DigiCert unveils 2025 security predictions
DigiCert has released its annual forecast of cybersecurity predictions for identity, technology, and digital trust expected to shape the landscape in 2025 and beyond. These predictions provide a snapshot of the cybersecurity challenges and opportunities enterprises will encounter in the months ahead. DigiCert’s full predictions and outlook for the new year can be found at DigiCert’s blog.
Prediction 1: Post-quantum cryptography takes off
2025 marks a pivotal year when post-quantum cryptography (PQC) shifts from theoretical frameworks to real-world deployments. With impending announcements from the US National Security Agency (NSA) and growing compliance pressures, PQC adoption will surge, empowering industries to embrace quantum-resistant solutions.
Prediction 2: Chief Trust Officers take centre stage
Digital trust becomes a boardroom priority, leading to a continued rise of Chief Trust Officers (CTrOs) who will oversee ethical AI, secure digital experiences, and compliance in an increasingly regulated environment.
Prediction 3: Automation and crypto-agility become a necessity
With industry shifts toward shorter SSL/TLS certificate lifespans, automation and crypto-agility will emerge as critical capabilities for organisations aiming to maintain secure operations amidst evolving standards.
Prediction 4: Content provenance goes mainstream
In an era of deepfakes and digital misinformation, the Coalition for Content Provenance and Authenticity (C2PA) is set to redefine how we verify digital content. Expect to see C2PA’s Content Credential icon become commonplace on images and videos to enhance trust across media platforms.
Prediction 5: Organisations will demand resilience and zero outages
The CrowdStrike outage this summer underscored the need for better testing of automated updates and stronger digital trust. As IoT adoption grows, concerns about the safety of over-the-air updates, particularly for self-driving cars, are prompting calls for greater transparency in security practices. The EU’s Cyber Resilience Act, effective in 2027, will drive stricter cybersecurity standards, fostering a more secure and trustworthy IoT ecosystem.
Prediction 6: AI-driven phishing attacks will surge
The proliferation of AI will fuel an unprecedented surge in sophisticated phishing attacks, making them harder to detect. Attackers will leverage AI to craft highly personalised and convincing phishing campaigns, while automated tools will enable them to scale attacks at an alarming rate, targeting individuals and organisations with precision.
Prediction 7: New private PKI standards like ASC X9 will gain momentum
ASC X9 is poised to gain momentum as industries like finance and healthcare increasingly require customised security frameworks to meet stringent regulatory demands and unique operational needs. Unlike public PKI, ASC X9 offers greater flexibility by enabling tailored policies and trust models, addressing critical areas such as data integrity and authentication. This ability to foster secure, scalable, and interoperable frameworks will make ASC X9 a preferred standard for organisations prioritising trust and collaboration.
Prediction 8: Cryptography bill of materials (CBOM) gains traction
In response to escalating cybersecurity threats, CBOMs will become a vital tool for ensuring digital trust by cataloging cryptographic assets and dependencies, enabling better risk assessments.
Prediction 9: The era of manual certificate management ends
Manual management of certificates, still common in nearly a quarter* of enterprises, will phase out as automation becomes indispensable for handling shorter certificate lifespans and stricter security protocols.
Prediction 10: Organisations will continue to prioritise fewer vendors
Despite concerns about single-vendor risks and a peak of venture capital funding for AI startups, enterprises will continue to consolidate vendors to simplify management, improve integration, and enhance overall security practices.
“The relentless pace of innovation is not just reshaping our digital lives: it’s exposing new vulnerabilities faster than we can secure them, demanding a bold rethinking of how we approach cybersecurity,” said Jason Sabin, CTO at DigiCert. “The predictions for 2025 underscore the urgent need to stay ahead of these vulnerabilities by driving quantum readiness, enhancing transparency, and reinforcing trust as the bedrock of our rapidly changing digital ecosystem. DigiCert remains committed to shaping and securing future digital innovation to remain ahead of the vulnerability curve.”
For more detailed insights into DigiCert’s 2025 security predictions, visit the DigiCert blog at https://www.digicert.com/blog/2025-security-predictions.
* 2024 World Quantum Readiness Day survey: 23.53% of respondents said certificates are managed via “manual effort” (e.g. spreadsheets).
Combining 5G connectivity with SASE: A simplified solution to optimise networking and increase security
A comprehensive network approach that combines 5G and SASE will provide efficiency and security...
Appian completes IRAP assessment
Appian has completed the IRAP, enabling it to give government agencies increased control over...
DigiCert Trust Lifecycle Manager sets new bar
DigiCert Trust Lifecycle Manager is a comprehensive solution unifying CA-agnostic certificate...