Extended detection and response company Vectra AI has released its 2025 security predictions for Australia and New Zealand, highlighting the significant role artificial intelligence will play in cybersecurity and the growing focus on achieving measurable results.
Cybersecurity remains one of the top investments for CIOs in 2025. As organisations integrate AI capabilities into their core operations, they are increasingly focused on accessing the business value of these investments. These predictions aim to assist CISOs in effectively allocating resources and anticipating potential attack vectors in 2025.
However, Vectra AI warns of growing fatigue with AI co-pilots as Australasian organisations grapple with high costs and a lack of demonstrated value. “Many are adopting AI tools without understanding their purpose, leading to confusion about how these solutions address specific pain points,” said Vectra’s Regional Director Chris Fisher.
“While AI has tremendous potential, it is often misrepresented as a panacea for cybersecurity challenges. Organisations must rethink their strategies to effectively utilise AI for real issues, focusing on outcomes rather than just technology,” he said.
Fisher also highlights the increasing use of AI by threat actors. “Attackers are increasingly using AI to enhance phishing campaigns and exploit zero-day vulnerabilities, such as those in Palo Alto Networks and Cisco Systems, in security tools. This raises concerns about new vulnerabilities, particularly regarding identity theft,” he said.
Fisher believes that legislative reforms like Australia’s new Cyber Security Act will drive innovation in security tools, pushing organisations to adopt solutions that deliver tangible results.
“By focusing on practical applications and regulatory compliance, organisations can enhance their security posture and better protect against evolving threats,” he said.
Lastly, Fisher comments that the marketing hype surrounding AI in cybersecurity has reached a peak, with many companies claiming AI capabilities without delivering on their promise.
“Organisations must implement rigorous testing to differentiate between genuine AI advancements and mere marketing buzz, ensuring they achieve real security improvements,” he said.
Vectra AI’s 2025 predictions include:
- Prediction 1 – Fatigue and confusion around the overuse of the term “AI” will push vendors to focus on demonstrating value: The initial excitement about AI in cybersecurity will fade, leading to disillusionment among security leaders. While 89% plan to adopt more AI tools, there’s cautious optimism due to concerns about increased workload. Organisations in Australia and New Zealand must move beyond vague promises of AI-driven security to deliver tangible results like faster threat detection and improved accuracy. AI is a toolset, not a one-size-fits-all solution. Understanding specific challenges is crucial. Cybersecurity is about minimising risks and preparing for threats. Good hygiene and proactive threat response are essential.
- Prediction 2 – Attackers are using AI to exploit vulnerabilities in security tools: Attackers will increasingly leverage AI to gather intelligence at scale, significantly enhancing their effectiveness in targeting victims, particularly in phishing campaigns where they refine their lures. When infiltrating environments with tools like CoPilot, they can exploit these resources against organisations. This year has seen a shift from targeting users to exploiting vulnerabilities in security tools, particularly zero-day vulnerabilities. Attackers will always seek the path of least resistance, making defensive AI critical, but its effectiveness relies on intentional deployment strategies.
- Prediction 3 – Focus on regulatory compliance overwhelms the defenders and provides advantages to the attackers: The growing emphasis on regulatory compliance will overwhelm defenders, giving attackers an advantage. Security teams are stretched thin, prioritising compliance at the expense of dynamic threat detection. This checklist mentality can hinder the development of a proactive security posture. By 2025, attackers are likely to exploit this imbalance further.Across Australia and New Zealand, compliance is evolving into a proactive necessity. Initiatives like the new Cyber Security Act and APRA’s CPS 230 prudential standard operational risk management are encouraging active adversarial testing and collaboration between government and private sectors, linking compliance to effective security. Organisations that feel overwhelmed by compliance assessments may need to reassess their preparedness, highlighting the importance of a robust security posture.
- Prediction 5 – Identity will remain a critical attack vector: Identity-based attacks will be a major concern in 2025, with attackers leveraging the dark web and GenAI to enhance phishing and business email compromise. Organisations must prioritise continuous testing for identity compromises, using dedicated red teams or third-party services, rather than relying solely on annual assessments. Open-source tools can simulate identity compromises, helping organisations prepare for real threats. As Generative AI becomes more prevalent, robust identity management and security practices are essential to prepare for these evolving attacks.
- Prediction 6 – Enterprise breaches will be traced back to AI agent abuse: Agentic AI will increasingly analyse attack surfaces and existing threats, providing context and detecting natural-language based threats like phishing, which traditional models struggle with.As reliance on these sophisticated tools grows, organisations must prioritise the security and responsible use of their AI systems. Implementing robust safeguards and ethical guidelines will be essential to prevent misuse. Ultimately, integrating of agentic AI will enhance threat detection but foster a proactive security culture, enabling organisations to stay ahead of evolving cyber threats and better protect their critical assets.
As AI continues to evolve, organisations must stay ahead of emerging threats by adopting strategic, outcomes-focused approaches to cybersecurity. Proactive measures, such as real-time threat detection and actionable insights, are essential for optimising resources and effectively mitigating risks in an increasingly complex digital landscape.
