Quantum Cryptography Predictions, by James Karimi, CIO/CISO, GTT
Development of Quantum-Resistant Cryptographic Algorithms
"The race is on! In 2025, we expect a surge in the development of quantum-resistant cryptographic algorithms. These cutting-edge algorithms are set to be the frontline defense against the formidable power of quantum computers, ensuring everyone's data remains secure.
Encryption approaches will need a new approach because traditional algorithms like RSA and ECC will soon be vulnerable to the lightning-fast capabilities of quantum computers. This seismic shift in encryption means businesses will need to adopt quantum-resistant methods to stay secure. Thankfully, agencies like National Institute of Standards and Technology (NIST) have already finalized two post-quantum encryption standards, Crystals-Kyber and Crystals-Dilithium, which will be pivotal in maintaining secure communications. We expect to see global adoption of these standards.
However, the adoption of quantum-resistant encryption won't be without its challenges. High initial costs and the need for seamless global interoperability between organizations, equipment manufacturers, and public-facing services could slow down adoption."
The Power of Quantum and AI in Proactive Cybersecurity Operations
"Quantum computing is poised to change cybersecurity strategy as we know it today from defense to offense. By improving pattern recognition and anomaly detection, this will also enable faster identification of potential threats, raising awareness more quickly. When quantum computing is combined with AI and machine learning, we could see the development of proactive network defense mechanisms as AI can be programmed to execute on some decisions it has recommended. However, as with any form of AI, careful oversight and management are essential to avoid ethical and legal pitfalls. It will be crucial to ensure AI models have the right guardrails to prevent unintended consequences, such as autonomous retaliatory actions against cyber threats, as this could cause tensions between human attackers and their targets to rapidly escalate in uncontrolled ways."
Government will lead on Quantum-Safe Adoption
"Governments are likely to lead the charge in driving the adoption of quantum-safe cryptography, rather than businesses. Through education and regulatory enforcement, government bodies will push organizations to embrace quantum-resistant methods to protect sensitive data. The volume and complexity of existing environments, especially those with hybrid designs (cloud and on-premises, SaaS and home-grown applications), will influence the strategy, speed and cost of adoption."
Fletcher Keister, Chief Product and Technology Officer, GTT
Decentralized AI Processing Will Redefine Network Architectures
As AI applications operate more and more in real-time and demand low latency, the distribution of traffic is expected to shift from centralized cloud models toward a more decentralized architecture, with substantial data processing occurring at the network edge. In 2025, this shift will see networks increasingly optimized for machine-to-machine communication, where latency and single-hop environments become critical to AI performance and responsiveness.
Emergence of AI Agents Will Drive Demand for Network Reliability and Trust Protocols
Agentic AI -- autonomous systems capable of independent action -- will drive a need for more reliable, secure networks capable of supporting fast, authenticated transactions. This will likely include blockchain-backed protocols to ensure secure interactions between agents and networks. As AI agents proliferate, networks must evolve to handle the sophisticated demands of this new type of digital traffic.
AI at the Edge Will Push More Processing to User Devices
With the increase in device-level processing power, particularly from advances in chip technology, AI processing will increasingly take place directly on user devices, such as smartphones and laptops. This shift will require networks to support significant device-to-cloud traffic, allowing for seamless, high-speed connectivity for AI applications that operate locally and interact frequently with cloud resources.
Tom Major, SVP, Product Management, GTT
Networking sound bites
The green impact from simplifying network management
Network as a Service companies can significantly reduce their carbon footprint and improve environmental performance by simplifying their technology stacks.
By consolidating multiple devices into single, more efficient units, companies can lower power usage and reduce the overall environmental impact. This approach not only helps in achieving ESG goals but also simplifies supply chains, making it easier for customers to manage and report their Scope 3 emissions. Incorporating AI into their network management framework can further enhance efficiency, providing businesses with better reporting tools and insights to optimize performance and sustainability efforts. Moving the needle today means creating simpler tech transformation strategies which generates the outcomes of sustainable growth and operational efficiency.
Erik Nordquist, Global Managed Security Product Director, GTT
Hacked without a Clue
My 2025 prediction for distributed enterprises? You will get hacked. But what's even more unsettling is not knowing when it happens. The longer an attacker remains in the system-intruder dwell times can range from several weeks to months and even over a year-the more costly and damaging these "silent breaches" become. Such attackers will be like that house guest who crashes on your couch and never leaves-except they'll be stealing computing resources, exfiltrating data, finding deeper network vulnerabilities, and even planting backdoors for future access.
The Skills Gap Will Leave Businesses Exposed -- AI-Driven Security Could Make It Worse
With security talent both scarce and costly, companies will keep leaning on automated defenses. But many will learn the hard way that even the best tools are only as good as the people setting them up. As attacks get more complex, the demand for skilled, affordable experts will far exceed supply, leaving a critical gap in oversight and exposing businesses to serious risks if they can't bridge the divide.
Network Security Budgets Will Pivot from Prevention to Incident Response
In 2025, network security investments will shift distinctly toward incident response and detection. Once primarily used by large enterprises, incident response plans and third-party retainers will become priorities for businesses of all sizes. As threats grow more sophisticated, companies will invest heavily in solutions that quickly identify breaches and contain them. While endpoint and firewall protection will remain critical, security budgets will increasingly focus on rapid detection and agile response, reflecting a shift away from pure prevention.
Zero Trust Adoption Will Accelerate as Breaches Become Inevitable
While Zero Trust adoption will still face hurdles -- i.e., complex integration, resource demands, and workforce training -- 2025 will mark a tipping point driven by a surge in breaches across industries. Nothing motivates like pain: organizations hit by attacks will recognize the critical need for containment strategies, prioritizing Zero Trust architectures to limit attacker access and prevent lateral movement. As breaches make Zero Trust a necessity rather than a luxury, companies will push forward, balancing urgency with the realities of implementation.
AI-Driven "Deep Phishing" Will Redefine Targeted Attacks
In 2025, expect a surge in "deep phishing" attacks -- AI-powered campaigns that take spear phishing to a new level of sophistication by using deepfake technology. Unlike traditional phishing or even spear phishing, deep phishing leverages synthetic media to create hyper-realistic impersonations of trusted individuals, such as executives or colleagues, engaging targets with personalized audio or video messages that build a false sense of security. This AI-driven approach will make it nearly impossible for recipients to recognize malicious intent, leading to a sharp rise in successful breaches and signaling the need for advanced detection methods to counteract these highly targeted attacks. Educating employees to recognize these attacks is absolutely essential.
Dave Fraser, VP of Security, GTT
AI Will Fuel a New Wave of Malware, Lowering the Bar for Attackers
In 2025, expect to see more threat actors using AI to create sophisticated malware, lowering the technical bar for launching cyberattacks. With AI, you don't have to be a skilled coder -- anyone with malicious intent can now produce powerful malware quickly and at scale, even tapping into deepfake audio for phishing. To defend against these AI-powered threats, organizations will need to match the speed and agility of attackers or risk falling behind in this new era of accessible cyberweaponry.
Network Security Will Focus on Rapid Response Over Prevention
By 2025, network security will shift from trying to prevent every breach to identifying and responding to them as quickly as possible. With threats becoming more complex and inevitable, businesses will prioritize layered defenses that enable fast, effective incident response. Organizations will expect their teams and providers to act swiftly, with protocols that assume a breach is a matter of when, not if.
Compliance Pressure Will Push for Stronger Cyber Hygiene
In 2025, stricter regulations across the EU, U.S., and U.K. will make service providers more accountable for cyber hygiene. New mandates, like the EU's NIS2 Directive and U.S. FCC requirements, will raise cybersecurity standards, particularly in telecom and critical services. Providers will need to adapt quickly to these national and international rules or face penalties as governments push for stronger network security.
Remote Work Will Accelerate Zero Trust Adoption Through Established Security Foundations
In 2025, remote work will drive Zero Trust adoption as companies build on existing VPNs, endpoint protection, and central logging capabilities already in place for hybrid setups. These foundations will simplify Zero Trust implementation, enabling seamless, consistent security and monitoring across home and office environments.
Darren Wolner, Product Management, Managed and Professional Services, GTT
Automation Will Be Your First Responder
As cyber threats multiply and the network attack surface continues to expand due to growing reliance on hybrid workforces, IoT, cloud services and more, data-driven and AI-infused automation will serve as the primary frontline defense. Such systems will act instantly and autonomously, analyzing data patterns to combat threats without requiring human intervention. They will also allow networks to be more adaptable as automated defenses learn from every new incident to evolve in real time. This will allow organizations to be faster, smarter, and more precise in their responses to emerging threats.
AI Will Take On the Basics, But Security Pros Will Need to Adapt Quickly
By 2025, AI will be handling routine cybersecurity tasks, freeing professionals to focus on complex analysis and strategic threat response. To be clear, this shift won't eliminate the need for skilled experts. Instead, it calls for new expertise in threat intelligence interpretation and strategic thinking. With AI covering the basics, cybersecurity teams will need to use the time gained to adapt swiftly to evolving threats while fully leveraging the latest AI capabilities to keep defenses strong.
SASE and SD-WAN Adoption Will Accelerate, But Full Transformation is Years Away
In 2025, demand for secure, flexible network solutions like SASE and SD-WAN will keep growing, yet many companies will remain in mid-transition. Post-COVID digital transformation and rising cybersecurity threats are certainly driving this shift, but widespread adoption will take resources and time. API automation and AI-driven solutions will be essential in advancing network resilience, paving the way for more autonomous, adaptive defenses. So, there's still a long runway ahead, but these technologies will continue to grow as businesses catch up.
AI Demand Will Drive a New Era of High-Capacity, Low-Latency Network Design
In 2025, the rapid growth of generative AI and AI-driven workflows will push companies to build stronger, faster networks that can handle massive data loads with minimal delay. To keep up, organizations will lean on edge computing and distributed architectures, boosting network performance for hybrid work and cloud environments. AI will play a dual role, not only increasing the need for more powerful networks but also helping network operators fine-tune performance. With AI-driven monitoring and adaptive optimization, networks will become smarter and more efficient, ready to support the high demands of modern AI applications.
Gerard Johnson, Vice President Risk and Compliance, GTT
The bar continues to rise when it comes to ESG reporting.
With regional and international regulations steadily raising the bar for ESG reporting standards, the topic continues to command mindshare for businesses - including in their RFPs for technology companies to partner with. In the EU, the Corporate Sustainability Reporting Directive (CSRD), does expect ESG based reporting for in-scope standards for reporting companies to pass auditor assurance, like Financial reporting currently must.
Investments in technology are paired with the need for an increased ability to provide rigorous reporting on related environmental, social and governance factors. For example, beyond the more visible environmental impact generated by IT hardware manufacturing, Gartner predicts that 30% of large global enterprises will include software sustainability metrics by 2027.
Groundbreaking technologies will need groundbreaking regulation.
In terms of AI adoption, as a new and immensely powerful technology, there is going to be some risk involved. In 2025 to 2026, we expect to see more pen-to-paper legislation around the implementation and access of AI, particularly in certain industries, like finance, with vast amounts of sensitive data.
However, not all AI is created equally. New rules require more detail and should be written and enforced with a risk-based lens, instead of a broad-brush approach. We expect governments and enforcement agencies to consult and train with AI experts who understand the technology, to arrive at the best legislative outcomes, instead of applying legacy regulatory frameworks to AI risk and compliance management. For organizations who use AI, it is imperative to get ahead of this - inventorying AI tools, what they're used for, what they have access to, and consider their overall actual and potential future impact, to implement proactive risk and compliance management approaches ahead of inevitable growth in AI regulation.