Centric Consulting’s cybersecurity leaders shared their expertise in SecurityWeek’s Cyber Insights 2025 series, offering valuable perspectives on artificial intelligence, CISO challenges, and API security.
The report highlights trends and expert opinions on the potential evolution in areas that impact cybersecurity this year. Here’s what our experts had to say:
AI’s Evolution in Cybersecurity
Joseph Ours, AI Strategy Director, provided key insights on the future of artificial general intelligence (AGI). The article notes that the crux of AGI is that it will be “capable of independent reasoning — able to perform any intellectual task that a human mind can perform.” However, the author mentions that not everyone is convinced.
“I think it’s possible, but AGI isn’t just around the corner like some people think,” Ours said. “True intelligence isn’t just about processing data — it’s about understanding context, learning across different domains, and making creative connections that aren’t explicitly programmed.”
Ours shared the perspective that AGI will not become a reality in 2025.
API Security Challenges
Senior Manager of Cybersecurity Brandyn Fisher shared insights on the growing complexity of API security in 2025, including IoT device integration, new tools, and common pain points organizations experience.
“We’re seeing more IoT devices and cloud systems communicating via APIs, and with low-code/no-code solutions, anyone can build an API,” he said. “The problem is they’re often built insecurely, without proper testing, and people mistakenly think obscurity provides security.”
Fisher also outlined three critical pain points: vendor management, identity and access management, and AI-driven social engineering, and noted that leaders should stay focused on the basics over simply buying the newest tools.
“Focus on basic cybersecurity hygiene,” he said. “Follow the OWASP guidelines for API security, including standards for data sanitization and permission setting. These basics will be more effective than just buying the latest security tools.”
CISO Stressors and Outlook
Fisher also discussed the CISO outlook, which remains murky for 2025. Beyond technical expertise, CISOs are expected to have a variety of experience and responsibilities, soft skills, and more.
The article shares issues surrounding regulations, artificial intelligence, social engineering, authority and responsibility, budgets, and more.
In 2025, the author notes there will be a shift toward “‘resilience’ as the aim of security.” Fisher said that the concept is not new. “The concept relates to being prepared for inevitable attacks through proper backups, ransomware readiness, and response processes,” he said. “While it’s being presented as new, it’s really a rebranding of existing security fundamentals.”
Regardless, planning and recovery for any disruption will remain key to the CISO’s role this year.
As cybersecurity continues to evolve, organizations must understand and prepare for challenges while focusing on the fundamentals. Read the full series in SecurityWeek.