This month’s newsletter will review the top cybersecurity issues of 2025 and look into the cybersecurity crystal ball to see what’s trending for 2026. Highlights include 2025 and what to expect moving forward, including how CYRIN can help businesses and organizations remain relevant and responsive to threats.
Artificial intelligence (AI), sophisticated ransomware operations, and evolving geopolitical tensions are the major topics that are altering the cybersecurity landscape. According to ConnectWise, major cyber threats for 2025 included ransomware, vulnerabilities, defense evasion, phishing, malware, distributed denial of service (DDoS) attacks, supply chain attacks, insider threats, and business email compromise (BEC).
Based on the last full year statistics were available, ninjaOne reported that “over 317 million ransomware attempts were recorded in 2024, with average recovery costs reaching $2.73 million and downtime lasting up to 24 days. Healthcare accounted for 18.6% of U.S. ransomware attacks, and 62% of breaches originated from software supply chains or managed service provider (MSP) environments.” Increasingly, it looks like cybercriminals are targeting healthcare, small-medium sized businesses (SMBs), and MSPs.
A recent Forbes article noted that, “in 2025, cyberattacks continued to grow in both frequency and scale, and 2026 is unlikely to bring reprieve. Emerging technologies like agentic AI and quantum computing create new opportunities for both good guys and bad guys.” However, per usual, humans are likely to remain the “weakest link and potentially the most potent defense.” Being proactive will be essential to mitigate some of these threats.
AI is the most significant game changer, and the single most significant and evolving threat in cybersecurity. While the benefits of AI are increasingly utilized across industries and sectors, with each advancement comes a concurrent rise in cybercriminal tactics. AI-driven advancements introduce new potential vulnerabilities and are often met with AI-driven attacks as hackers adapt.
McKinsey noted that, “Artificial intelligence is not just changing cybersecurity—it’s redefining it.” The emerging role of agentic AI is changing the landscape. AI is accelerating the “speed of cyberattacks, with breakout times now often under an hour.” Hackers can now use AI tools to create almost anything including “convincing phishing emails, fake websites, and even deepfake videos. This allows cybercriminals to create personalized, realistic messages that bypass traditional detection mechanisms.”
AI can also be a force for good as AI-driven automation can also help defenders transform organizations to allocate resources more effectively. The McKinsey report goes on to say, “by automating lower-risk tasks with AI agents, such as routine system monitoring and compliance checks, organizations can free up their teams to focus on high-priority threats.” As one example, “AI-powered tools are being used to combat ransomware, one of the most pervasive threats facing businesses today.”
According to Forbes, the seven trends to watch over the next year are:
The human element will always be an important consideration in cybersecurity. As noted by the Cloud Security Alliance (CSA),“Employees, contractors, and partners with access to sensitive information can pose a risk if they misuse their privileges or fall victim to social engineering attacks.” Strict access controls, security awareness training and regular audits are crucial for maintaining a robust security environment.
Cybercrime continues to be costly, as organizations and companies devise new ways to protect their data and keep infrastructure safe from increasingly sophisticated cybercriminals.
Global cybercrime costs:
Additional Key Statistics:
A recent blog post from the United States Cybersecurity Institute sums it up, “Cybersecurity has become a strategic necessity for businesses, governments, and individuals in today’s hyper-connected world. As digital transformation accelerates, organizations face increasingly sophisticated threats, from ransomware and phishing to AI-powered attacks, that exploit vulnerabilities across industries. Staying resilient requires advanced technology, skilled professionals, and adaptive strategies to protect critical data and operations.”
CYRIN works on the human element while we engage with the latest concepts – whether it’s Ransomware, AI, Digital Twins or Zero Trust. CYRIN is coming out soon with our first AI lab, based on our expertise in neural networks. It will be the first of many advanced exercises we will introduce in 2025 and 2026. At our core we remain committed to turning advanced research and development into training, whether operating in conjunction with AI or trying to thwart AI-enabled threat actors.
We’ll continue to work with our industry partners to address major challenges and set up realistic scenarios that allow them to train their teams and prepare new hires for the threats they will face. Government agencies have been using CYRIN for years, training their front-line specialists on the real threats faced on their ever-expanding risk surface.
For educators, we consistently work with colleges and universities both large and small to create realistic training to meet the environment students will encounter when they graduate and enter the workforce. In an increasingly digitized world, training and experiential training are critical. Unless you get the “hands-on” feel for the tools and attacks and train on incident response in real world scenarios, you just won’t be prepared for when the inevitable happens. A full-blown cyberattack is not something you can prepare for after it hits.
The best time to plan and prepare is before the attack. Our training platform teaches fundamental solutions that integrate actual cyber tools from CYRIN’s labs that allow you to practice 24/7, in the cloud, no special software required. Our new programs, including utilizing Digital Twins, can create real-world conditions for you to practice before you must act. Cyber is a team effort; to see what our team can do for you take a look at our course catalog, or better yet, contact us for further information and your personalized demonstration of CYRIN. Take a test drive and see for yourself!