DigiCert predicts AI & quantum impact on cybersecurity 2025
DigiCert has published its 2025 predictions concerning cybersecurity, highlighting trends around identity, technology, and digital trust influenced by artificial intelligence and quantum computing.
Daniel Sutherland, Regional Vice President at DigiCert Australia and New Zealand, emphasised the need for Australian businesses to focus on digital trust as AI-driven risks become more prevalent. "In Australia, we're still a lot of manual processes when it comes to managing digital certificates, however with potential industry changes are coming into effect in 2025, meaning greater automation and crypto-agility will become a necessity, rather than a nice-to-have," he said.
He further highlighted the importance of content provenance amid the upcoming federal election. "As Australia is coming into the federal election, establishing integrity around how to trust online content and how to authenticate it will become increasingly prominent," Sutherland stated.
AI-driven phishing attacks are predicted to rise, posing challenges for detection. "Australia is seeing a YoY growth in phishing attacks as AI advances, making it harder for both businesses and consumers to detect and interpret. It's absolutely critical now to have frameworks built into systems to establish trust with consumers as well as safeguarding employees and business data. We'll only see this issue increase, so we'll see a greater focus on this in 2025," Sutherland explained.
The concept of a Cryptography Bill of Materials (CBOM) is anticipated to gain traction, focusing on visibility and management of cryptographic use. "Visibility into where we use cryptography in our environment will become a strong focus in 2025. As cryptography becomes a more prevalent business tool, businesses should understand how they can implement agile cryptographic strategies to enable successful management and control," said Sutherland.
DigiCert predicts that 2025 will see the expansion of post-quantum cryptography from theoretical to practical applications, driven by global compliance needs and anticipated announcements from authorities like the U.S. National Security Agency.
The role of Chief Trust Officers is expected to become more significant as organisations prioritise digital trust, ensuring ethical AI usage and regulatory compliance. Automation and crypto-agility are also forecasted to become necessities for maintaining secure operations amid changing SSL/TLS certificate standards.
Content provenance is projected to enter the mainstream, with tools like the Coalition for Content Provenance and Authenticity's Content Credential icon becoming more common to verify digital content and combat misinformation.
Resilience and zero outages will be critical, especially as the Internet of Things (IoT) adoption grows, bringing concerns about update safety and digital trust. The EU's Cyber Resilience Act, effective in 2027, will enhance IoT cybersecurity standards.
New private PKI standards such as ASC X9 are likely to gain popularity in sectors like finance and healthcare, offering tailored frameworks necessary for meeting strict regulatory and operational requirements.
The use of CBOMs will enhance digital trust by allowing better risk assessments through comprehensive cataloguing of cryptographic assets and dependencies.
Manual certificate management, prevalent in nearly a quarter of enterprises, is expected to be phased out in favour of automation to handle changing certificate lifespans and security needs.
Enterprises are likely to continue prioritising fewer vendors despite risks and increased venture capital interest in AI startups, aiming for simplified management and improved integration.
Jason Sabin, Chief Technology Officer at DigiCert, noted the urgency of adapting cybersecurity strategies to match rapid digital advancements. "The relentless pace of innovation is not just reshaping our digital lives—it's exposing new vulnerabilities faster than we can secure them, demanding a bold rethinking of how we approach cybersecurity," Sabin stated. "The predictions for 2025 underscore the urgent need to stay ahead of these vulnerabilities by driving quantum readiness, enhancing transparency, and reinforcing trust as the bedrock of our rapidly changing digital ecosystem."