Top 6 Cybersecurity Trends: Burnout, Gen AI, Tactical AI - Check Full Gartner List

In 2025, security and risk management (SRM) leaders will need to navigate a variety of challenges and opportunities in order to foster resilience and facilitate change. Their endeavours are essential to improve their organisation's ambitions to ensure that their ideas are safe and long-lasting in a rapidly evolving digital landscape. In this backdrop, Gartner, Inc. has announced its top 6 cybersecurity trends for 2025. 

These trends are influenced by generative AI evolution, digital decentralising, supply chain interdependencies, regulatory change, talent shortages and an evolving threat landscape.

Databases and other structured data are typically the focus of the majority of security initiatives and financial resources. But as gen AI grows, data security protocols are changing to protect unstructured data, including text, photos, and videos. The training of large language models, deployment of data, and the inference processes are all significantly impacted by the fact that many organisations have reoriented their investment strategy.

As gen AI, cloud services, automation, and DevOps approaches become more widely used, machine accounts and credentials are being used for software workloads and physical devices. The attack surface of an organisation can be greatly increased by machine identities if they are not maintained and regulated. In order to defend against threats, SRM executives are being pressured to develop a plan to deploy strong machine identity and access management (IAM).

Due to inconsistent outcomes from AI deployments, SRM executives are refocusing their efforts on more specific use cases that have quantifiable, immediate effects. The actual impact of AI investments is made more visible through these tactical implementations. According to Gartner, SRM leaders now have clear responsibilities to secure third-party AI consumption, protect enterprise AI applications and improve cybersecurity with AI.

According to a Gartner survey of 162 large enterprises, conducted between August and October 2024, organisations use an average of 45 cybersecurity tools. With over 3,000 vendors in cybersecurity, SRM leaders need to optimise their toolsets to build more efficient and effective security programmes.

Security behaviour and culture programmes have reached an inflection point for most organisations. One of the largest drivers of change in these programmes is gen AI—enterprises combining the technology with an integrated platforms-based architecture will experience 40% fewer employee-driven cybersecurity incidents by 2026, according to Gartner.

According to Gartner, burnout among SRM leaders and security teams is a major issue for a sector already affected by a systemic skills shortage. The challenges of safeguarding complex organisations in dynamic threat, regulatory, and business environments with limited authority, executive backing, and resources are the root cause of this widespread stress. Cybersecurity burnout and its organisational impact must be recognised and addressed to ensure cybersecurity program effectiveness.