Companies have their cybersecurity work cut out for them in 2025. Infrastructure is decentralized, workers are still disparate and attackers are growing more skilled in infiltrating environments and disguising their threats as benign.

Informa TechTarget's recent editorial summit, The 2025 Threatscape, hosted on our BrightTALK platform, showcased tips to combat some of the most worrisome threats expected to strike in the coming year. The event also explored AI's impact as the buzz-generating technology in the business right now.

Beyond the hype of AI lie its limitations AI buzz is blazing through the cybersecurity space, but companies are realizing it may not be quite the game-changer that was promised. With the hope of increased efficiency, maximization of resources and lowered costs, AI still comes with notable limits within the weeds of detecting and responding to cyberthreats. Consultant owner and doctoral candidate John Bambenek detailed "the promises and perils" of AI focusing on how the very nature of AI presents limitations. "AI is inherently retroactive. If there are good and bad changes, your statistical correlations will become inaccurate. AI cannot recognize what it has not been trained [on]." A good example of this is the start of the COVID-19 pandemic, where users' activity radically changed. Activity that was once malicious was benign and vice versa. "AI can't recognize what it lacks training data to recognize." AI also runs the risk of overcomplicating an otherwise simple solution, particularly in situations like brute force: "If I'm getting 100,000 login attempts from the same IP address from the same username, I know I could probably block the IP address. So, if I could solve the problem with a firewall, why spend a bunch of money on AI?" The questions surrounding AI still do not overshadow its enormous potential. Alex Holden, founder and CISO of Hold Security LLC, advises companies to regard AI with "cautious enthusiasm." "AI definitely makes life easier. But it does make a lot of mistakes, so we need to approach with caution and thought." Holden referenced examples of AI platforms sharing confidential information or providing wrong -- and potentially deadly -- instructions, such as when ChatGPT provided a garlic and olive oil marinade recipe for a user that turned out to grow botulism.

When the bad guys get their hands on AI With the huge advancements made possible with AI, there's no question threat hackers want their piece of the prize. Rather than creating a new class of threats, Bambenek warned about the volume of threats increasing as hackers can use AI, like standard employees, to make themselves even more efficient. "The volume of attacks going up with AI is the real issue. A lot of attacks come down to arms races. If I send out a million phishing emails, 1% goes through 10,000 victims. If I create 1 billion emails across, more are getting through. More victims mean more money; more information is being lost." Holden added that bad guys use AI as an attack framework in ransomware to figure out sensitive data -- the value of that sensitive data, who to contact, who to complain to turn this into payment. "So, the bad guys are embracing AI for many different ways, and the way we are trying to make our lives easier, the bad guys [are] doing it for [this] purpose as well."