The future of digital security: key trends for 2025

In a rapidly evolving digital landscape, the future of information technology and digital security is set to take significant strides by 2025, as outlined by Paul Walker, a field strategist at the firm Omada. Walker’s forecast highlights three pivotal trends that will reshape access controls, decision-making processes, and operational practices for businesses.

A notable prediction is the anticipated shift towards stronger, passwordless authentication methods. Walker asserts that major cybersecurity authorities, including the National Cyber Security Centre (NCSC), the European Union Agency for Cybersecurity (ENISA), and the National Institute of Standards and Technology (NIST), are moving away from enforced periodic password changes. Speaking to Digital Journal, Walker noted, “The longstanding practice of forced periodic password changes is likely to be reconsidered as these authorities cite evidence that frequent changes lead to weaker passwords and reduced security.” With the adoption of innovative authentication methods such as Fast Identity Online (FIDO) standards, businesses are expected to increasingly integrate alternatives like Windows Hello, which uses biometrics for secure access. Walker also mentions the emergence of mobile passkeys, indicating that their phishing-resistant nature is likely to enhance user experience and security simultaneously.

Another significant trend identified by Walker is the emergence of AI-driven, human-augmented decision-making systems in identity management. He expects that by 2025, many organisations will implement these systems, allowing AI to support rather than completely replace human oversight in critical identity decisions. However, Walker highlights several challenges to this transition, stressing that “the transparency of recommendations and the ability for humans to override decisions will be crucial.” Ensuring that decision-makers trust the AI’s recommendations will remain a priority, particularly as they retain accountability for identity management outcomes.

Walker also envisions a shift from a preventative to a proactive approach in security through the integration of Generative AI (GenAI) in Identity Governance and Administration (IGA) products. He suggests that these tools will evolve to provide real-time recommendations and insights that bolster IT security operations. Walker explained, “Integrating Generative AI will be a key driver in this change to become more proactive,” with the potential for daily personalized notifications to enhance identity security. This transformation signifies a departure from a purely preventative focus, with IGA evolving into a tool that actively contributes to operational security.

Lastly, Walker forecasts an increased adoption of the OpenID Shared Signals Framework (SSF) by 2025, enabling robust communication between security tools. He believes that this framework will enhance adaptive security postures, allowing enterprises to create collaborative security ecosystems across various providers and applications. He remarked, “With its flexibility and scalability, the SSF will lead to more collaborative security ecosystems, breaking down silos across cloud providers, SaaS applications and security systems.” This integration is predicted to play a crucial role in defending against the increasingly complex threats facing modern businesses.

As the landscape of AI automation and digital security continues to evolve, these trends signal a transformative shift in how businesses manage access, security, and identity governance.

Source: Noah Wire Services