The cybersecurity landscape in 2025 will be shaped by evolving challenges, including the prioritization of risk-based strategies, the rapid adoption of AI, and the rise of multicloud security, according to Tenable experts.
Jason Merrick, senior vice president of product at Tenable, emphasized the need for a contextual approach to vulnerability management as the attack surface expands.
“The inability to remediate everything, everywhere, all at once will make context king,” Merrick said.
He noted that cybersecurity teams must focus on understanding critical risks and prioritizing them to mitigate threats with precision.
Bob Huber, chief security officer and head of research at Tenable, highlighted the security and education gap as organizations adopt AI technologies at an accelerated pace.
“By 2025, AI adoption will likely have already outpaced our ability to educate users and secure these rapidly evolving technologies fully,” Huber said.
The gap in knowledge and training presents challenges for chief information security officers (CISOs), who must balance the benefits of AI and cloud with ensuring their security.
Liat Hayun, vice president of product and research at Tenable Cloud Security, pointed to the increasing adoption of multicloud strategies as enterprises seek to mitigate centralized risks.
“Enterprises will become increasingly wary of ‘putting all their eggs’ in one cloud service provider basket,” Hayun said.
CISOs are expected to favor multi-vendor platforms to ensure consistent protection and meet compliance requirements while securely scaling AI-driven workloads.
The rising costs of data breaches also underscore the need for businesses to rethink their recovery strategies.
In 2024, the average cost of a data breach rose to almost PHP 285 million ($5 million), reflecting a 10% year-on-year increase.
Hayun stressed the importance of enhanced recovery tools and protocols, stating that businesses must adopt “rapid incident response, data visibility, better containment protocols, and enhanced forensic capabilities to minimise fallout.”
The predictions from Tenable highlight a shift toward a more balanced approach to cybersecurity, focusing on both proactive prevention and efficient recovery strategies. As threats grow more sophisticated, organizations must adapt to remain resilient.
