Cybersecurity Predictions 2025 – Part 2: Are You Future-proof?

What’s next in securing your organization’s endpoint devices and managing human and non-human identities? A panel of Sayers senior cybersecurity engineers offers insights in part two of this 2025 predictions series. 

If you missed what’s coming for your applications, data, infrastructure, and cloud security, catch up with part one of this series.

4. Endpoint Security Will Evolve To Include Patch Management.

Rumors swirled last year that CrowdStrike was in talks to acquire a patch management and vulnerability remediation startup. Nothing came of those rumors, but stay tuned. Endpoint protection solution vendors will likely add patch management capabilities to their toolsets.

The solution leaders already offer vulnerability management that can scan the endpoint and see outdated software, and they can help manage configuration hygiene. Expect patch management to be integrated next.

Joe Schnell, Senior Cybersecurity Architect at Sayers, says:

“We will see that patch management piece move over into the endpoint protection agent. Then you can start to see a single-pane-of-glass endpoint state, not just detecting threats on the endpoint, but also whether there are vulnerabilities on the endpoint and ultimately how to resolve them.”

5. More Organizations Will Use Enterprise Browsers To Prevent Multi-factor Authentication (MFA) Bypass Attacks.

Cybercriminals have increased their attempts to bypass MFA protection with techniques ranging from phishing and MFA fatigue attacks to malware and social engineering. According to Proofpoint’s 2024 State of the Phish report, Proofpoint observed more than one million MFA bypass attacks using EvilProxy per month.

In the coming year, more organizations will turn to enterprise browsers to prevent MFA bypass attacks. Unlike commercial browsers, enterprise browsers provide enhanced security features and functionality to protect users, data, and applications.

Jason Marocchi, Cybersecurity Engineer at Sayers, says:

“Prevention started from an email security perspective by trying to eliminate a link before the user clicked on it. The next step is to prevent that link from actually exploiting. An enterprise browser is an easier way than a full-blown Secure Access Service Edge (SASE) deployment to accomplish that, among other things.”

6. Identity Management Will Require An Overall Program Approach, Moving From Project-Specific Solutions. 

When you need to authorize the right users to access specific network systems, applications, and data in your organization, it’s tempting to focus on the immediate identity security need. 

For example, you might want to automate your joiner/mover/leaver workflow, so access automatically evolves and then ends as the individual enters, moves around among job roles, and leaves the organization. However, this project-specific approach to identity management will broaden as organizations consider their overall needs.

Schnell says:

“Be sure to look at the whole picture of what you can accomplish with identity security, rather than just a specific technology. Have you considered your regulation compliance or audit needs around the broader topics of Identity Governance and Administration (IGA), Privileged Access Management (PAM), or Identity and Access Management (IAM)?”

If you have automated your joiners/movers/leavers workflow, do you need to monitor for separation of duty? Will you require recertification campaigns? Assess the additional capabilities you will need as part of an overall program approach to your identity security.

7. Phishing-resistant MFA Will Take Off, Thanks To FIDO2 Authentication.

Protecting your accounts and systems with multi-factor authentication requires users to present at least two different authenticators (something you know, something you have, or something you are) to verify their identity for login. 

Bad actors use phishing techniques to access MFA credentials, so companies are starting to evaluate and adopt Fast IDentity Online (FIDO) open protocols for phishing-resistant MFA of online users. 

FIDO2 supports passwordless and multi-factor user experiences with authenticators embedded into mobile devices, physical tokens, or alternatives such as PIN codes or biometric credentials. 

The Cybersecurity and Infrastructure Security Agency (CISA) calls phishing-resistant MFA the gold standard. CISA urges organizations to implement phishing-resistant MFA as part of applying Zero Trust principles.

Schnell says:

“MFA isn’t just a token to punch in or a challenge response that can easily be replayed or attacked with a man-in-the-middle type of capability. FIDO2 and certificate-based authentication can protect against these types of attacks, and solution vendors are making that much easier to implement.” 

8. Identity Security Will Increase Focus On Monitoring Non-Human Accounts.

User and Entity Behavior Analytics (UEBA) analyze behavior patterns to uncover insider threats, data exfiltration efforts, and credential abuse. UEBA solutions then generate alerts when user actions deviate from their normal behavior. 

Organizations and solution manufacturers are turning their focus to the entity piece of the UEBA acronym, adding advanced threat detection capabilities into their toolsets to secure Non-Human Identity (NHI) accounts.

Schnell says:

“There is a renewed focus on the non-human aspect of identity security, especially around identity threat detection and response (ITDR). We saw this grow last year, especially around the CrowdStrike ITDR, and we will see continued focus in that area.” 

Questions? Contact us at Sayers today to discover extensive technology solutions, services, and expertise to cover all areas of your business.