SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Blockchain
#
AI
#
Cybersecurity

Kyndryl forecasts 2025 cybersecurity focus on supply chains

Fri, 3rd Jan 2025
Author image
By Shannon Williams, Journalist

Kyndryl has released its cybersecurity predictions for 2025, with a primary focus on the security of supply chains following high-profile attacks and breaches in the past year.

Supply chain security has ascended as a priority for Australian organisations, prompting Chief Information Security Officers (CISOs) and security leaders to conduct thorough evaluations and revisions of their supply chain management. This direction aims to mitigate the risks associated with third-party connections and enhance overall business efficiency.

According to Kyndryl, Australian businesses are in the process of reassessing their supplier relationships to address the threats posed by products, services, and technological environments provided by third parties. The objective is to streamline supplier partnerships where possible, thereby reducing vulnerability and enhancing business processes.

"Thanks to the increased focus on cyber security across the board in ANZ these last few years, we are seeing a real maturation from organisations in terms of how they approach security," said E-Yang Tang, Vice President, Security, Resiliency & Network, ANZ at Kyndryl. "Where in previous years we saw organisations focus on protecting their own direct environments, we are now seeing an evolution in this approach with the understanding that third parties can pose just as much of a risk to business continuity."

"Australian businesses have been impacted by globally significant supply chain attacks over the past few years, which while certainly unfortunate, have driven this increased understanding in the factors contributing to an organisation's security posture. We'll see businesses use existing tools and methods to refine their security practices, and I think we'll see a comeback of NFTs and blockchain technologies for verification purposes, which may ultimately be a more suitable use case for them than tokenisation," he added.

In 2025, businesses across industries are expected to intensify their focus on supply chain traceability and operational security in response to expanding threat landscapes and heightened regulations. Companies will face pressure to improve visibility across supply chains, spurring investments in neglected technologies around data integration. Furthermore, manufacturers are likely to adopt distributed manufacturing practices, with recent geopolitical conflicts amplifying concerns over supply chain integrity.

There is also an anticipated resurgence in the use of NFTs, driven by the rise of AI-generated deepfakes and insider threats. Organisations may pivot to blockchain technologies like NFTs for authentication purposes, using them to confirm the legitimacy of communications from executives and prominent stakeholders. Such NFTs could be integrated into businesses' existing email platforms.

Kyndryl predicts that ANZ CISOs will strive for vendor consolidation to manage security tool proliferation. This environment has led many businesses to pay for redundant tools with overlapping functionalities. In 2025, organisations are expected to challenge vendors to justify the use of specific tools, potentially consolidating into fewer vendors to reduce redundancy.

An increase in regulatory scrutiny will potentially lead to the establishment of 'Ethical AI' departments within companies. These cross-functional teams will focus on compliance with regulatory standards such as the Australian Prudential Regulation Authority's CPS 230 and 234. These teams will ensure that AI utilization aligns with regulatory requirements and public expectations, while also safeguarding the business from potential cyber threats or data breaches.

For organisations planning for 2025, Kyndryl emphasises the importance of proactive cybersecurity planning and workforce training on tools and practices to safeguard against attacks. Maintaining transparent communication with customers, vendors, partners, employees, and regulators about cybersecurity and ethical AI practices is crucial for building trust and ensuring organisational coherence.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Kaspersky achieves 100% scorecard in SE Labs tests for 2024
SquareX reveals critical breach of Cyberhaven extension
US may ban TP-Link amid smart device security concerns
Abnormal Security named leader in Gartner email security
Trend Micro named leader in Gartner email security review
Top stories
Open source software challenges predicted to continue in 2025
Exclusive Networks launches Exclusive Global Solutions
Phishing attacks rise in 2024 with AI-driven tactics
Kaspersky warns of increasing threats from tampered NFC tags
CloudSEK report reveals surge in complex cyber threats