Top 7 enterprise cybersecurity challenges in 2025

1. AI- and generative AI-enabled attacks

If 2023 was the year generative AI came to the fore, 2024 was the year of GenAI adoption.

AI experienced a banner year in 2023 with the introduction of GenAI platforms, and by the June 2024 release of a Bain & Company survey, 90% of organizations said they had piloted or deployed GenAI already.

With any technology comes a slew of security challenges. With AI, a major issue is AI-enabled phishing.

GenAI can improve grammar and spelling to help attackers craft more convincing social engineering and phishing scams. But it can also gather information about people and companies from social media and other websites to conduct targeted spear phishing and business email compromise campaigns.

Another major AI phishing concern is deepfakes. This type of AI creates fake yet convincing audio, image and video content to fool people into believing their legitimacy. Deepfakes can lead to misinformation campaigns, blackmail, reputational damage, election interference, fraud and more.

Learn more about AI-enabled phishing attacks and how to prevent them:

• How AI is making phishing attacks more dangerous.
• Prepare for deepfake phishing attacks in the enterprise.
• ChatGPT security risks in the enterprise.

2. More AI and GenAI -- and more challenges

AI and GenAI are such big topics that they warrant two entries in our 2025 list of security challenges. Beyond attackers using AI in phishing and other types of attacks, organizations face the following concerns related to the popular technologies:

• Data exposure. Users might inadvertently or maliciously input sensitive data, such as source code, copyrighted material or confidential business data, into an AI-powered chatbot, which could then expose the data to the public, threat actors or the business's competition.
• Compliance issues. AI and GenAI use can cause compliance violations. For example, using personally identifiable information or sensitive data to train large language models (LLMs) can result in data leakage, create data privacy concerns or lead to data breaches. Moreover, GenAI use can result in copyright infringement, fraud and breach of contract, among other legal issues.
• Ethical AI use. AI is shrouded in ethical concerns. Ensuring the moral and ethical use of AI and GenAI is important. Be aware of GenAI ethical issues, such as how it can distribute potentially harmful content and create bias, as well as how its use affects employees and company morale. Also, be cautious about how trustworthy AI-generated data is.
• AI governance. Make GenAI part of a broader AI governance strategy. AI governance should account for not only effective AI use, but also AI risk management compliance and ethical use, as well as justice, data quality and autonomy.
• Vulnerabilities in AI tools. AI tools, like any other software, might have vulnerabilities that attackers can exploit. Monitor and patch AI tools along with all other software. Also, note that attackers use AI tools to test and improve the efficacy of their attacks, so patching and installing updates are of utmost importance.
• Data sprawl. GenAI models consume and create a lot of data. Be prepared for an onslaught of data, and scale data protection strategies effectively to keep it safe. This includes not only identifying all the data created by GenAI, but also ensuring secure transport and storage.
• Shadow AI. Be aware of any nonpermitted, non-company-controlled AI use by employees, known as shadow AI. Security policies or acceptable use policies should outline the challenges of shadow AI and prohibit it as needed. Monitor systems for shadow AI use, and assess and remediate any risks.

Learn more about the security challenges of AI and GenAI and how to overcome them:

• Key generative AI data privacy and security concerns.
• The implications of generative AI for trust and safety.
• How an AI governance framework can strengthen security.

3. Securing AI systems

Make that three AI entries.

Beyond attacks using AI and other AI vulnerabilities and concerns, security teams must be prepared to secure AI systems across their entire lifecycle. This begins with conception -- using secure development approaches, such as DevSecOps, to produce secure AI software.

AI models and LLMs must also be trained correctly. Users can inadvertently feed models the wrong data, negatively affecting their output. Attackers, on the other hand, can poison AI models with inaccurate data to fool the models into believing attack behaviors are not malicious or to insert malicious files into AI training to trick the models into believing they are safe. Protect AI models and LLMs from vulnerabilities, including prompt injection attacks, data poisoning attacks, plugin flaws and insecure output handling.

Security teams must also use traditional security measures -- monitoring, logging, intrusion detection and prevention, SIEM, endpoint security, encryption, data loss prevention, access control -- to continuously manage AI systems and maintain their security and protection. Also, educate employees about AI during security awareness training, and include AI in any incident response plans and processes.

Learn more about AI model and LLM vulnerabilities:

• Types of prompt injection attacks and how they work.
• How data poisoning attacks work.
• ChatGPT plugin flaws introduce enterprise security risks.
• How to identify and prevent insecure output handling.

4. The skills gap and staffing issues

The security industry is no stranger to the skills shortage. For years, report after report has concluded the industry needs more security employees than there are applicants. To make matters worse, budget cuts and layoffs often equate to fewer staff members on a team that must get the same amount of work completed no matter what. Plus, the advent of AI in the enterprise has many professionals wondering if AI will replace them or lower the number of employees on staff.

The most recent "ISC2 Cybersecurity Workforce Study" found that the current cybersecurity workforce numbers nearly 5.5 million people, but the industry needs an additional almost 4.8 million people to properly protect and defend today's organizations. Yet, respondents ranked budget the number one cause of both shortage of staff (39%) and shortage of skills (33%) -- an indicator the issue won't improve unless organizations put their money where their mouths are.

Learn more about cybersecurity staffing issues:

• Cybersecurity skills gap: Why it exists and how to address it.
• How AI is shaping the future of the cybersecurity workforce.
• Top in-demand cybersecurity jobs.

5. Ransomware

Every year for the past five years could easily earn the title "the year of ransomware" -- and 2025 isn't shaping up to be any different.

Sophos' "The State of Ransomware 2024" found that 59% of organizations experienced a ransomware attack in the last year, 70% of which resulted in data encryption. At the same time, cyber insurer Coalition's "2024 Cyber Claims Report: Mid-year update" reported fewer claims in the first half of the year but found the severity of ransomware attacks increased by 68%, with businesses experiencing an average loss of $353,000 per incident.

Simply put, the threat cannot be ignored, especially as attackers are evolving their tactics into double and triple extortion attacks.

Learn how to protect against ransomware:

• What is ransomware? How it works and how to remove it.
• How to prevent ransomware.
• How to remove ransomware, step by step.

6. Supply chain attacks and software supply chain security

Attacks attributed to third-party suppliers and vendors continue to plague the industry. Consider the following 2024 attacks:

• In February, Change Healthcare disclosed it was hit by a ransomware attack, leading to issues for physicians, hospitals, pharmacies and patients.
• In March, a researcher revealed a backdoor in the open source XZ Utils, a compression library used in many Linux distributions.
• In May, attackers breached the accounts of customers of cloud-based storage vendor Snowflake.
• In October, Fortinet disclosed a critical zero-day vulnerability in its FortiManager management tool.
• In December, developers warned about compromised versions of Ultralytics' YOLO11 AI model, claiming they contained a cryptominer.

The list goes on, and so does the impact on customers and users.

Organizations must be aware of the security of the third-party vendors and suppliers they work with, as well as any components -- open source and commercial -- in the software they use. This includes managing and monitoring software supply chain risks. Follow proper patch management to ensure all software is secure and up to date. In addition, use software bills of materials (SBOMs), and request them from third parties to know if components in partners' software are secure.

Learn more about software supply chain security and SBOMs:

• Software supply chain security best practices.
• SBOM tools to start securing the software supply chain.
• Enterprise patch management best practices.
• How to create an SBOM, with example and template.

7. Quantum computing and post-quantum cryptography

While widespread quantum computing use is still five to 10 years away -- or more -- experts agree that the time to start preparing for it and its security ramifications is now.

Quantum computers pose a risk to traditional encryption, rendering tried-and-true algorithms, including RSA, useless and making sensitive data vulnerable to decryption by nefarious actors. Many are worried that attackers will exfiltrate encrypted data now and save it to decrypt once quantum computers are available.

Preparing for quantum resilience requires organizations to invest in quantum-safe encryption -- NIST has released three post-quantum cryptography (PQC) algorithms, with a fourth still in the evaluation phase and expected to be standardized soon. Organizations must plan for these cryptography changes, as well as consider how quantum computing will work into their risk management and compliance strategies in the future.

Learn more about quantum computing and PQC:

• How to prepare for a secure post-quantum future.
• Understanding NIST's post-quantum cryptography standards.
• How to achieve crypto-agility and future-proof security.

Honorable mentions

Beware and prepare for the following issues that increase the attack surface and present cybersecurity risks as the year progresses:

• Phishing. Phishing isn't solely an AI issue. It's a never-ending challenge faced by organizations of all shapes and sizes, and no company or employee is immune to attack. Read up on tips to help prevent employees from falling victim to phishing attacks.
• Cloud security. As more enterprises move data and applications to the cloud -- according to Hornetsecurity, 93% of businesses will be in the cloud by 2027 -- securing the cloud and mitigating cloud-based attacks are becoming more important than ever. Check out the top cloud security challenges.
• IoT security. IoT adoption isn't slowing. Protecting these little sensors -- which greatly expand the attack surface -- is key, yet they are often not designed with security in mind. Learn more about the leading IoT security challenges and how to overcome them.
• Remote and hybrid work security. The COVID-19 pandemic has forever changed the workplace and how it is secured. Read up on the security risks of remote work and how to prevent them.
• Security awareness training. Humans are often the weakest link when it comes to enterprise security. Verizon's "2024 Data Breach Investigations Report" found 68% of all breaches involved a nonmalicious human element. Learn why employee training is critical and how to build a security awareness training program.

Sharon Shea is executive editor of TechTarget Security.