With fast-developing technology such as artificial intelligence (AI) fuelling an increasing number of breaches, cyber resilience has never been more important. Businesses and governments are recognising this, with regulation such as the Cyber Security Resilience Bill aiming to boost the area. 

Improving cyber resilience goes much further than simply complying with regulation. Firms need to ensure they can stay up and running when faced with outages and cyber-attacks including ransomware. So, what do companies need to look out for and apply to their cyber resilience strategies in 2025? 

The threat from technology such as AI will drive resilience efforts  

Technology is developing quickly, giving adversaries more opportunities to take advantage of it in attacks. The rise of AI will introduce new threat vectors, such as deepfakes and AI-powered attacks, complicating the cybersecurity landscape, says Mark Raeburn, Accenture’s cyber resilience lead in the UK.  

“Companies will need to develop robust processes to assess and mitigate these risks, as AI's transformative power in tech will be a double-edged sword, enhancing security measures while also creating vulnerabilities.” 

Indeed, the AI tools used in businesses is “a prime target for adversarial machine learning, model theft and data poisoning”, says Dr Peter Garraghan, CEO and co-founder at Mindgard. “Unlike traditional software, where code-level vulnerabilities can be systematically identified and mitigated, AI systems operate as black boxes with opaque logic. 

“These black boxes are now being integrated into applications, APIs and endpoints, making it incredibly challenging to assess and manage their risks.”  

Regulatory requirements will continue to impact cybersecurity strategies 

Of course, regulation will have a major impact in 2025, with resilience sitting at the heart of much of recent legislation. The growing number of regulatory requirements will continue to shape cybersecurity strategies, Raeburn says. “Businesses will need to integrate generative AI security into their governance frameworks and align with regulations such as the EU AI Act and the NIS2 Directive,” he points out. 

Regulatory frameworks will mandate enhanced cybersecurity practices, but the lack of harmony across jurisdictions will present challenges, he warns.  

Compliance will also become more complex, so organisations will have to adapt, says Ilia Sotnikov, security strategist at Netwrix. “New cybersecurity regulations will make third-party cyber risk management increasingly important, especially for organisations with an international footprint or supply chain.” 

Firms will want to recover quickly  

Rather than solely prioritising prevention of attacks, businesses are shifting towards ensuring they can maintain operations and recover swiftly afterwards, says Ian Nicholson, incident response head at Pentest People. Achieving true resilience demands an ongoing culture shift, which will remain a “crucial challenge” in 2025, he predicts. 

This shift requires a change in mindset, accepting that complete protection is unrealistic and instead making it as difficult as possible for attackers to succeed, he says.  

In 2025, companies will shift from merely defending against threats to ensuring continuity and swift recovery, agrees Sam Peters, chief product officer, ISMS.online. With frameworks such as ISO 27001 expanding to address resilience, and regulations including NIS2 introducing stricter incident reporting, organisations will be required to “proactively prepare for and respond to cyber disruptions”, he says.  

Education will be even more key to resilience  

Educating employees is always important, but in 2025, it will be even more key to driving resilience, experts predict. This will be one of the most important ways to increase cyber resilience across companies, rather than simply relying on the IT department, says Conor O’Neill, CEO and co-founder at OnSecurity.  

“It is important for employees to understand their responsibility towards risk management and incident response and planning to enhance the security posture of the organisation as a whole,” he says. 

Despite the increase in AI use in cyber-attacks, research reveals that human error remains the most common threat, O’Neill points out. Key training topics for your workforce may include phishing, password hygiene and two-factor authentication, he says.  

Focus will move from cyber resilience to operational resilience  

In 2025, the focus will move from cyber resilience to operational resilience overall, says Simon Hodgkinson, strategic advisor, Semperis. “Improving resilience will demand ongoing attention from organisations – not just to be compliant, although regulators will continue to have a big hand in driving the security agenda.” 

There needs to be a focus on having the right defences in place, and on people, too, Hodgkinson says. “The talent shortage and high levels of stress and burnout amongst security professionals, including CISOs, means support mechanisms will be critical to building a resilient workforce.”  

Cyber resiliency strategies will be applied to mission-critical functions 

In 2025, businesses will start taking more proactive steps to introduce cyber resiliency strategies for their mission-critical functions, says Martin Lewis, operational resilience sales manager at Wavenet. “Last year, cybersecurity breaches and ransomware attacks persisted, highlighting that even seemingly flawless systems and processes can still be compromised.” 

How to boost resilience 

Boosting resilience is possible, but it’s not a simple, one step exercise, experts warn. “There is no shortcut to cyber resilience,” says Bernard Montel, EMEA technical director and security strategist, Tenable. 

He says improving in the area requires “taking action today so you are prepared for risks that cannot be predicted”.  

As a first step, Montel recommends a “thorough risk assessment” to protect against cyber-attacks, from IT infrastructure to cloud environments and critical infrastructure and “everywhere in between”.  

“This will clarify what could go wrong and expose where weaknesses may exist. You can then determine what preventative action needs to be taken to close those critical security gaps, while also assessing how to recover quickly should defences fail.” 

Kate O'Flaherty Cybersecurity and privacy journalist