As 2025 enters its final stretch, it is already time to take stock of cyber threats, major incidents highlighted in the media, and the looming risks expected to shape 2026.
As 2025 draws to a close, it is already time to reflect on cyber threats, high-profile incidents reported in the media, and the emerging dangers of 2026 on the horizon.
The term “AI” (Artificial Intelligence) is on everyone’s lips — even among those who understand little about it but, faced with a revolutionary “human–machine interface” (the GenAI prompt), proclaim themselves “AI experts or consultants.”
It is true that prompting is seductive, that the answers produced by generative AI are appealing (even if they are sometimes overly agreeable or simply incorrect), and that expectations around AI-driven productivity gains are extremely high.
In cybersecurity, AI is causing as much excitement — and concern — as in other fields. It is used both in defensive tools and in new solutions developed, maintained, and exploited by hackers. But that is not all: AI has also become a prime target. Once infiltrated, corrupted, or diverted from its original purpose, it can turn into a particularly insidious threat for everyday users, who tend to trust it blindly.
The first cases of automated data exfiltration through prompt injection have already emerged and are likely to multiply.
This trend has even led the Gartner Group to publish a “Hype Cycle for AI & Cybersecurity.” As with many AI-related expectations, disillusionment is inevitable, eventually giving way to truly value-adding use cases such as ML-based anomaly detection.
Rightly or wrongly, Europe has been extremely prolific in issuing regulations that directly or indirectly impact cybersecurity: NIS2, the Cyber Resilience Act (CRA), the AI Act, and more.
Belgium, under the leadership of the CCB (Belgian Cybersecurity Centre), transposed the NIS2 directive into national law with remarkable speed (already in 2024). This was done in a constructive manner: beyond legislation, the CCB also provided a framework, tools, guidance, and services to help all NIS2-regulated entities effectively implement compliance.
In 2025, the CCB updated its CyFun (Cyber Fundamentals) framework, introducing improvements such as better integration of ICS/OT specificities in industrial automation environments. Beyond CyFun 2025, the CCB also allows companies affected by supply chain security requirements to adopt a simplified yet essential version of the framework — CyFun Basic — ensuring a minimum level of operational resilience.
However, while legally impacted by these regulations, many companies struggle with time constraints, compliance sequencing, or simply a lack of human and financial resources to implement them — all within an economic context marked by GDP growth of barely 1%, effectively stagnation.
The wave of legislation discussed above must be considered alongside the economic cost of cyberattacks. The year 2025 provided striking examples of massive economic impact resulting from large-scale cyber incidents. Two particularly illustrative cases stand out:
If the true economic cost of cyberattacks were systematically assessed — taking all impacts into account — the term “investment” in cybersecurity might finally replace “expense” or “budget.”
The few available reports on cyberattack costs are already highly revealing and confirm a well-known proverb: prevention is better than cure.
Cyber resilience regulations therefore make perfect sense when one considers that, ultimately, it is citizens and businesses who bear the cost through direct and indirect taxation.
The CCB’s CyFun framework emphasizes the importance for organizations to manage cyber risks related to their product and service suppliers. As a result, SMEs are discovering that NIS2 impacts them indirectly. History has shown that suppliers can be the source of major cyber incidents: think of Stuxnet, introduced via a maintenance provider, or SolarWinds, whose compromised update propagated malware to its entire client base.
More recently, however, an even more insidious case emerged: the hacking of cybersecurity company F5.
Hackers reportedly infiltrated F5’s systems for years, allowing them to identify zero-day vulnerabilities after downloading part of the source code of one of its security solutions. This could have enabled them to compromise the infrastructures of F5’s clients, including large corporations and government agencies.
When taking a step back, one uncomfortable word emerges: trust. If trust in specialized cybersecurity vendors is undermined, whom can we trust?
According to official communications, the attack appears to have been attributed to a nation-state.
The concept of “Zero Trust,” often used as a marketing term in the industry, should therefore be applied with utmost rigor by all customers.
In this case, the term “supply chain attack” fully lives up to its meaning.
Most people have heard of quantum computing. Without attempting to oversimplify a topic even more complex than AI, one key consequence for cybersecurity should be noted: current cryptographic algorithms will eventually become obsolete once quantum computing becomes widespread. This is why post-quantum cryptography is gaining increasing attention.
For some, this may come as a revelation — yet anyone responsible for cybersecurity knows that the lifespan of cryptographic algorithms has always been limited.
At first glance, nothing new under the sun. However, one critical question remains: will the processing power of chips in our devices be sufficient to handle these new algorithms?
Past experience has shown that deploying stronger security solutions often required the outright replacement of existing equipment.
Much more could be said about 2025, but it is clear that — much like 2015 — it stands out as a pivotal year.
Ultimately, isn’t adaptability one of the core qualities expected of those responsible for cybersecurity?
Yes, adaptation is essential:
In short, disruption demands extreme agility in a world that keeps accelerating.
MCG conducts continuous cybersecurity technology monitoring, enabling us to advise and guide our clients, strengthen their resilience, and help them progress — while allowing them to stay focused on their core business.
