Trend Tide News

10 cybersecurity predictions for 2025 | TechTarget


10 cybersecurity predictions for 2025 | TechTarget

These sophisticated attacks are difficult to detect and mitigate. Lewis said organizations should focus on cyber resilience over prevention because history has shown attackers won't be stopped all the time. He also recommended organizations implement microsegmentation to make lateral movement and data exfiltration more difficult for adversaries.

The number of open source software attacks has grown rapidly, with supply chain management vendor Sonatype tracking more than half a million new malicious packages since November 2023.

The Open Source Security Foundation (OpenSSF), a community of software and security engineers, predicted open source software attacks will continue to rise in 2025.

Part of the challenge is developers aren't always trained in security, said Christopher Robinson, chief security architect at OpenSSF. And many organizations don't properly vet their applications, he added. Rather they just "blindly take in components" that could subject themselves and their customers to vulnerabilities.

To mitigate issues, Robinson recommended requesting vendors' software bills of material to understand the components of their software and conducting fuzzing, source code analysis and vulnerability scanning to assess software security. Companies and vendors should also report and share potential security issues to keep others and the open source community informed, he added.

As the number of open source supply chain attacks increases, expect regulations to follow. Robinson said OpenSSF is already working on open source regulation with the European Commission and has heard Japanese and Indian governments are considering similar legislation.

Previous articleNext article

POPULAR CATEGORY

commerce

9601

tech

10544

amusement

11540

science

5246

various

12250

healthcare

9274

sports

12210