Proton
The cover image for Proton blog about cyberthreats businesses will face in 2025, showing a webpage, a mask, and an error message hanging on a fishing hook

For years, we’ve been writing about the risk that cybersecurity threats present to businesses. Cybercrime is on the rise, and businesses stand to lose more than individuals do. In this article, we’ll examine the key cybersecurity threats businesses will face in 2025, and how to combat them.

Cybersecurity threats: 2024 in retrospect

A number of high-profile cybersecurity incidents indicated a growing trend of targeted attacks. In January, a Russian state-sponsored hacker group known as Midnight Blizzard(new window) breached Microsoft’s corporate systems. In the aftermath, it emerged that the group was attempting to log into US federal agency cloud accounts to steal sensitive data.

In another incident, more than 2.7 billion Americans may have had personal data leaked by a data breach affecting National Public Data(new window), a background check company. The data includes names, addresses, dates of birth, Social Security numbers and phone numbers. A hacker group known as USDoD claimed to be selling the information, which included data from the US, the UK, and Canada. While not all of the information was found to be accurate, the warning is stark: Cybercriminals are attempting to acquire personal data to sell, most likely to data brokers. These attacks signal an increase of targeted attacks on personal data through business infrastructure.

Not only corporations and governments are being targeted: 2,825 businesses of all sizes in the US reported to the Internet Crime Complaint Center that they were affected by ransomware alone in 2024(new window), a 22% increase from 2022. Small businesses are less likely to be able to recover from the impacts of a cybersecurity threat due to the resources they have access to. 89% of small businesses surveyed by KPMG(new window) that have been affected by a cyber breach reported that it impacted their reputation, with a further 93% reporting that their ability to operate was impacted.

What does an increase in cybersecurity threats mean?

Businesses that have been impacted by a cybersecurity threat risk their reputation, as well as their financial security and may face legal consequences. 

Many countries, including the US(new window) and Australia(new window), are introducing more stringent cybersecurity regulations for businesses. In the UK, GDPR requires that businesses protect personal data with adequate technical safeguards, such as encryption. The onus will be on businesses to prove they’re storing data securely, regularly assessing risk to their infrastructure, and actively creating an incident response plan.


According to new research from Fastly(new window), businesses affected by cybersecurity incidents take an average of 7.3 months to recover. This is “25% longer than expected and over a month past the anticipated timeline of 5.9 months.” This might not be a survivable period of time for a small business, taking into account the financial losses and potential legal ramifications of a cybersecurity incident.

Looking ahead to 2025

If you aren’t aware of the most prevalent risks on the business landscape right now, don’t worry. Here are the four most common cybersecurity threats and how you can prevent falling prey to them.

Weak passwords

A weak password is a cybersecurity threat that occurs within your business infrastructure, rather than from outside of it. Employees using weak passwords, or reusing the same passwords, presents cybercriminals with the opportunity to easily gain access to multiple accounts using a dictionary attack

Weak passwords expose your business to many risks including data breaches. A data breach can greatly impact trust in a business, as they’re often caused by a lack of adequate defence. Between 2022 and 2023, AT&T(new window) was made aware of a data breach affecting 10m of its customers. The cybercriminals were able to access the business’s cloud data storage platform Snowflake thanks to a lack of enforced strong password requirements and multi-factor authentication (MFA) within AT&T.


MFA, or two-factor authentication (2FA) as it’s also known, is an excellent mechanism to prevent unauthorized access to the tools your employees use. 2FA ensures that an employee verifies their identity using an additional method beyond a traditional password, such as a fingerprint or a code generated from an authentication app. Enforcing 2FA for all employees is one of the best passive ways to improve your business’s cybersecurity.

Phishing

Phishing is a tactic scammers use to trick people into sharing logins to their online accounts. For example, a scammer might contact you via email posing as Amazon customer service to tell you that your account has been frozen. In order to verify your identity and unlock your account, they might ask you to share your date of birth, credit card number, or account password.

If you share that information, they’ll be able to use it to access your accounts. This could mean impersonating you to your bank and withdrawing money or making large purchases online. Once the money is gone, it’s unlikely you’ll be able to reclaim it.

Phishing within a business is even more dangerous, as the financial risks are much higher. If an employee uses a weak password which is then phished by a scammer, the scammer could only potentially gain access to one platform as opposed to multiple platforms if that password has been reused. The scammer can then access your work infrastructure because of the weak personal password of one employee.


Enforce a strong password policy within your business to minimize the risk and impact of phishing. This means creating a different password for each platform.Helping employees manage multiple passwords means using a secure password manager, a tool that helps them generate, store, and autofill their passwords securely.

Ransomware

Ransomware is the weapon of choice for cyber extortionists: It’s a form of malware(new window) that encrypts the data stored on your computer, and demands a payment in return for regaining access. 

Some ransomware attacks have become infamous. Change Health(new window), a health tech company owned by UnitedHealth, was affected by a high-profile ransomware attack in February 2024. Records of more than 100 million people were exposed, making it one of the largest data breaches in history. The hackers collected personal, financial, and other sensitive information and demanded (and ultimately were paid) $22 million. It isn’t clear if the data was ever deleted, meaning it still could have ended up on the dark web.


Preventing ransomware means putting a strong defense system in place. Performing regular data backups can ensure you have access to data even if you lose access to one of your systems. Monitoring your network traffic and your employee logins for unusual activity can also help you identify an intruder in your network before they’re able to cause any harm.

Arm your business against cybersecurity threats with Proton Pass

You don’t need to be a cybersecurity expert to protect your business. All you need are the right tools used the right way, and you’ll be able to reduce risk and proactively monitor for threats.

Proton Pass for Business is designed for employees with any level of tech experience. It’s an end-to-end encrypted password manager that improves security and collaboration for businesses of all sizes. With a Proton Pass for Business Plan you get access to: 

  • Enforceable team policies that help you help employees to strengthen their accounts with mandatory 2FA and prevent data being shared outside your business.
  • Dark Web Monitoring, which regularly checks the dark web for your employees’ personal information, informing you if any employee is affected by a data breach.
  • Secure vault sharing, a way to store passwords and logins in a curated vault, granting or revoking access as needed.
  • A built-in 2FA authenticator that provides an extra level of security with no extra work for every employee.
  • Using activity logs, you can make sure no unauthorized access is granted to your business accounts.
  • Proton Sentinel, our advanced security program, challenges suspicious login attempts and escalates any attempts to our security analysts.

If you’re ready to start 2025 with the right approach to cyberthreats, see which Proton Pass for Business plan is right for you.

Protect your passwords
Vytvořit účet zdarma

Related articles

The cover image for a Proton Pass blog comparing SAML and OAuth as protocols for business protection
en
SAML and OAuth help your workers access your network securely, but what's the difference? Here's what you need to know.
Proton Lifetime Fundraiser 7th edition
en
Learn how to join our 2024 Lifetime Account Charity Fundraiser, your chance to win our most exclusive plan and fight for a better internet.
The cover image for a Proton Pass blog about zero trust security showing a dial marked 'zero trust' turned all the way to the right
en
Cybersecurity for businesses is harder than ever: find out how zero trust security can prevent data breaches within your business.
How to protect your inbox from an email extractor
en
Learn how an email extractor works, why your email address is valuable, how to protect your inbox, and what to do if your email address is exposed.
How to whitelist an email address and keep important messages in your inbox
en
Find out what email whitelisting is, why it’s useful, how to whitelist email addresses on different platforms, and how Proton Mail can help.
A graphic interpretation of a block of how many gigabytes in a terabyte
en
Learn how many GB are in a TB and discover the best way to securely store and share your files — no matter their size.