2024 Year in Review: Part II - NightDragon Portfolio CEO Perspectives on Market Trends and Future Predictions

As part of our year-end content series, we asked the CEOs and top leadership of NightDragon’s portfolio to share reflections on 2024 and predictions and insights on what’s to come in 2025.

If you missed part one, you can read it here. Check out below for additional insights from our top leaders.

HUMAN CEO, Stu Solomon — In 2025, the combination of artificial intelligence and cybercrime will transform the threat landscape. Large-scale bot operations will continue to enable fraudsters to carry out automated attacks with unprecedented speed and sophistication. Digital advertising, content publishing, and customer accounts will become key battlegrounds as AI-driven tools enhance the scale of fraud, account takeovers, and synthetic identity creation. New hybrid monetization models on AI chatbot platforms will become targets for exploitation. 

Meanwhile, traditional defenses, such as image-based CAPTCHAs, have become ineffective. Businesses must prepare for this new reality by adopting advanced cybersecurity solutions to maintain trust and ensure the authenticity of digital interactions in an increasingly automated world. Learn more in “The Hidden Hand of AI: How Bots Shape Cyber Threats in 2025. 


Dataminr VP of Product Management, Cyber, Shimon Modi— Domain-specific AI models will bring significant value to cybersecurity teams in 2025. As corporations realize that AI’s greatest potential lies in domain-specific workflows and applications rather than generalized one-size-fits-all solutions, the technology will start delivering recognized value to cybersecurity teams. In the face of increasingly sophisticated cyber threats, teams will lean on AI to identify patterns within vast stores of security data, enabling more effective prevention and mitigation and real-time detection — saving time and resources. The rise of AI agents will mean more support for security teams with automated response, reducing the likelihood of harm.  

Attackers will continue to rely on existing attack methodologies rather than using AI to create and widely deploy more sophisticated attacks. Following historic precedent, we could assume that cybercriminals would use AI to create increasingly advanced attacks. However, that will not be the case because existing attack methods like phishing are incredibly effective. Attackers won’t want to spend time developing a more sophisticated AI attack technique when the ROI from their current methods is so high. Rather, cybercriminals will use AI to conduct their tried and true attacks like phishing at a much faster rate and much larger scale. 


Paul's header photo

iBoss CEO, Paul Martini — 2024 was a major year for SASE, or Secure Access Service Edge, which consolidates networking and security functions into a cloud delivered service. The idea of leveraging a large number of network appliances and various network security point products for malware defense and data loss prevention is no longer a sustainable strategy from the perspective of complexity, cost, and management overhead. The consolidation of SD-WAN, ZTNA VPN replacement, and Secure Internet Access accelerated as well with a drive toward consolidation. The vast amount of visibility SASE provides has also accelerated the use of AI to identify and remediate compliance and security threats within an organization. 


ThreatConnect General Manager, Risk Products, Jerry Caponera — John Chambers,  the former CEO of CISCO, declared 2023 the “year of Cyber Risk Quantification”. While his prognostication might have been early, the market for cyber risk quantification (CRQ) is expected to evolve significantly in 2025. The key evolutions we’ll see in 2025 are less talk about methods and models and more more focus on operationalizing CRQ by embedding outputs into existing security tools and processes. 

Embedding CRQ into a company’s security ecosystem – including GRC, EDR, SIEM, Vulnerability Management, Threat Intelligence and more – can provide immense benefits for analysts making critical decisions on items that directly affect a company’s cyber risk. Knowing which CVE to patch or which threat to hunt should be informed by the financial risk they bring to the organization. CRQ can and should be used by all teams within the security organization, from the board to the analyst, and that feedback loop will help define, measure, and remediate cyber risks before they become cyber events.  2025 is the year CRQ becomes operationalized throughout an organization. 


Interos CEO, Ted KrantzAttack Surface Management: As global interconnectivity deepens, the scale and speed of cyber breaches ripples across the globe quicker than ever, amplifying the “blast radius” of attacks. In the first 10 months of 2024, 15,137 companies were impacted by reported cyber attacks, according to interos data. This multiplied out to 1.3 million tier 1 suppliers, 3.1 million tier 2 suppliers and 3.8 million tier 3 suppliers. As today’s supply chains rely more heavily on networks with many tiers of suppliers, the expanded attack surface of businesses must be approached with more diligence. In 2025, organizations must adopt advanced attack surface management strategies to gain visibility into their entire supplier networks to fully assess their exposure to cyberattacks. 

These strategies include uncovering hidden supplier relationships, evaluating the cyber vulnerabilities of both direct and sub-tier suppliers, and assessing a broad spectrum of risk categories. Companies will also focus on identifying over-reliance on single suppliers and visualizing geographic clusters to mitigate cyber risks when they are impacted. By embracing these measures in the upcoming year, organizations can reduce their exposure to cyber threats, protect their digital supply chains, and ensure resilience in an era of ever-expanding cyberattack surfaces.  


Claroty, Chief Strategy Officer, Grant Geyer A Shift in Perspectives on the Cloud by Industrial Organizations: While there has historically been a reticence by industrial enterprises to connect their production facilities to the cloud, we expect to see a dramatic shift in 2025. As organizations recognize that they can gain competitive advantages and efficiencies by leveraging the public cloud for various services, openness to adopting cloud-delivered cybersecurity offerings will follow suit. While there has been a historic resistance to connect OT environments to IT or the cloud, we believe that the industry will achieve escape velocity in 2025. As the same advantages for SaaS-based IT offerings also apply to OT, this sentiment will shift across the industry. The exceptions to this shift will only be dependent on data sovereignty, legislative and regulatory restrictions. Ultimately, we believe this will yield better outcomes for OT engineering and cybersecurity teams alike.  


This blog is the second in our series of year-end content. Keep an eye out for more upcoming articles from our portfolio leaders!