{"id":22403,"date":"2025-01-09T15:27:49","date_gmt":"2025-01-09T15:27:49","guid":{"rendered":"https:\/\/interface.media\/?p=22403"},"modified":"2025-01-09T15:50:23","modified_gmt":"2025-01-09T15:50:23","slug":"regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025","status":"publish","type":"post","link":"https:\/\/interface.media\/blog\/2025\/01\/09\/regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025\/","title":{"rendered":"Regulation and resilience: will the tide turn for the cybersecurity sector in 2025?\u00a0\u00a0"},"content":{"rendered":"\n<p>Cybersecurity has been and will remain a critical concern for organisations as we <a href=\"https:\/\/interface.media\/blog\/2024\/12\/20\/governance-cyber-threats-and-fintech-6-predictions-for-ai-in-2025\/\">enter 2025<\/a>. Risks that were prevalent over a decade ago \u2014 like phishing and ransomware \u2014 continue to present challenges for cyber professionals. New technologies are giving bad actors new and better ways to access networks and the data they contain.\u00a0<\/p>\n\n\n\n<p>Artificial intelligence (AI) is likely to remain a key element in the strategies of both cyber security professionals and the people they are trying to protect against, and therefore dominates a great deal of the conversation around cybersecurity. As noted in <a href=\"https:\/\/www.ncsc.gov.uk\/collection\/ncsc-annual-review-2024\" target=\"_blank\" rel=\"noreferrer noopener\">GCHQ\u2019s National Cyber Security Centre (NCSC) annual review<\/a>, \u201cwhile AI presents huge opportunities, it is also transforming the cyber threat. Cyber criminals are adapting their business models to embrace this <a href=\"https:\/\/interface.media\/blog\/2024\/12\/27\/manipulating-genai-with-psychological-tricks\/\" target=\"_blank\" rel=\"noreferrer noopener\">rapidly developing technology<\/a> &#8211; using AI to increase the volume and impact of cyber attacks against citizens and businesses, at a huge cost.\u201d<\/p>\n\n\n\n<p>Breaches are becoming more common, the tools available to cybercriminals more effective. This year, conventional wisdom about striving for ever-more-effective security measures in support of an impenetrable membrane around the business may be phased out, as businesses begin to accept it\u2019s not a matter of \u201cif\u201d but \u201cwhen\u201d a breach occurs.&nbsp;&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-cyber-resilience-nbsp\"><strong><em>Cyber resilience&nbsp;<\/em><\/strong><\/h3>\n\n\n\n<p>The UK government\u2019s <a href=\"https:\/\/www.gov.uk\/government\/statistics\/cyber-security-breaches-survey-2024\/cyber-security-breaches-survey-2024\" target=\"_blank\" rel=\"noreferrer noopener\">Cyber Security Breaches Survey for 2024<\/a> found that half of all businesses and approximately one third of charities (32%) in the country experienced some form of cyber security breach or attack in the last 12 months.\u00a0<\/p>\n\n\n\n<p>According to <a href=\"https:\/\/uk.linkedin.com\/in\/luke-dash-33867b25\" target=\"_blank\" rel=\"noreferrer noopener\">Luke Dash, CEO of ISMS.online<\/a>, resilience will take \u201ccentre stage\u201d in the year ahead, as organisations start prioritising continuity over defence, in what he describes as \u201ca shift from merely defending against threats to ensuring continuity and swift recovery.\u201d\u00a0<\/p>\n\n\n\n<p>In tandem with this shift in approach, Dash notes that resilience is also becoming more of a priority from the regulatory side. With \u201cchanges to frameworks like ISO 27001 expanding to address resilience, and regulations like NIS 2 introducing stricter incident reporting, organisations will be required to proactively prepare for and respond to cyber disruptions,\u201d he explains, adding that this trend will result in \u201ca stronger focus on disaster recovery and operational continuity, with companies investing heavily in systems that allow them to quickly bounce back from cyber incidents, especially in critical infrastructure sectors.\u201d<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-regulatory-shifts-reflect-refocusing-on-continuity\"><strong><em>Regulatory shifts reflect refocusing on continuity\u00a0<\/em><\/strong><\/h3>\n\n\n\n<p>Regulations will also spur global action to secure critical infrastructure in 2025, as critical infrastructure like utility grids, data centres, and emergency services are expecting to face mounting cyber threats.&nbsp;<\/p>\n\n\n\n<p>As noted in the NCSC\u2019s report, \u201cOver the next five years, expected increased demand for commercial cyber tools and services, coupled with a permissive operating environment in less-regulated regimes, will almost certainly result in an expansion of the global commercial cyber intrusion sector. The real-world effect of this will be an expanding range and number of victims to manage, with attacks coming from less-predictable types of threat actor.\u201d<\/p>\n\n\n\n<p>This rising tide of cyber threats \u2014 both from private groups and state-sponsored organisations \u2014 will, Dash believes, prompt governments and operators to adopt stronger defences and risk management frameworks. \u201cRegulations like NIS 2 will push EU operators to implement comprehensive security measures, enforce prompt incident reporting, and face steeper penalties for non-compliance,\u201d he says. \u201cGovernments globally will invest in safeguarding essential services, making sectors like energy, healthcare, and finance more resilient to attacks. Heightened collaboration among nations will also emerge, with increased intelligence sharing and coordinated responses to counteract sophisticated threats targeting critical infrastructure.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Resilience promises to take \u201ccentre stage\u201d in the year ahead, as organisations start to prioritise continuity over cyber defence.<\/p>\n","protected":false},"author":480,"featured_media":22404,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"apple_news_api_created_at":"2025-01-09T15:27:55Z","apple_news_api_id":"ce4ed6b6-3a0e-4d0e-84f5-1d0b18a7d693","apple_news_api_modified_at":"2025-01-09T15:50:22Z","apple_news_api_revision":"AAAAAAAAAAAAAAAAAAAAAA==","apple_news_api_share_url":"https:\/\/apple.news\/Azk7WtjoOTQ6E9R0LGKfWkw","apple_news_cover_media_provider":"image","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_cover_video_id":0,"apple_news_cover_video_url":"","apple_news_cover_embedwebvideo_url":"","apple_news_is_hidden":"","apple_news_is_paid":"","apple_news_is_preview":"","apple_news_is_sponsored":"","apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":[],"apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[3],"tags":[],"topic":[613],"class_list":["post-22403","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-interface","topic-cybersecurity"],"acf":[],"apple_news_notices":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.6 (Yoast SEO v26.6) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Regulation and resilience: will the tide turn for the cybersecurity sector in 2025?\u00a0\u00a0 - Interface<\/title>\n<meta name=\"description\" content=\"Resilience promises to take \u201ccentre stage\u201d in the year ahead, as organisations start to prioritise continuity over cyber defence.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Regulation and resilience: will the tide turn for the cybersecurity sector in 2025?\u00a0\u00a0\" \/>\n<meta property=\"og:description\" content=\"Resilience promises to take \u201ccentre stage\u201d in the year ahead, as organisations start to prioritise continuity over cyber defence.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/interface.media\/blog\/2025\/01\/09\/regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025\/\" \/>\n<meta property=\"og:site_name\" content=\"Interface\" \/>\n<meta property=\"article:published_time\" content=\"2025-01-09T15:27:49+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-01-09T15:50:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/01\/iStock-992132108.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1365\" \/>\n\t<meta property=\"og:image:height\" content=\"768\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Dan Brightmore\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Dan Brightmore\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/interface.media\/blog\/2025\/01\/09\/regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025\/\",\"url\":\"https:\/\/interface.media\/blog\/2025\/01\/09\/regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025\/\",\"name\":\"Regulation and resilience: will the tide turn for the cybersecurity sector in 2025?\u00a0\u00a0 - Interface\",\"isPartOf\":{\"@id\":\"https:\/\/interface.media\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/interface.media\/blog\/2025\/01\/09\/regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/interface.media\/blog\/2025\/01\/09\/regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/01\/iStock-992132108.jpg\",\"datePublished\":\"2025-01-09T15:27:49+00:00\",\"dateModified\":\"2025-01-09T15:50:23+00:00\",\"author\":{\"@id\":\"https:\/\/interface.media\/#\/schema\/person\/7c33499ca8e42b097028109cccb22748\"},\"description\":\"Resilience promises to take \u201ccentre stage\u201d in the year ahead, as organisations start to prioritise continuity over cyber defence.\",\"breadcrumb\":{\"@id\":\"https:\/\/interface.media\/blog\/2025\/01\/09\/regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/interface.media\/blog\/2025\/01\/09\/regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/interface.media\/blog\/2025\/01\/09\/regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025\/#primaryimage\",\"url\":\"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/01\/iStock-992132108.jpg\",\"contentUrl\":\"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/01\/iStock-992132108.jpg\",\"width\":1365,\"height\":768,\"caption\":\"Unique Design Abstract Digital Pixel Noise Glitch Error Video Damage\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/interface.media\/blog\/2025\/01\/09\/regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/interface.media\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Regulation and resilience: will the tide turn for the cybersecurity sector in 2025?\u00a0\u00a0\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/interface.media\/#website\",\"url\":\"https:\/\/interface.media\/\",\"name\":\"Interface\",\"description\":\"Delivering World Class Content \u201cFrom Executive, For Executive\u201c\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/interface.media\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/interface.media\/#\/schema\/person\/7c33499ca8e42b097028109cccb22748\",\"name\":\"Dan Brightmore\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/interface.media\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e9ca282f0ef431735a64685769ad57886e24b074c4c58314392755fb79164164?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e9ca282f0ef431735a64685769ad57886e24b074c4c58314392755fb79164164?s=96&d=mm&r=g\",\"caption\":\"Dan Brightmore\"},\"url\":\"https:\/\/interface.media\/blog\/author\/dbrightmore\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Regulation and resilience: will the tide turn for the cybersecurity sector in 2025?\u00a0\u00a0 - Interface","description":"Resilience promises to take \u201ccentre stage\u201d in the year ahead, as organisations start to prioritise continuity over cyber defence.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_GB","og_type":"article","og_title":"Regulation and resilience: will the tide turn for the cybersecurity sector in 2025?\u00a0\u00a0","og_description":"Resilience promises to take \u201ccentre stage\u201d in the year ahead, as organisations start to prioritise continuity over cyber defence.","og_url":"https:\/\/interface.media\/blog\/2025\/01\/09\/regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025\/","og_site_name":"Interface","article_published_time":"2025-01-09T15:27:49+00:00","article_modified_time":"2025-01-09T15:50:23+00:00","og_image":[{"width":1365,"height":768,"url":"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/01\/iStock-992132108.jpg","type":"image\/jpeg"}],"author":"Dan Brightmore","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Dan Brightmore","Estimated reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/interface.media\/blog\/2025\/01\/09\/regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025\/","url":"https:\/\/interface.media\/blog\/2025\/01\/09\/regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025\/","name":"Regulation and resilience: will the tide turn for the cybersecurity sector in 2025?\u00a0\u00a0 - Interface","isPartOf":{"@id":"https:\/\/interface.media\/#website"},"primaryImageOfPage":{"@id":"https:\/\/interface.media\/blog\/2025\/01\/09\/regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025\/#primaryimage"},"image":{"@id":"https:\/\/interface.media\/blog\/2025\/01\/09\/regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025\/#primaryimage"},"thumbnailUrl":"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/01\/iStock-992132108.jpg","datePublished":"2025-01-09T15:27:49+00:00","dateModified":"2025-01-09T15:50:23+00:00","author":{"@id":"https:\/\/interface.media\/#\/schema\/person\/7c33499ca8e42b097028109cccb22748"},"description":"Resilience promises to take \u201ccentre stage\u201d in the year ahead, as organisations start to prioritise continuity over cyber defence.","breadcrumb":{"@id":"https:\/\/interface.media\/blog\/2025\/01\/09\/regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/interface.media\/blog\/2025\/01\/09\/regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/interface.media\/blog\/2025\/01\/09\/regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025\/#primaryimage","url":"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/01\/iStock-992132108.jpg","contentUrl":"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/01\/iStock-992132108.jpg","width":1365,"height":768,"caption":"Unique Design Abstract Digital Pixel Noise Glitch Error Video Damage"},{"@type":"BreadcrumbList","@id":"https:\/\/interface.media\/blog\/2025\/01\/09\/regulation-and-resilience-the-tide-turns-for-the-cybersecurity-sector-in-2025\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/interface.media\/"},{"@type":"ListItem","position":2,"name":"Regulation and resilience: will the tide turn for the cybersecurity sector in 2025?\u00a0\u00a0"}]},{"@type":"WebSite","@id":"https:\/\/interface.media\/#website","url":"https:\/\/interface.media\/","name":"Interface","description":"Delivering World Class Content \u201cFrom Executive, For Executive\u201c","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/interface.media\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/interface.media\/#\/schema\/person\/7c33499ca8e42b097028109cccb22748","name":"Dan Brightmore","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/interface.media\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/e9ca282f0ef431735a64685769ad57886e24b074c4c58314392755fb79164164?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e9ca282f0ef431735a64685769ad57886e24b074c4c58314392755fb79164164?s=96&d=mm&r=g","caption":"Dan Brightmore"},"url":"https:\/\/interface.media\/blog\/author\/dbrightmore\/"}]}},"_links":{"self":[{"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/posts\/22403","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/users\/480"}],"replies":[{"embeddable":true,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/comments?post=22403"}],"version-history":[{"count":2,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/posts\/22403\/revisions"}],"predecessor-version":[{"id":22406,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/posts\/22403\/revisions\/22406"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/media\/22404"}],"wp:attachment":[{"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/media?parent=22403"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/categories?post=22403"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/tags?post=22403"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/topic?post=22403"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}