Which cyber threats should your organization be prepared for in 2025? At the MWC exhibition, we ask the question to experts from the industry. The game remains the same, but AI changes the rules.
AI is once again taking center stage during MWC, but in the shadows, digital security is one of the main themes. The elite of the security world set up camp in Barcelona for four days to showcase who can offer the best security. Our on-site reporter visited several security providers to stay up-to-date with the latest trends in the industry.
Jonas Walker, Threat Intelligence Director at Fortinet, tempers expectations. “What’s happening today is mainly a continuation of the past years. So it’s not necessarily exciting. The problems we’ve been trying to solve for years are still there. Everyone looks at what’s shiny and new and forgets the basics. I’d be surprised if we had this same conversation next year and suddenly talked about completely different things.”
Aha Moment for AI
That doesn’t mean nothing is changing in security. “We notice that attacks are becoming more aggressive, due to geopolitical tensions and because attackers can invest more resources,” says Walker. This brings him to the inevitable topic. “AI adds a new layer to security. It makes our lives easier, but also lowers the barriers for attacks. Cybercriminals are opportunistic: they attack where they see opportunities.”
“For many people, ChatGPT was the ‘aha moment’ that made them realize AI is real. Previously, AI was a black box shrouded in mystery. But traditional AI has been used in security for decades to analyze logs, so we don’t have to do everything manually. Systems have been trained on historical data for years to determine what is harmful and why something happens. This process has taken a long time, but the implementation is now very fast. How we work now could be completely different in a month,” Walker says.
We hear a similar analysis from Marc Rivero, researcher at Kaspersky. “AI is a useful tool to reduce fatigue within security teams and to automate the first response to incidents. The technology itself is never the problem: that is caused by the hands that use it.”
For many people, ChatGPT was the ‘aha moment’ that made them realize AI is real.
Jonas Walker, Threat Intelligence Director Fortinet
Pathetic Phishing Attacks
Rivero sees the other side of the coin. “With new technologies, new vectors open up that attackers can exploit. People are increasingly dependent on technology, but there are too few suitable profiles to manage and implement those technologies. For example, attacks on mobile devices have been increasing for years because they are an important part of our lives.”
According to Rivero, identity management will be the key to effective security. “Attackers are going after our data everywhere. With valid login credentials, they no longer need brute force attacks. Moreover, they can sell those credentials afterwards to other actors to increase their profits. With AI, attackers can automate and improve their methods: the time of ‘pathetic’ phishing attacks is over. Identity management reduces the attack surface.”
The attack methods aren’t changing, but everything is becoming a bit smarter and faster. According to Rivero, this also applies to ransomware. “In the future, attackers will not only steal your data but also modify it without you knowing. This can become a big problem. The dangers are the same for everyone: SMEs have to arm themselves against the same threats as large companies, but with fewer resources. It’s gradually becoming impossible for many companies to do it themselves.”
The time of ‘pathetic’ phishing attacks is over.
Marc Rivero, Senior Security Researcher Kaspersky
Dealing with Complexity
Complexity is also a cause for concern for Walker. “Many companies struggle with the speed at which everything moves. You have less time to intervene. Patches need to be rolled out faster, but they can have a big impact if you don’t have the time and resources to test them thoroughly first. If a patch breaks something, it can have major consequences for the business. Continuous availability of IT systems is very important.”
The shift to hybrid IT environments has advantages for organizations, but it doesn’t make keeping everything secure any easier. Walker: “This depends on the organization’s situation. Sometimes full-cloud can be sensible. Keep in mind that more connected systems mean more potential access points for attackers. Whatever strategy you choose, security must be at the top of the priority list from the very beginning”.
Walker advocates for a fabric approach. “It’s important to maintain visibility over your IT environment. If the various components don’t communicate with each other, it makes everything much more complex and creates gaps in your security. Many companies are looking for more consolidation”.
Same threats, different approach
During interviews with experts from the security world, the same themes often recur, regardless of which company they work for. After all, the threats are the same for everyone. The security market has exploded in recent decades, and every vendor is looking for a way to distinguish themselves from the rest. Rivero: “The difference between vendors is made by the data they have access to. This is our strength, because we quickly translate research into products”.
Vendors are all too happy to wave around detection percentages, with every thousandth of a percentage point that counts. Check Point is an outlier, as it is one of the few companies that still swears by prevention. ‘If you’ve been attacked, it’s already too late’ is the company’s philosophy. Walker, on behalf of Fortinet, only partially agrees with this. “Prevention is a crucial aspect of security, but it’s an ongoing end-to-end process that starts before an attack and continues after it”.
read also
MWC 2025: Europe Misses the AI Train, but Has the Best Safety Belts
“You never have a hundred percent guarantee. From that point on, detection becomes important. You need to have a playbook for when things go wrong. One infected device won’t bankrupt your company, but the damage becomes significant if multiple devices are affected. You need to be able to stop lateral movements: that’s response. After that comes recovery: repairing the damage and providing training for employees so it doesn’t happen again. And so you come back to prevention,” Walker concludes.
Prevention is a crucial aspect of security, but you never have a hundred percent guarantee.
Jonas Walker, Threat Intelligence Director Fortinet