Cybersecurity considerations 2025

As the digital landscape continues to evolve, cybersecurity remains a critical priority for businesses worldwide. The KPMG 2024 Global CEO Outlook reveals that CEOs now rank cybersecurity as the top business threat over the past decade, underscoring the urgency for organizations to integrate cybersecurity into their operations. The growing impact of emerging technologies also brings an increase in cyberattacks and malware, making it essential for organizations to enhance their defenses and manage cybersecurity risks effectively.

In Malaysia, cybersecurity is a key national priority, with the government implementing stronger regulatory enforcement, cross-ministry collaboration, and public-private partnerships to boost national cyber resilience. At the same time, the ASEAN region is intensifying its efforts to combat cyber threats, emphasizing regional cooperation to safeguard digital economies. With Malaysia and ASEAN increasing investments in digital infrastructure and accelerating data center expansion, organizations must proactively defend their operations, integrate cybersecurity, and address potential security risks.

Our Cybersecurity Considerations 2025 report outlines eight key priorities for managing cybersecurity risks, including implementing cyber fraud prevention strategies and mitigating cyber risk exposure. As cyber threats continue to evolve, organizations that embed these considerations into their cyber defense strategies will be better positioned to thrive in an increasingly digital world.

Explore the eight key cybersecurity considerations for 2025

The ever-evolving role of the CISO

What CISOs and their teams focus on, and how they interact with the rest of the organization is fluid, as the cybersecurity function becomes more broadly embedded within and better understood across the organization.

Platform consolidation: Embrace the potential but recognize the risks

Increasingly, many global organizations are looking to reduce the complexity and cost of their technology. Organizations that choose to do so by consolidating tools and services on to a single, or a limited number of platforms should seek to identify and navigate the inherent risks.

The power of the people

As organizations continue to transform their business models in the face of new digital disruptions, many are experiencing real challenges around workload, which is exacerbating the long-discussed cyber skills gap. AI and automation can help, but there is an underlying risk of talent attrition as many teams struggle to cope.

The digital identity imperative

Although there are several initiatives around digital identity sprouting up worldwide, interoperability between systems and enhanced authentication due to the emergence of deepfakes remain challenging, whether because of regulations, risk appetite, and/or public opinion regarding the processing of personal and biometric data.

Embed trust as AI proliferates

AI is here to stay and has a place in virtually every organizational function, but there are a number of key cyber and privacy challenges that have the potential to affect the adoption and deployment of AI.

Smart security for smart ecosystems

The rise of smart devices and products worldwide is challenging and changing traditional views and approaches toward security, prompting many regulators to introduce new regimes to ensure these products meet basic security requirements.

Harness AI for cyber: Racing ahead vs racing safely

Many factors appear to be contributing to the buzz around AI adoption, from a lack of training to the fear of missing out and possibly falling behind. A key challenge is weighing the potential benefits of integrating AI into cyber and privacy functions against the potential risks.

Resilience by design: Cybersecurity for businesses and society

Organizations should find a way, from the CISO on down, to create a broad, holistic culture of resilient security throughout their enterprise and with the aim of ensuring all stakeholders are on the same page.