Cybersecurity review 2025: the most important developments

The year 2025 saw a rise in the level of professionalism of cyber threats. Attackers combined social manipulation, identity theft, cloud access and AI-driven automation to cause damage more quickly and in a more targeted way. Such developments necessitate greater visibility, stricter access control and clear frameworks for the use of technology.

Below is a brief overview of the most significant trends. You can read the full analysis in our white paper Cybersecurity review 2025.

Social phishing as the main route for attackers

Social engineering has shifted from email to a combination of telephone, chat, and remote support. Attackers now use convincing stories and legitimate tools to gain access without using malware. This makes behavioral and identity-based detection more important than ever.

Manufacturing companies increasingly targeted

Attacks on industrial organizations and their supply chains led to disruptions in production processes. The speed with which attackers move within networks necessitates a strict separation between IT and OT and clear chain agreements.

Explosive growth of Generative AI

The massive deployment of AI by companies has created new risks, such as uncontrolled data flows and shadow AI. Meanwhile, attackers are using the same technology to refine social engineering and automate processes. Effective governance and technical oversight are therefore essential.

Identity and the cloud central targets in modern attacks

Many attacks began with valid accounts or misuse of cloud management tools. Strong authentication, least privilege, and visibility into cloud activities are crucial components of an effective defense.

Why this matters to organizations

The 2025 cybersecurity landscape has been shaped by human behaviour, identity management, segmentation, and the controlled use of AI. OpenSight helps organizations put these principles into practice by identifying risks and translating the right measures into everyday routines.