EN

Contact

Company

Service

Product

Media Center

Contact

Company

Service

Product

Media Center

EN
EN

Contact

Company

Service

Product

Media Center

Go to Top

Go to Top

가트너 ciso 보안트렌드
가트너 ciso 보안트렌드
가트너 ciso 보안트렌드
가트너 ciso 보안트렌드

Security Insights

Security Insights

Security Insights

2025 Security Trends Every CISO Should Know, According to Gartner

2025 Security Trends Every CISO Should Know, According to Gartner

2025 Security Trends Every CISO Should Know, According to Gartner

김인순대표
김인순대표

Kim In-soon

Kim In-soon

Jul 4, 2025

Jul 4, 2025

Jul 4, 2025

Content

Content

Content

6 Cybersecurity Trends Highlighted by Gartner

“Is our company doing well in terms of security?”

This is a daily question for security managers. Generative AI like ChatGPT enters the workplace, and employees communicate through collaboration tools. Numerous servers and devices operate in a cloud environment. Can the traditional 'defense'-centered security strategy cope with the changing environment?

Global market research firm Gartner has announced the 6 key cybersecurity trends for 2025. Here is a summary of the six cybersecurity trends presented by Gartner.

1. Generative AI and Data Security: "Security Follows the Training Data"

These days, many companies are using internal documents or customer data for AI training. It's important to note that if data used for AI training is leaked or misused, it can cause significant issues. 

In early 2024, a global insurance company uploaded internal data to a large language model (LLM), which led to the exposure of some customer personal information externally, causing a major issue. 

This incident highlighted that ‘AI security’ should not just focus on the model itself, but must start with data security

When training models, security must be considered. It is important to use synthetic data to protect personal information while maintaining AI training quality. Technologies like DSPM (Data Security Posture Management) offer a way to track the flow of sensitive information in the cloud in real time. Unstructured data (documents, emails, images, etc.) must also be managed, as AI learns from such data as well.

2. Machine Identity: "Servers and APIs Need 'Authentication' Too"

The security team has been making efforts to properly manage employee IDs. However, the targets for management are not just people. Server, API, automation bots (RPA) and other machine identities are increasing. 

Machine accounts are assigned IDs but are often not properly managed. 

According to the Gartner 2024 IAM Leadership Survey, 87% of security teams are responsible for machine identity management, but in reality, only half are managing them. 

In fact, one of the main entry points for cyber attackers is 'abandoned machine accounts.' 

In 2023, an American manufacturing company suffered an incident where an automation bot account used for regular backup work was hacked, resulting in the entire database being encrypted. This happened because multi-factor authentication (MFA) was not set up for the machine account. Identity verification and access management policies must be applied to all machine accounts.

In DevOps environments, 'machine-only IAM policies' are established to conduct automated security checks. During security training, the importance of system accounts as well as human accounts must be recognized.

3. Organization of Security Technologies: “Too many solutions pose a risk”

Many companies have added security solutions like ‘This is threat intelligence, that is cloud workload protection’.

According to a study by IBM Institute for Business Value, companies are using an average of 83 security solutions from 29 different vendors simultaneously. More than half of the respondents (52%) said complexity is the greatest obstacle to security operations.

This leads to unnecessary complexity and risk. There are many tools, but they are not interconnected, operations are complicated, and budgets increase. The more tools there are, the greater the threat. Each tool can serve as a potential entry point for attackers.


Gartner refers to this situation as ‘technology overload’ and emphasizes that it should now be organized with interoperability and data-driven structures among security systems, like a ‘Cybersecurity Mesh Architecture (CSMA)’.


The IBM study also found that organizations with an integrated platform took an average of 72 days to detect a security incident and an average of 84 days to contain it. Integrating multiple tools into a single platform not only enhances security posture but also reduces costs and improves operational efficiency.

4. Tactical AI: 'Small AI Saves the Company'

It is easy to think big when introducing AI into the security team. However, Gartner advises to 'start with small AI'

For example, AI can automatically classify cyber alerts, automatically generate reports, and provide automated tools where AI tests security vulnerabilities first.

5. Security Culture and Behavior Change: “Not just clickthrough rates, but has real behavior changed?”

The company’s security training often requires employees to take a session only once a year. It's what is known as a mandatory defense session. 

Gartner suggests introducing a Security Behavior and Culture Program (SBCP) to change actions. 

SBCP is literally a strategic program aimed at transforming employees' security behaviors and the organization’s security culture.

Instead of merely saying, 'Be careful with emails!' and ending there, this program considers why an employee made such a mistake and how habitual security practices can be developed.

Traditional security training typically involves watching videos and taking quizzes once a year. Employees participate out of obligation, but mistakes occur in real situations. 

Gartner proposed that for teams with high phishing email click rates, analyze real incidents and provide customized training, suggesting that quizzes sent through everyday tools like Teams or Slack are much more effective. Instead of measuring simple course completion rates, it recommends setting indicators for behavior changes before and after training (e.g., click rates, reporting rates, response times, etc.).

6. Well-being of CISO and Security Team: “When people are exhausted, technology also fails.”

Gartner has finally classified burnout of security teams as an organizational risk. There is a lot of work, resources are scarce, and attacks never cease, so naturally, they become exhausted. As a result, increased turnover rate, more mistakes, and slower response times pose real threats.

Gartner suggested introducing welfare programs exclusively for security teams in cooperation with HR. Set priorities for work and boldly cut down less important tasks. The burnout of the Chief Information Security Officer (CISO) should also be managed at the organizational level.

김인순대표
김인순대표

Kim In-soon

Kim In-soon

Start-up College Adjunct Professor at Gachon University
Start-up College Adjunct Professor at Gachon University

Former desk member of the Electronic Newspaper ICT Convergence Department, active as a cyber security journalist and communication expert for 20 years.

Former desk member of the Electronic Newspaper ICT Convergence Department, active as a cyber security journalist and communication expert for 20 years.

Popular Articles

AI, Cloud, Space: A Major Shift in Security Thumbnail

Security Insights

AI, Cloud, and Space: The Paradigm Shift in Security - Summary of Four Major Security Policies Revealed at CSK2025

AI, Cloud, Space: A Major Shift in Security Thumbnail

Security Insights

AI, Cloud, and Space: The Paradigm Shift in Security - Summary of Four Major Security Policies Revealed at CSK2025

AI, Cloud, Space: A Major Shift in Security Thumbnail

Security Insights

AI, Cloud, and Space: The Paradigm Shift in Security - Summary of Four Major Security Policies Revealed at CSK2025

Threat Intelligence

In-Depth Analysis of the APT Down - The North Korea Files leak

Threat Intelligence

In-Depth Analysis of the APT Down - The North Korea Files leak

Threat Intelligence

In-Depth Analysis of the APT Down - The North Korea Files leak

CTF Organizer Enki WhiteHat, About the Hacking Defense Contest Thumbnail

Security Insights

About the Hacking Defense Competition by CTF-Operating Company

CTF Organizer Enki WhiteHat, About the Hacking Defense Contest Thumbnail

Security Insights

About the Hacking Defense Competition by CTF-Operating Company

CTF Organizer Enki WhiteHat, About the Hacking Defense Contest Thumbnail

Security Insights

About the Hacking Defense Competition by CTF-Operating Company

Analysis of Formbook Payload Loaded by PureCrypter Distributed from South Korean IP

Threat Intelligence

Analysis of Formbook Payload Loaded by PureCrypter Distributed from South Korean IP

Analysis of Formbook Payload Loaded by PureCrypter Distributed from South Korean IP

Threat Intelligence

Analysis of Formbook Payload Loaded by PureCrypter Distributed from South Korean IP

Analysis of Formbook Payload Loaded by PureCrypter Distributed from South Korean IP

Threat Intelligence

Analysis of Formbook Payload Loaded by PureCrypter Distributed from South Korean IP

Back to List

Back to List

More Articles

AI, Cloud, Space: A Major Shift in Security Thumbnail

Security Insights

AI, Cloud, and Space: The Paradigm Shift in Security - Summary of Four Major Security Policies Revealed at CSK2025

Kim In-soon

Oct 2, 2025

AI, Cloud, Space: A Major Shift in Security Thumbnail

Security Insights

AI, Cloud, and Space: The Paradigm Shift in Security - Summary of Four Major Security Policies Revealed at CSK2025

Kim In-soon

Oct 2, 2025

AI, Cloud, Space: A Major Shift in Security Thumbnail

Security Insights

AI, Cloud, and Space: The Paradigm Shift in Security - Summary of Four Major Security Policies Revealed at CSK2025

Kim In-soon

Oct 2, 2025

CTF Organizer Enki WhiteHat, About the Hacking Defense Contest Thumbnail

Security Insights

About the Hacking Defense Competition by CTF-Operating Company

EnkiWhiteHat

Sep 11, 2025

CTF Organizer Enki WhiteHat, About the Hacking Defense Contest Thumbnail

Security Insights

About the Hacking Defense Competition by CTF-Operating Company

EnkiWhiteHat

Sep 11, 2025

CTF Organizer Enki WhiteHat, About the Hacking Defense Contest Thumbnail

Security Insights

About the Hacking Defense Competition by CTF-Operating Company

EnkiWhiteHat

Sep 11, 2025

The Reality of AI-Powered Hacking Anthropic’s Report on the Evolution of AI Cybercrime

Security Insights

The reality of AI automation hacking: The 'AI Cyber Crime Evolution Report' revealed by Anthropic.

Kim In-soon

Aug 28, 2025

The Reality of AI-Powered Hacking Anthropic’s Report on the Evolution of AI Cybercrime

Security Insights

The reality of AI automation hacking: The 'AI Cyber Crime Evolution Report' revealed by Anthropic.

Kim In-soon

Aug 28, 2025

The Reality of AI-Powered Hacking Anthropic’s Report on the Evolution of AI Cybercrime

Security Insights

The reality of AI automation hacking: The 'AI Cyber Crime Evolution Report' revealed by Anthropic.

Kim In-soon

Aug 28, 2025

The Beginning of Flawless Security System, From the Expertise of the No.1 White Hacker

Prepare Before a Security Incident Occurs

Contact

The Beginning of Flawless Security System, From the Expertise of the No.1 White Hacker

Prepare Before a Security Incident Occurs

Contact

The Beginning of Flawless Security System, From the Expertise of the No.1 White Hacker

Prepare Before a Security Incident Occurs

Contact

Copyright © 2025. ENKI WhiteHat Co., Ltd. All rights reserved.

Copyright © 2025. ENKI WhiteHat Co., Ltd. All rights reserved.

Copyright © 2025. ENKI WhiteHat Co., Ltd. All rights reserved.