DigiCert, a global provider of digital trust, today released its annual cybersecurity forecast study for identity, technology, and digital trust that are expected to shape the landscape in 2025 and beyond. These forecasts provide insight into the cybersecurity challenges and opportunities that businesses will face in the coming months. The full forecasts and outlook from DigiCert for the new year can be found on the DigiCert blog.
Prediction 1: Post-quantum cryptography takes off.
2025 marks a crucial year as post-quantum cryptography (PQC) shifts from theoretical frameworks to real-world deployments. With imminent announcements from the U.S. National Security Agency (NSA) and increasing compliance pressures, PQC adoption will surge, empowering industries to embrace quantum-resistant solutions.
Prediction 2: Chief Trust Officers take center stage.
Digital trust is becoming a boardroom priority, leading to a continued increase in Chief Trust Officers (CTrOs) who will oversee ethical AI, secure digital experiences, and compliance in an increasingly regulated environment.
Prediction 3: Automation and cryptoagility become a necessity.
With the industry shifting toward shorter SSL/TLS certificate lifecycles, automation and cryptoagility will emerge as essential capabilities for organizations seeking to maintain secure operations amidst evolving standards.
Prediction 4: Content provenance becomes popular.
In an era of deepfakes and digital disinformation, the Coalition for Content Provenance and Authenticity (C2PA) is poised to redefine how we verify digital content. Expect to see the C2PA content credential icon become commonplace in images and videos to increase trust across all media platforms.
Prediction 5: Organizations will require resilience and zero disruptions.
The CrowdStrike outage this summer highlighted the need for better testing of automated updates and greater digital trust. As IoT adoption grows, concerns about the security of over-the-air updates, especially for autonomous cars, are generating calls for greater transparency in security practices. The EU's Cyber Resilience Act, in force in 2027, will drive stricter cybersecurity standards, promoting a safer and more trustworthy IoT ecosystem.
Prediction 6: AI-powered phishing attacks will increase.
The proliferation of AI will fuel an unprecedented increase in sophisticated phishing attacks, making them harder to detect. Attackers will leverage AI to create highly personalized and convincing phishing campaigns, while automated tools will allow them to scale attacks at an alarming rate, targeting individuals and organizations with precision.
Prediction 7: New private PKI standards like ASC X9 will gain traction.
ASC X9 is poised to gain traction as sectors like finance and healthcare increasingly demand customized security frameworks to meet stringent regulatory requirements and unique operational needs. Unlike public PKI, ASC X9 offers greater flexibility by enabling customized policies and trust models, addressing critical areas such as data integrity and authentication. This ability to foster secure, scalable, and interoperable frameworks will make ASC X9 a preferred standard for organizations that prioritize trust and collaboration.
Prediction 8: Cryptographic Material List (CBOM) gains momentum.
In response to growing cybersecurity threats, CBOMs will become a vital tool for ensuring digital trust by cataloging cryptographic assets and dependencies, enabling better risk assessments.
Prediction 9: The Era of Manual Certificate Management Ends
Manual certificate management, still common in nearly a quarter* of companies, will be phased out as automation becomes indispensable for dealing with shorter certificate lifecycles and more stringent security protocols.
Prediction 10: Organizations will continue to prioritize fewer suppliers.
Despite concerns about the risks of single vendors and a surge in venture capital funding for AI startups, companies will continue to consolidate vendors to simplify management, improve integration, and enhance overall security practices.
“The relentless pace of innovation is not only reshaping our digital lives—it’s exposing new vulnerabilities faster than we can protect against them, demanding a bold rethinking of how we approach cybersecurity,” said Jason Sabin, CTO of DigiCert. “The forecasts for 2025 underscore the urgent need to stay ahead of these vulnerabilities by driving quantum readiness, increasing transparency, and reinforcing trust as the foundation of our rapidly changing digital ecosystem. DigiCert remains committed to shaping and protecting future digital innovation to stay ahead of the vulnerability curve.”
For more detailed insights into DigiCert's security predictions for 2025, visit the DigiCert blog at https://www.digicert.com/blog/2025-security-predictions .
