1 min Reading Time<\/p>\n
2025 was a year of regulation, AI-driven attacks, and the realization that cyber resilience is not just an IT problem, but a matter of corporate governance. DORA came into force, the first NIS2 fines were issued, and AI has changed both attack and defense methods.<\/strong><\/p>\n 2025 was the most densely regulated year in EU cybersecurity history. DORA has been fully applicable since January – and the first supervisory authorities have begun conducting checks. NIS2 has produced its first fines in several member states, primarily due to non-compliance with reporting obligations.<\/p>\n The EU AI Act has been in force since August 2024. The high-risk AI requirements also affect cybersecurity tools – AI-based anomaly detection, facial recognition in security systems, and automated access control fall under strict requirements. This kept compliance departments busy in 2025.<\/p>\n AI changed the attack landscape in 2025: not through new attack vectors, but through increased efficiency and scalability. Phishing campaigns that previously took weeks now run in hours. Voice cloning attacks have moved from the “advanced APT” realm to “organized crime.”<\/p>\n Supply chain attacks remain a dominant pattern: At least two major incidents in 2025 occurred through compromised third-party software, similar to MOVEit in 2023. Awareness of third-party risks is increasing – but the implementation of third-party risk management is lagging behind.<\/p>\n Start Crypto Migration:<\/strong> PQC inventory and roadmap are mandatory for all critical infrastructures in 2026. Anyone who wants to be ready by 2030 needs to start in 2026.<\/p>\n AI Security Operations:<\/strong> AI-powered SIEM, automated threat-hunting routines, and AI-based anomaly detection become standard in 2026. Anyone not planning an AI-augmented SOC will fall behind attackers.<\/p>\n Identity as Perimeter:<\/strong> Zero Trust Identity – passkeys, continuous authentication, device trust – is the security concept that will finally replace old perimeter security in 2026.<\/p>\n Manage Regulatory Fatigue:<\/strong> NIS2, DORA, AI Act, CRA – the compliance burden is increasing. Companies must establish integrated GRC approaches (Governance, Risk, Compliance) instead of handling each regulation in a silo.<\/p>\n DORA Effective Date:<\/strong> January 2025 – first compliance checks are underway<\/p>\n NIS2 First Fines:<\/strong> Several EU member states issued first fines in 2025<\/p>\n AI-Driven Phishing Rate:<\/strong> Estimated 40% of all phishing emails in 2025 were AI-generated<\/p>\n NIST PQC Finalized:<\/strong> August 2024 – migration planning in 2025\/2026 is critical<\/p>\n Ransomware Payments 2025:<\/strong> Decrease by ~10% due to law enforcement actions (preliminary)<\/p>\n Fact:<\/strong> The BKA (Federal Criminal Police Office) registered over 136,000 cases of cybercrime in Germany in the 2025 Federal Cybercrime Report – an increase of 12% compared to the previous year.<\/p>\n Fact:<\/strong> ENISA Threat Landscape 2025: Ransomware remained the most common attack type in the EU with 34% of all reported incidents.<\/p>\n The implementation of DORA in January 2025 was the most significant regulatory event. Technically, AI-scaled supply chain attacks and voice deepfake BEC cases were the defining patterns.<\/p>\n Initial signals: Yes. The reporting rates for security incidents have increased in NIS2-mandated sectors – also because companies know that not reporting can be more expensive than reporting. Long-term compliance effects are still difficult to measure.<\/p>\n On the attack side: increased efficiency in phishing, social engineering, and vulnerability scanning. On the defense side: better anomaly detection, faster threat intelligence analysis. The net effect is unclear – but companies without AI in their defense are at a growing disadvantage.<\/p>\n Three priorities: 1. Create a PQC inventory and roadmap. 2. Develop identity-centric security (passkeys, continuous authentication). 3. Plan and budget for an AI-augmented SOC. Additionally: integrate regulatory requirements into a unified GRC framework.<\/p>\n Law enforcement actions against LockBit, AlphV\/BlackCat, and others had short-term effects – infrastructure taken offline, arrests. But the RaaS ecosystem is resilient: new groups emerge, affiliates switch. Long-term, prevention and resilience are more important than relying on law enforcement successes.<\/p>\n \u2192 DORA in Practice: First Experiences from the Financial Sector<\/a><\/p>\n \u2192 Post-Quantum Cryptography: Why Companies Need to Act Now<\/a><\/p>\n Tech Outlook 2026: mybusinessfuture.com<\/a><\/p>\n Security for Executives: digital-chiefs.de<\/a><\/p>\n cloudmagazin<\/a> | MyBusinessFuture<\/a> | Digital Chiefs<\/a><\/p>\n Header Image Source: Pexels \/ Kindel Media<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"2025 was a year of regulation, AI-driven attacks, and the realization that cyber resilience is not just an IT problem, but a matter of corporate governance. DORA came into force, the first NIS2 fines were issued, and AI has changed both attack and defense methods. TL;DR DORA live since January 2025: […]","protected":false},"author":8,"featured_media":3616,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_yoast_wpseo_focuskw":"cybersecurity","_yoast_wpseo_title":"Cybersecurity 2025: The Year in Review - Incidents, Trends, Lessons","_yoast_wpseo_metadesc":"Cybersecurity 2025: Key incidents, AI threats & regulatory shifts revealed\u2014learn how to strengthen resilience and stay compliant. Read the full review now.","_yoast_wpseo_meta-robots-noindex":"","_yoast_wpseo_meta-robots-nofollow":"","_yoast_wpseo_meta-robots-adv":"","_yoast_wpseo_canonical":"","_yoast_wpseo_opengraph-title":"","_yoast_wpseo_opengraph-description":"","_yoast_wpseo_opengraph-image":"","_yoast_wpseo_opengraph-image-id":0,"_yoast_wpseo_twitter-title":"","_yoast_wpseo_twitter-description":"","_yoast_wpseo_twitter-image":"","_yoast_wpseo_twitter-image-id":0,"_evm_translation_lang":"","featured_post":0,"featured_post_sortierung":0,"_wp_old_slug":["post_id-3617"],"footnotes":""},"categories":[251],"tags":[],"class_list":["post-7327","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"evm_reading_time_minutes":5,"wpml_language":"en","wpml_translation_of":3617,"_links":{"self":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts\/7327","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/comments?post=7327"}],"version-history":[{"count":3,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts\/7327\/revisions"}],"predecessor-version":[{"id":10048,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts\/7327\/revisions\/10048"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/media\/3616"}],"wp:attachment":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/media?parent=7327"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/categories?post=7327"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/tags?post=7327"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}TL;DR<\/h2>\n
\n
Regulation 2025: DORA, NIS2 Fines, AI Act<\/h2>\n
Attacks 2025: AI as a Multiplier<\/h2>\n
Outlook 2026: What’s a Priority Now<\/h2>\n
Key Facts at a Glance<\/h2>\n
Frequently Asked Questions<\/h2>\n
What was the biggest cybersecurity event in 2025?<\/h3>\n
Do NIS2 fines have a deterrent effect?<\/h3>\n
Has AI done more harm or good (attack vs. defense)?<\/h3>\n
What should a CISO prioritize for 2026?<\/h3>\n
Have ransomware groups really been weakened in 2025?<\/h3>\n
Further Articles on the Topic<\/h2>\n
Further Reading in the Network<\/h2>\n
Related Articles<\/h2>\n
\n
More from the MBF Media Network<\/h2>\n