GTT on What to Watch in Security and Networking in 2025

To handle these rapid developments in the offensive and defensive cyber strategies, corporate networks must be built and managed to ensure that, whatever happens, downtime can be mitigated and reduced and consistent, effective security upheld.

GTT’s Gary Sidhu and Erik Nordquist, explore the most critical security and networking trends that businesses need to prepare for in the coming months.

Gary Sidhu, SVP, Product Engineering, shares how AI will affect network security this year: “A recent study identifies undetected vulnerabilities (46%), ransomware (45%), and data theft (44%) as the primary threats facing enterprises today. We believe the continued adoption of generative AI and AI workflows is set to improve network security significantly. AI-based networking assistants and correlation engines are creating excitement by offering advanced capabilities for network security.”

“The potential for human-supported, autonomous secure networking deployments is being explored, which could revolutionise how enterprises approach networking and security. AI-led penetration testing, automated vulnerability mitigation, and AI-driven security incident response are some of the promising applications that could enhance network resilience. Ultimately, this helps businesses head off the biggest cyberthreat pain points today.”

Erik Nordquist, Global Managed Security Product Director, is of the opinion that the biggest worry for an enterprise should be not realising if they’ve been hacked:

“Cyberattacks are inevitable. But what’s even more concerning for IT teams is not knowing when they’ve occurred. The longer an attacker lingers undetected — sometimes weeks, months, or even over a year — the more damaging these ‘silent breaches’ become. Think of it like an unwelcome houseguest who refuses to leave — except instead of hogging your couch, they’re siphoning data, exploiting vulnerabilities, and planting backdoors for future access.

"In response, businesses will prioritise incident response strategies, detection plans, and third-party retainers to minimise the impact. As threats grow more sophisticated, organisations will shift security investments toward tools that rapidly detect breaches and contain them. While endpoint protection and firewalls will remain essential, budgets will increasingly emphasise fast detection and agile response — signaling a move away from relying solely on prevention.

Nordquist goes on to warn how AI will revolutionise cyberattacks, particularly through convincing and highly targeted phishing attempts. :

“In 2025, expect a surge in ‘deep phishing’ attacks—AI-driven campaigns that elevate spear phishing to a new level of sophistication using deepfake technology. Unlike traditional phishing or spear phishing, these attacks will rely on synthetic media to create hyper-realistic impersonations of trusted individuals, such as executives or colleagues. Personalised audio or video messages will build a false sense of security, making it nearly impossible for recipients to recognise malicious intent. This advanced tactic will significantly increase the success rate of phishing attacks, underscoring the urgent need for advanced detection methods and comprehensive employee education to mitigate the risk.”

Zero Trust frameworks will see a spike in adoption, according to Nordquist, as a response to higher threat levels in 2025:

“While Zero Trust adoption will still face challenges—such as complex integration, resource demands, and employee training—2025 will mark a tipping point,” Nordquist explains. “As breaches continue to surge across industries, organisations will recognise the critical need for containment strategies. Zero Trust architectures will become essential to limit attacker access and prevent lateral movement. For many companies, it will no longer be a luxury but a necessity, driving accelerated adoption despite implementation hurdles.”

Nordquist also emphasises that while 2024 saw significant advancements in AI, 2025 will be the year of widespread AI integration across organisations. This evolution will impact both attackers and defenders. For IT teams, simplifying cyber defense, network and data management, and operational resilience into a single, streamlined platform will be key. By consolidating these systems, organisations can focus on strategic initiatives that build business value while reducing the mounting pressure on IT teams expected in 2025.”