The rise of AI is posing new cybersecurity risks that online users must be prepared for, according to a report by Accenture, a global services company, which surveyed top security leaders’ predictions for 2025.
Accenture predicts a rise in deepfakes, automation to address cybersecurity skills gaps, and understanding new attack surfaces from AI agents in the workplace. Techopedia also shares its own predictions on how the threat landscape will change by 2025.
Accenture’s Five 2025 Cybersecurity Forecasts
1. Businesses Will Fill the Skills Gap in Cybersecurity with AI and Automation
The magnitude of contemporary cyberthreats has long been beyond the capabilities of security teams; according to Microsoft, 600 million cyberattacks occur every day. To maintain system security, the typical team must handle too many vulnerabilities across too many systems. Paolo Dal Cin, global security lead at Accenture, thinks that this will change with the quick uptake of generative AI.
The projection aligns with Gartner’s prediction that 50% of entry-level cybersecurity jobs will no longer require specialist schooling by 2028 due to the use of generative AI, and businesses are already using agent AIs to augment human labor.
2. Data breaches combined with deepfakes
The increasing use of generative AI is expected to introduce new cyber threats, including deepfakes, which could be used for social engineering and deceiving individuals into sharing private information.
In early 2024, a scammer used deepfake technology to deceive a finance employee into paying out $25 million, demonstrating the weaponization of deepfakes. Accenture’s global cyber resilience head, Robert Boyce, predicts deepfakes will become a more significant tool for attackers in the future.
Deepfakes are shifting their focus to mid-level staff, as attacking executives gives them a less authentic appearance. Instead of CEOs, local tech support agents are seen as more sensible.
3. Businesses Must Pay Attention to Safe AI Agents
Microsoft and OpenAI have developed AI agents since 2024 to enhance human workforce capabilities, but they have also created new vulnerabilities that require protection. Agents need privileges to perform beneficial tasks, and if a threat actor gains access, they can cause chaos.
Accenture’s cyber protection lead, Damon McDougald, stated that AI agents will have the same access to systems and data as human employees, emphasizing the importance of identity security in controlling their access and coordination and determining their actions within an organization.
An external marketplace is likely to be established for businesses to sell AI agents, with cybersecurity being a critical aspect of their authentication, credentialing, and authorization processes to ensure their safety in external environments.
4. Boards will push to get ready for quantum computing by 2025
Security leaders must be aware of quantum computers’ potential to crack public key encryption and other reliable security measures, as boards are increasingly demanding quantum readiness, according to Accenture’s quantum security lead, Tom Patterson.
The UN has designated 2025 as the International Year of Quantum Science and Technology, highlighting the need to protect businesses from the decryption capabilities of quantum computing. This will prompt a push from boards to ensure businesses remain safe and compliant in their encryption use, in line with new NIST guidance on new encryption standards and depreciation dates.
5. Assurance Markets Are Necessary for Digital Content to Maintain Integrity
Accenture’s data and AI security lead, Daniel Kendzior, suggests that organizations should adopt a proactive approach to help users distinguish between authentic and artificial intelligence-generated information, highlighting the need for assurance indicators to differentiate between synthetic and human-generated content.
Kendzior suggests that organizations should reconsider their approach to media content provenance and implement the same level of rigor as security teams enforce with phishing, resulting in a two-phase metamorphosis of media integrity mechanisms and a change in user behavior.
In order to move towards a digital trust environment where media integrity attributes are as common as file names and date stamps, platform providers will be developing interoperable standards for content transformation verification, while organizations will be investing in embedding trust and authenticity markets using zero-proof technologies throughout the content development lifecycle.
Second, companies will need to spend in changing user behavior to a model where media is assessed based on its provenance and integrity assurance indicators rather than its content.
The Bottom Line
Accenture’s forecasts reveal that AI is disrupting enterprise security, posing new risks, and changing people’s lives at work and home. While AI creates automatic capabilities to help security teams secure environments, it also presents threats in the form of deepfakes. The evolution of cybersecurity is not slowing down, as it takes on new forms every few years.
