Expect a Darwinian consolidation in the security software industry next year and beyond, that will help clarify long-term survivors and thrivers who will finally do what’s needed to solve the alert fatigue problem.  Security analysts will continue to be overwhelmed with too many threat detection alerts, many of which are false positives. They won’t have the resources or expertise to either work all the alerts, effectively prioritize alerts by the degree of risk, or easily discern what is critical. Add it will only get worse. In 2025, the number of tool types in cybersecurity will continue to increase. 

While a stopgap may include adding an ‘AI’ tag as a solution, real answers will arrive from automating contextual awareness of activities that corroborate security relevancy. By aligning risk mitigation across each attack surface to appropriate investment levels, security analysts may finally get some sleep.

Cybersecurity Evolution: Quantification of Risk & Tool Consolidation 

CISOs will continue to struggle to quantify and articulate financial risks to fellow executives and board members. 

Outcome-based value drivers have become increasingly disconnected from the license models of many security software tools. Many point solutions will face “rationalization” exercises in 2025 as cybersecurity teams look for opportunities to consolidate to providers with flexible commercial terms and multi-function platforms. Legacy companies will face scrutiny from years of underinvestment and exploitative pricing models.  

We will begin to see renewed exploration of novel and more efficient ways of accomplishing critical tasks. Tool consolidation will increase as CISOs look to minimize the number of third parties they manage and remove complexities around integration.  

GenAI -  Friend and Foe 

The fiery AI hype cycle of 2024 will start to ebb as practitioners get their hands on AI-enhanced solutions with 2025 separating the marketing promise from the “boots on the ground” reality. In 2025, GenAI will begin to show real value in select areas of cybersecurity, but not in the pervasive ways some expect. 

Machine learning-driven anomaly detection has been integral in cyber for years, helping to discover unknown threats. In 2024, the focus was on GenAI and its potential for cybersecurity breakthroughs. Except, its focus on regurgitating and organizing all the knowledge collected in LLMs cannot keep up with the real-time, dynamic nature of cyber threats.  

Next year AI breakthroughs will focus on security team productivity through the automation of lower-value but highly time-consuming tasks. These less sexy successes will add real value and pave the way for further advancements that will include automation of decision-making. Only the superior uses of the technology will see continued development into 2026. 

Good Guys Will Overtake the Bad Guys…Barely 

Defensive cyber will become more critical in the protection against and deterrence of rogue nations and terrorists. 

The improved skill and focus on cyber by rogue autocratic nations and terrorists with bad intent, and their focus on critical infrastructure, has led to higher risk for all other countries. Expect threat actors to continue to use AI, not for AI-enabled attacks but rather for social engineering, phishing and impersonation for monetary gain, intellectual theft and political disruption.   

The pace of innovation in advanced democracies (particularly the U.S. and Israel) combined with more collaboration between government and private industry will keep the good guys a step ahead of the bad guys. Also, tighter regulation and much-needed modernization of critical infrastructure cyber defenses will have the necessary impact. A high-profile breach will likely accelerate focus on this. 

The Bottom Line – Innovation 

Innovations across all areas of cybersecurity will lead to real breakthroughs. Better precision around the detection of true threats will be achieved by effective integration of threat intelligence into threat detection platforms. More alert accuracy and fine-tuned risk prioritization will enable security analysts to focus. In addition, GenAI will help automate mundane aspects of the security analyst workflow, boosting their productivity and ability to concentrate on high-priority alerts. Finally, tool and provider consolidation will result in higher standards and TCO alignment.