What Does Cyber Spring 2025 Look Like – Are You Aware of the Latest Developments?

These Are the Cyber Trends of 2025!

Cybersecurity as a phenomenon is susceptible to global changes. It never sleeps as an industry—it is in a constant state of flux. Cybercrime is run like a professional business, and big money is at stake.

What changes and trends have already been observed, and what can be predicted for the rest of 2025 NetNordic’s Threat Intelligence Lead Analyst Santeri Anttila and Intelligence and Forensics Manager Nicolas Samáneh share their insights on the recent shifts in the field of cybersecurity.

1. The Cat-and-Mouse Game of Cybersecurity Never Ends

In the world of cybersecurity, there is a continuous chase at play: malicious actors constantly come up with new ways to infiltrate corporate environments, while well-intentioned defenders work to detect and prevent these methods. Once a method is blocked and identified, attackers move on to the next one.

“New attack techniques are emerging constantly, and the ways to penetrate corporate environments are increasingly imaginative. For example, in one case, ransomware was successfully deployed into a company’s environment through a camera,” Anttila explains.

2. Your Own House May Be in Order – But What About Your Partner’s?

Because cyber threats are constantly evolving, Anttila emphasizes the importance of keeping your organization’s attack surface as limited as possible. One crucial way to achieve this is through third-party access management.

Subcontractors, consultants, and business partners are understandably granted access rights to company environments on a regular basis. According to NetNordic’s experts, it is essential to ensure that these external users are granted only as many privileges as are absolutely necessary. In addition, any access rights given to outsiders should be reviewed regularly, and unnecessary rights should be revoked.

“This is not a new concept per se, but it’s a topic that remains constantly relevant. When using third-party applications or services, one must also consider the risks involved. Even if your own house is clean, your partner’s might not be,” Anttila reminds.

3. Artificial Intelligence Versus Humans?

AI has made headlines in recent years, and its impact on cybersecurity is undeniable – for example, AI enables a greater volume of attacks by making target mapping more efficient. AI is also used in defense and anomaly detection.

However, according to Anttila, we are still a long way from a situation where AI orchestrates attacks – or defense – entirely on behalf of humans. For now, human involvement is needed on both sides.

“I would hope that the role of the human in cybersecurity would be highlighted once again,” he reflects. “Technologies and various automations are an important part of security, but there is always a need for a human to operate them. It is a human who configures the settings, ensures updates are current, and sets the organization’s cybersecurity budget.”

4. Cyber Legislation Has Been Revised – ‘Significant Incident’ Raises Questions

The NIS2 directive has already placed obligations on companies operating in critical sectors – and with it, Finland’s cybersecurity law has also been updated. One key change in the law is a stricter incident notification requirement, Samáneh explains:

“Companies operating in critical sectors must now report a ‘significant incident’ to the authorities within 24 hours of detection. This does not apply only to large companies, which may come as a surprise to many.”

There has been much discussion in the industry about how a significant incident is defined. After the initial notification, a follow-up report and a final report must also be submitted regarding the same incident. According to Samáneh, the new reports required by the legislation have prompted a great deal of reflection among companies.

Legislation can also serve attackers as a tool for intimidation. In recent ransomware variants, attackers may no longer bother stealing data, as information can be restored from backups. Instead, the power of extortion lies in the threat of violating GDPR regulations and the resulting hefty fines. This shift also makes attacks technically easier to execute.

The End of Russia’s War of Aggression May Have Consequences

Global politics and warfare also affect cybersecurity. Since Russia’s war of aggression began, various denial-of-service attacks have targeted Finland as well. Anttila believes that the potential end of the war could also have its consequences:

“The war has tied up resources in the cyber domain as well. It’s possible that when the war ends, these resources could be redirected toward different types of attacks and different targets.”

He also notes that the actual impact of such changes on Finland’s cybersecurity is difficult to predict in advance.

“Proper protection and preparedness for cyber threats among domestic actors – both public and private – protect Finland’s national cybersecurity and, by extension, all of us,” Anttila emphasizes.