The landscape of cybersecurity is set to undergo a significant transformation in 2025, driven mainly by the evolution of Artificial Intelligence (AI) and the significant increase in costs associated with cyber attacks. With average global losses ofUS$ 3,32 millionby company in the last three years, according to a survey by PwC, and a third of Brazilian companies suffering losses of at least US$ 1 million in the same period, the need to strengthen digital defenses has become more critical than ever
AI is emerging as a protagonist in this new phase of cybersecurity, ceasing to be just an auxiliary tool to become an autonomous agent of active defense. According to thereportGoogle Cloud Cybersecurity Forecast 2025, 2025 will mark a significant turning point, with the consolidation of semi-autonomous operations and the preparation for a future of fully automated digital protection. In Brazil, this movement is already evident, with 85% of companies increasing their investments in generative AI in the last 12 months, surpassing the global average of 78%
However, this evolution brings new challenges and concerns. Umgivenalarming revelation this year shows that 89% of IT leaders fear impacts on cybersecurity due to failures in Generative AI. Furthermore, 87% of professionals express concern about the possible lack of accountability for digital security due to overconfidence in technology. This scenario is even more complex when we consider that only 2% of global organizations have fully implemented resilience actions in the area
The use of AI to detect anomalies, responding to incidents and anticipating threats will be increasingly present, allowing for a much faster response time, one of the main current challenges of cybersecurity. Meanwhile, this advance will not be free of challenges. The maturation of AI models, trust in automated systems and governance issues will be crucial to ensure that these technologies help without compromising the security and privacy of organizations. Для підприємств, this will represent the need to review your governance policies, ensuring that AI is used ethically and in compliance with increasingly stringent regulations
The World Economic Forumaddanother layer of complexity by highlighting that 54% of corporate representatives consider thesupply chainof Information System (IS) as the biggest obstacle to cyber resilience. This concern is amplified by the increasing interconnection of supply chains, geopolitical tensions and the rise of emerging technologies, such as new AI languages and quantum computing. That is to say, cybersecurity will be, therefore, a shared responsibility, demanding collaboration between companies, governments and other entities
In the Brazilian context, regulations have played a crucial role in strengthening digital security. A large part of Brazilian leaders recently stated that regulations have encouraged an increase in investments in security over the past 12 months, with 89% recognizing that these standards helped strengthen their security postures. However, a gap of trust persists between CEOs and CISOs regarding the ability to meet regulatory requirements, especially regarding AI and cyber resilience
Organizations also face significant financial challenges related to the implementation of Generative AI. While 75% of IT leaders agree that the costs of Generative AI in cybersecurity products are difficult to quantify, 87% believe that the savings generated by technology will offset the investments. This positive perspective is counterbalanced by the concern about the pressure to reduce the number of cybersecurity professionals, expressed by 84% of respondents
In the national scenario, there is also a growing concern about financial scams, particularly those related to PIX. According to areportabout the topic, fraud losses are expected to grow by 39% by 2028, potentially reaching US$ 1,937 billion. This increase is directly related to the expansion of scams based on social engineering, that do not require advanced technical knowledge on the part of the criminals
The future of cybersecurity and digital security for businesses in 2025 and beyond will require a balanced approach between technological innovation and prudence. Companies will need to invest not only in advanced protection technologies, but also in staff training, awareness of risks and establishment of robust security protocols. The collaboration between the public and private sectors, as well as the sharing of information about threats, it may become increasingly crucial to build a safer and more resilient digital environment – and for the right price
