As geopolitical tensions rise and regulatory landscapes shift, so has the cybersecurity landscape. Businesses now face mounting challenges from the rapid evolution of generative AI (GenAI) to increasingly sophisticated cybercriminal tactics like deepfakes. Based on data and trends from the changing dynamics in the threat landscape, Forrester’s latest report, titled The Top Cybersecurity Threats in 2025, identifies five current existential threats that will affect organizations more than any other, and shares tips on what CISOs and tech leaders need to do to protect their organizations:

• Global regulatory disruptions

About one in four enterprise risk management leaders cites regulatory changes as their top risk. Global regulatory disruptions are creating a chaotic compliance environment, requiring organisations to focus on what is currently enforceable, such as the EU AI Act, the Digital Operations Resilience Act (DORA), and the upcoming CMMC 2.0 requirements. With so much regulatory change, Forrester advises organizations to focus on compliance change management and prioritise requirements that are being enforced now.

• Deepfake technology is becoming a serious threat

The accessibility of tools and algorithms for creating high-quality deepfakes undermines authentication, trust, and brand reputation. Mitigating deepfakes requires an investment in end-user education and the implementation of strong authentication methods. Forrester anticipates biometrics vendors will allocate up to a third of their R&D budgets to enhance deepfake detection by this year.

• Tech’s exuberance over GenAI

Ungoverned AI deployments without appropriate security assessments and approvals can introduce new vulnerabilities. Forrester advises that organizations must implement a comprehensive AI security strategy that includes discovery, policy enforcement, and detection and response capabilities for real-time detection.

• Insider risks are rising and creating economic pressures

A new economic reality is becoming apparent in 2025 with a flurry of activity that is seeing continued job cuts globally. Post-layoff dissatisfaction increases the risk of insider threats as financially stressed employees may turn malicious, leading to data breaches and other security incidents. CISOs need to consider robust insider risk management programmes that are combined with initiatives to foster a positive work culture. These are critical for minimizing these threats.

• GenAI-driven extortion is driving breaches and replacing traditional ransomware

Forrester warns of an emerging trend where data breaches involve sophisticated extortion schemes using generative AI for advanced sentiment analysis.  To counter this new threat, businesses must adopt a holistic Zero Trust approach and consider investing in phishing-resistant multifactor authentication and passkeys, data loss prevention tools, and ongoing employee training to counteract these threats.

• How to protect against the different cyberthreats

“Our findings highlight the most daunting threats we see security teams facing this year and the ways to best protect against them, using strong authentication measures, a holistic AI and ML security framework, and a comprehensive risk management strategy,” said Allie Mellen, principal analyst at Forrester.

In terms of the risks from global regulatory and systemic risk disruption, Jinan Budge, VP, Research Director, Forrester said that as global and regional tensions continue to grow, regulations like Australia’s Security of Critical Infrastructure (SOCI) mandate on operational resilience that spotlights critical digital infrastructure, for instance, are becoming necessary to protect businesses.

“APAC organizations are rethinking cybersecurity as a strategic lever for digital and data sovereignty. They must ensure strong compliance with existing regulations, balance upstream and downstream risks, and adopt best practices from other regions to enhance digital resilience, autonomy, and control,” she said.

Countering deep fakes and insider threats

On deepfakes that are created, some with AI, and becoming higher in quality and hard to detect, Budge said elections across seven populous countries in 2024 revealed that the deepfakes are now prevalent.

Indonesia experienced this with an AI-generated deepfake of the late President Suharto. Deepfakes surged by 1,530 percent in APAC. We also saw incidents like North Korean IT workers posing as legitimate employees and a deepfake CFO (in Hong Kong on a video conference call) instructing a fraudulent US$25 million transfer.

– Jinan Budge, VP, Research Director, Forrester

To combat deepfakes, Budge advises organisations to invest in end-user education, strong authentication methods, and improved deepfake detection algorithms. The co-relation between job losses, radicalisation and insider cyberthreats is now very real. “Economic shifts in 2025 have continued to lead to job cuts and tech layoffs, creating disgruntlement and financial distress among remaining employees. This environment fosters potential insider threats,” Budge explained.

Sharing her advice, she said, “Organisations should establish insider risk management programs, separate from cybersecurity teams, and invest in specialised training that respects employee privacy. They must prioritise managing human-related breaches and risks to mitigate insider threats effectively.”