Security Trends 2025: Predictions and Perspectives from Akamai Technologies APJ

Attributed to Reuben Koh, Director of Security Strategy, Akamai Technologies APJ

1.     The need for essential security safeguards in the era of AI

In 2025, we’re going to witness a seismic shift in how organisations across APJ embrace artificial intelligence. Nearly half of businesses are gearing up to significantly increase their AI investments, setting the stage for an explosion of innovation. By 2028, we anticipate over $110 billion being funneled into AI technologies.

We’ll see an essential pivot towards AI security that cannot be ignored. Organisations will need to focus on two key areas: safeguarding their AI systems from vulnerabilities and defending against increasingly sophisticated AI-driven attacks. Cybercriminals are already leveraging AI to make their methods more effective and evasive, which means businesses must ramp up their security frameworks to counter these evolving threats.

2.     Electoral cyber threats are a real problem and will continue to be so

In the past year, it was a record year for elections worldwide where approximately 4 billion people across 60 countries were expected to vote, including major elections in the US, UK, EU, Taiwan, South Africa, and India. Generative AI made its mark on these elections, with sophisticated attacks meant to deceive voters and impact elections.

2025 will be the year these tools and techniques – such as deepfakes, targeted scams, social engineering – move down-market and become readily available to ordinary cyber criminals. Consumers and organisations need to be on the alert for fakes and scams across all forms of interaction: email, text, phone calls and video calls.

3.     LLM’s security risks become tangible

The hype surrounding large language models (LLMs) will face a stark reality check as security vulnerabilities come to the forefront. While some exploitable flaws have already been publicly disclosed, we can expect an uptick in both the frequency and severity of these issues. LLMs present a significant attack surface for malicious actors, and the nature and locations of these vulnerabilities will become increasingly evident. As the risks become clearer, organisations will need to weigh the promise of LLMs against the potential security pitfalls, leading to a more cautious approach in their AI strategies.

4.     Building agile security systems needs to include our security fundamentals

Starting in 2025, I think we will see an increasing focus on two aspects of AI security: protecting AI systems and defending against AI-driven attacks. After all, cyber criminals are also looking at how to leverage AI to make their attacks more evasive, more efficient, and more effective. AI will lower the barriers to entry for attackers, accelerating their ability to identify and exploit vulnerabilities.

While it is important that we focus on AI, we cannot forget our security fundamentals. Attackers will still come after our API endpoints, and they will still conduct phishing attacks. We need to ensure that patches are deployed in a timely manner, our safeguards are always on, and that people are continuously trained to identify and mitigate malicious activity. Because with or without AI, those threats are not going away.