governance are needed. While quantum-resistant solutions are being developed, implementing them to fully protect data in a PQC environment will take time, making it essential to plan strategically and act early.
Organizations must recognize that quantum threats won’t only compromise PII data but could also erode competitive advantages and intellectual assets. To protect these sensitive assets, now is the time to start considering how to address the quantum computing challenges of tomorrow.
Andrew: Quantum computing was on the verge of becoming a big phenomenon, gaining attention and hype. Then ChatGPT came along and drew away both attention and funding from quantum startups. Some of those startups are doing really interesting work—they remind me of the supercomputing startups in the ’80s. Quantum has a lot of potential beyond security, but it’s in a kind of suspended animation because AI has diverted so many resources.
That situation may protect us for now, but if private sector funding dries up, it leaves room for nation-state actors to advance quantum on their own.