Cybersecurity Trends to Watch in 2025 from Fortra’s Annual Cybersecurity Survey  

Top Security Risks and Trends

Across the board, these five attack vectors proved to be top-of-mind for the majority of surveyed cybersecurity professionals in Fortra’s most recent State of Cybersecurity report:

1. Phishing/Smishing 

Phishing is a perennial challenge, but thanks to GenAI it has become a bigger – and more serious – threat than ever. This year's numbers reflect that, with an increase from 81% to 83%. Although slight, you’d think that the increased adoption of stronger anti-phishing tools like integrated cloud email security (ICES) would cause fear of phishing abuse to go down. However, as other figures will show, there is reason to believe that GenAI and its capability for near-flawless social engineering is still managing to keep ahead of industry gains. 

2. Malware/Ransomware

If attackers have their way, malware (and ransomware in particular) is one cybersecurity trend that is never going out of style. While tactics evolve, these exploits are a tried-and-true danger for organizations, and the numbers reflect that. In the 2025 report, nearly three quarters (71%) of professionals ranked malware/ransomware as their second-greatest security risk. Interestingly, this number represented a slight decrease from last year (76%), which could reflect better malware detection engines doing their job. This follows the logic of more anxiety over phishing and social engineering threats (as we’ll see), because powerful signature-based detection tools and XDR platforms are getting more adept at catching ransomware in the wild. 

3. Social Engineering 

Participants ranked social engineering as a more threatening risk factor this year than last, with an increase of 5%. This can include anything from job fraud on LinkedIn to QR code scams and Business Email Compromise (BEC) attacks. Fortra’s most recent BEC Global Insights Report: January 2025 revealed a 10% uptick in BEC scams from the month before, with international (non-US) banks being the primary target of choice for wire transfer scammers (accounting for 30% of all such attacks). According to the report, the average wire transfer amount requested has gone up, too; rising from $16,799 in December to $24,586 this January.

Another interesting cybersecurity trend worth noting is the fact that “Evolving Technology” was a top concern for 50% of participants this year, indicating a 15% spike from the modest 35% it garnered last year. As more advanced AI capabilities continue to roll out, it makes sense that it would be an increased cause for concern. These capabilities lead directly into social engineering:

• Deepfakes

• Word-perfect emails in any language

• Highly customized AI-created phishing campaigns

And more. The trick is for cybersecurity providers to leverage AI in equally effective ways. 

4. Cybersecurity Initiatives

More interesting 2025 cybersecurity trends continue; despite diligent security efforts by established security frameworks to modernize and keep pace with current threats, even the most trusted standards like NIST are only getting moderate adoption rates: 54% for NIST, the top contender, and even that is down by 5% from last year. Do today’s companies really trust these frameworks to keep up? Or are efforts being diverted to in-house zero trust initiatives and compliance frameworks that are non-optional? 

Fortra’s Annual Cybersecurity Survey

Now in its second year, Fortra’s annual State of Cybersecurity Survey canvasses opinions from professionals in over two dozen industries and across the globe, gathering facts and analyzing the latest cybersecurity trends. To compare this year’s data with last year’s trends, check out last year’s 2024 State of Cybersecurity Survey report. Remember, the best way to plan ahead is by knowing what’s behind.