With cyber threats once more on the rise, organisations are expected to turn in even greater numbers to zero trust when it comes to their cybersecurity architecture in 2025.

Last year was one of the most punishing in history for cybersecurity firms. Data from IBM puts the global average cost of a data breach in 2024 at $4.88 million. This is a 10% increase over the previous year and the highest total ever. In the UK, almost three-quarters (74%) of large businesses experienced a breach in their networks last year. Cybercrime is a needle that’s been pushing deeper and deeper into the red for over a decade at this point, and the trend shows little sign of reversing or slowing down. 

New tools, including artificial intelligence (AI) are elevating threat levels at the same time as geopolitical tensions are ramping up. For many organisations, a cyber breach feels less like a matter of “if” than “when,” and with the potential to cost large sums of money, it’s no wonder the topic has the power to inspire a certain fatalism in CISOs.  

Responding to an elevated threat 

However, after multiple high-profile cyber incidents over the last 12 months, industry experts expect rising threat levels to spur the adoption of more robust security frameworks and internal policies. 

“The continued sophistication of cyber-attacks, and the increasing number of endpoints targeted are a specific worry, so we expect this challenge will drive more adoption of zero-trust architecture,” says Jonathan Wright, Director of Products and Operations at GCX

The UK Government’s official report on cybersecurity breaches last year notes  that the most common cyber threats result from phishing attempts (84% of businesses and 83% of charities), followed by impersonating organisations in emails or online (35% of businesses and 37% of charities) and then viruses or other malware (17% of businesses and 14% of charities).

The report’s authors note that these forms of attack are “relatively unsophisticated,” advising that relatively simple “cyber hygiene” measures can have a significant impact on an organisation’s resilience to threats

Ubiquitous zero trust 

Zero Trust is increasingly becoming an industry standard practice — table stakes for basic “cyber hygiene”. 

To take it one step further, Wright explains that he expects organisations to implement microsegmentation as part of their zero-trust initiatives. “This will enable them to further reduce their individual attack surface in the face of these evolving threats, he says. “As it stands, technology frameworks like Secure Access Service Edge (SASE), and specifically zero-trust have helped organisations secure increasingly complex and evolving cloud environments. However, microsegmentation builds on these principles of visibility and granular policy application by breaking down internal environments; across both IT and OT, into discrete operational segments. This allows for a more targeted application and enforcement of security controls and helps to isolate and contain breaches to these sub segmented areas. As a result, we expect to see continued adoption of microsegmentation strategies throughout 2025, and beyond”. 

  • Cybersecurity

Related Stories

We believe in a personal approach

By working closely with our customers at every step of the way we ensure that we capture the dedication, enthusiasm and passion which has driven change within their organisations and inspire others with motivational real-life stories.