Ransomware is the top predicted threat for 2025, according to a survey of 2,400 executive leaders and cybersecurity people for the tech firm Ivanti. It found that more than one in three (38pc) of security people say ransomware will become even more dangerous when powered by AI.
Only a minority, 29pc of those surveyed say they are ‘very prepared’ for ransomware attacks. According to the cyber firm, a more sophisticated and adaptable approach to cybersecurity is necessary, one that takes into account the trade-offs between business risk and reward, rather than solely focusing on absolute protection. Exposure management offers a more effective solution for managing and mitigating risk in this complex environment.
The study suggested that the concept of exposure management is well understood; for example, 49pc of security people say their company leaders possess a high level of understanding for exposure management. Yet, businesses are not taking steps to embrace the practice; just 22pc say they are increasing investments in exposure management in 2025.
Daniel Spicer, Chief Security Officer at Ivanti, said: โBusiness leaders are now having to get used to considering the impact that cyber risk has on broader business risk. Exposure management is a tool to help organizations evaluate vulnerabilities and risks across a range of objectives โ including business goals โ to deliberately balance security and operations. However, for exposure management to be successful, organizations should ensure collaboration between security and other departments, conduct risk assessments that align with the organization’s risk appetite, and prioritize mitigation of the most impactful vulnerabilities.โ
Even though most, 83pc of cyber security teams claim to have a documented framework for identifying risk tolerance, half (51pc) of these state that their framework is not closely followed, rendering it nearly as ineffective as not having a framework at all. From the survey, one in three say ‘tech debt’ is a serious concern, which compromises security posture and hampers growth and innovation. For instance, 37pc say they canโt uphold basic security practices, and 43pc say their systems are more susceptible to security breaches due to accumulated tech debt. Most businesses continue to operate in silos, leading to data blind spots โ areas without enough data to make informed security decisions. Most, 62pc of respondents claim silos slow security response times and 53pc note weakened security postures.
Visit www.ivanti.com.
