2025 Cybersecurity Predictions by Teleport CEO Ev Kontsevoy

The AI hype cycle is in full swing, and “AI” has become the latest buzzword getting attention in boardrooms. Hyperscalers like Salesforce, Microsoft, and Google are racing to make agentic AI, that is AI that can operate independently of human intervention, available to the wider public. There is broad commercial support for it: 82% of executives surveyed by Capgemini plan to implement AI agents within the next three years.

While I’m excited about the productivity gains that AI agents can bring to organizations, I don’t believe most business leaders have grasped the challenges agentic AI will create for cybersecurity teams. With AI agents straddling the line between human and machine, this technology will have significant implications for the leaders who govern access control and security, and will evolve how social engineering attacks may occur. Here are my 2025 predictions for how the rise of AI Agents will play out in cybersecurity.

AI Agents are the next phishing victims

When people talk about cybersecurity, they usually think of two things: software vulnerabilities that hackers exploit, and phishing attacks exploiting human mistakes. They probably think that protecting intelligent agents will work exactly the same as with any other type of software. In 2025, however, I believe cybersecurity teams are in for a wakeup call when they see how easily AI agents can be vulnerable to both types of attacks. As any software, AI agents will be vulnerable to malware, but the more human-like AI agents become, the more fallible to identity attacks they will be.

On paper, AI agents already have a lot in common with humans. They learn through experience, designed to fine-tune their performance through continuous feedback, but this also makes them prone to trickery. Cybersecurity researchers proved AI assistants can be manipulated into taking on malicious personas like data pirates to extract sensitive information. The BBC even launched a complaint about Apple Intelligence attributing a fake headline to the outlet. It’s not hard to imagine scammers using prompt injection to fool AI agents into clicking links they shouldn’t.

To give agents autonomy is to give them license to make mistakes. The companies creating these agents will, no doubt, train agents to counteract manipulative prompt injection techniques, but there’s no such thing as bug-free software. By the same token, we cannot assume there will ever be bug-free AI. As for what we do about that problem, enter my second prediction.

Security teams will stop treating AI like software

Identity and access technologies have traditionally been designed with the assumption that users are either human or machine. The human-like behaviour of AI agents, however, throws a wrench in this dichotomy because they’re vulnerable to both malware attacks and identity attacks.

What is the solution to this? Treat AI like a human, not like software. I expect more organizations will come around to this fact in 2025, and when they do, it will kick off a big consolidation in the tools that govern identity and access. Mergers and acquisition will accelerate as identity and security technology vendors aim to offer more cohesive solutions to reduce complexity and improve operational efficiency. In theory, this will mean more tools offering unified or hybrid solutions that don’t distinguish between humans or machines.

This would be a welcome change, given how fragmented identities are today. AI agents should not be managed in siloes, but in the same identity governance frameworks as engineers, their laptops, servers, and microservices. By managing all identities in a single inventory, organizations can achieve real-time visibility and enforce consistent policies across their infrastructure. We launched Teleport in 2020 to address this problem that stems from treating human identities different from software. We’ve always advocated for equal treatment to combat the increasing complexity of infrastructure technology. Treating humans and machines separately leads to identity siloes. By consolidating trusted identities, we eliminate these silos and enhance overall security.

Eliminating passwords becomes a priority for security leaders

Organizations that lead in engineering security will eliminate passwords; for others, passwords will persist as a major headache for security teams.

The amount of identity attacks launched this year shows passwords are clearly a hacker favorite - 99% of the 600 million identity attacks Microsoft logged were password-based.

While our own research in 2024 showed that many organizations see ‘weak passwords’ as a relatively easier attack vector to defend against, passwords will likely continue causing security teams pain in 2025. The proof is in the number of high-profile breaches involving password-based attacks. As long as humans continue to make mistakes, like misplacing static credentials, passwords can be exploited. Combine this with persistent access via standing privileges and hackers can pivot laterally across infrastructure without getting caught.

Eliminating static credentials like passwords in favour of cryptographic authentication will remove the credential attack surface entirely. In the ideal, modern security model, user and machine identities should only ever be based on real-word, physically-based attributes and principles.

Looking Ahead

As we head into 2025, the challenges and opportunities presented by AI agents will shape cybersecurity trends. For AI agents to become a reality, identity security should be at the forefront of the security agenda.

AI agents may represent a new frontier in security, but with the right strategy and technology, they can be integrated securely into our digital ecosystems. Solutions like Teleport play a crucial role in unifying the identity of AI Agents into existing identity and access control frameworks, ensuring they are protected from malicious actors and preventing exploitation of AI identity silos.

To learn more, visit www.goteleport.com.