Artificial intelligence. Passwordless authentication. Quantum computing. As technological advancements like these continue to fuel change, knowing what lies ahead and how to be proactive becomes more important, but also more difficult.
With a combined 80 years in the tech industry, Dashlane’s CEO, CTO, and Head of Innovation all have a deep understanding of how technology, particularly in the cybersecurity space, is developing and changing. Based on this expertise, they’ve developed some key predictions for what tech and business trends we can all expect in 2025.
#1: AI will enable more effective cybersecurity defenses
After three decades of leading high-growth B2B SaaS and communication companies, Dashlane CEO John Bennett knows to keep a close eye on AI advancements. He predicts AI will play an even bigger role in cyberattacks in 2025—but also in cybersecurity defenses.
“Expect commoditization of large-scale attacks, which will require little or no technical expertise,” says John. “Malware and phishing attacks will become harder to detect and increasingly personalized to the target. Cybersecurity companies will offer autonomous detection with the ability to detect in real time coupled with powerful predictive analytic capabilities.”
He also believes 2025 will come with greater focus on supply chain security.
“With the evolving threats increasingly targeting weak links in complex supply chains, we should see an acceleration in successful large-scale attacks. Businesses will need to have improved monitoring, vetting, and collaboration capabilities in place with their vendors.”
$2.2 million is the average amount organizations that use AI extensively across breach prevention workflows save on breach costs compared to those with no AI use in prevention workflows.
#2: Organizations that don’t prepare for quantum computing expose themselves to future risk
Frederic Rivain has spent the last decade of his career as Dashlane’s passionate CTO, and he sees more changes on the horizon for quantum computing as it continues to evolve.
“It’s still unclear when quantum computers will be able to break the current cryptographic primitives we use everyday when accessing online services,” he says, “but the risk is already present. Malicious attackers can store data today with the intent of cracking it in the future (the “harvest now, decrypt later” attack). NIST also recently approved post-quantum algorithms for standardization, so the technology is slowly maturing.”
For 2025, he advises organizations to start developing a quantum threat roadmap.
“Create an actionable roadmap with milestones for migrating to PQC-based systems based on your industry’s specific threat, and plan to allocate future budget for long-term upgrades. Quantum-readiness is a multi-year project, and budgeting for these upgrades now can help ease future financial strain.”
Fred recommends three milestones to include in that roadmap:
- Plan to introduce hybrid cryptographic models, which are hybrid solutions that combine traditional cryptographic methods with quantum-safe algorithms (also called crypto agility). This phased approach can provide an immediate layer of protection while PQC adoption grows.
- Review risks and where your organization uses cryptography to process data or provide your service.
- Stay updated on NIST-approved algorithms, including quantum-safe algorithms in cryptographic infrastructures, where possible to make the transition smoother.
Discover best practices and proactive strategies to protect your organization in 2025. Check out our webinar led by seasoned security leaders, including Dashlane CTO Frederic Rivain.
#3: Confidential computing will transform data privacy
In addition, Fred believes confidential computing will help foster greater data privacy in 2025 and beyond.
“As breaches and data leaks keep happening, organizations processing sensitive data need to invest in stronger solutions to protect their customer data and reduce their risk and liability,” Fred says.
“Confidential computing and cloud secure enclaves offer today the technical capability to process data while maintaining full privacy and ensuring a zero-knowledge approach. By allowing data to be processed in encrypted form within secure environments, confidential computing addresses a critical gap in traditional data protection: the vulnerability of data while in use.”
Fred believes that, as the technology matures and adoption grows in 2025, confidential computing could lead to a future in which privacy by design becomes the standard for businesses and end users.
He anticipates four key benefits:
- Reducing insider threats
- Strengthening data protection and privacy
- Facilitating regulatory compliance
- Preserving privacy
The global confidential computing market was valued at $4.1 billion in 2022 and is projected to reach $184.5 billion by 2032.
#4: Global regulatory changes will differ drastically by region
With governments and regulatory bodies taking a keen interest in encryption and privacy, the global regulatory landscape will evolve. Fred has thoughts on what to expect from different regions of the world.
“It’s going to be a tale of two cities,” he predicts. “While the EU will keep increasing regulatory oversight on the industry through various regulations such as the EU Cybersecurity Act, both the U.S. under a Trump administration and China will probably keep a stance with very limited regulatory control for the foreseeable future. Without more consumer pressure, it will probably come down to organizations to choose. But, this will probably not benefit consumers and will put their data even more at risk.”
Fred foresees governments worldwide, especially in the U.S. and some Asian countries, likely continuing to press for backdoors in encrypted communications to monitor criminal activity. Such a push may intensify if cybercrime, terrorism, or misinformation continue to escalate.
“Protectionism may influence things as well. Countries like India, China, and Russia have already implemented strict data localization policies, and this trend may grow in other regions. The EU and Latin America could expand their own localization requirements in response to political pressures and economic factors.”
He adds, “With the rise of AI, we’ll likely see an increase in AI privacy regulations, but yet again that could be very different depending on countries, with the U.S. deciding to have minimal regulation while the EU is much stricter.”
#5: Passkeys will transform the e-commerce and finance industries, and others will follow
Rew Islam is the Director of Product Engineering and Innovation at Dashlane, with over 20 years of software development experience. As a trusted source on passkeys and passwordless authentication, he predicts passwordless technology will impact industries and regions at varying rates. This fits with the data in this year’s Passkey Report, which noted that industries like e-commerce and finance are driving passkey usage.
“As in-car technologies evolve, there will be automotive and payment use cases that could benefit from passkeys,” shares Rew. “I expect in-car entertainment and commerce to increase and with it the need for secure authentication. This year, we saw that Mastercard has invested in passkeys for payments, and we will probably see other payment solutions looking to adopt passkeys due to the ease of use and security benefits.”
#6: Passkeys will reach a tipping point
Passwordless authentication methods like passkeys continue to surge in popularity, but they haven’t yet hit the mainstream. Next year, we could reach a tipping point, but that depends on a few factors, according to Rew.
“Passkeys are currently at the early adopter stage,” he shares. “To reach the early majority, more sites would need to adopt passkeys. We are seeing a continual increase in passkey adoption, with passkey use with Dashlane growing to nearly 500k authentications per month, a 6x increase since 2023. What could push things over the tipping point would be syncable passkeys coming to Microsoft Windows, which is expected in 2025."
He expects data portability to aid passkey adoption as well.
“There’s the question of, ‘Can I keep my passkeys with me?’” Rew says. “The good news is that we expect all passkey providers to adopt the new FIDO standard for credential exchange in 2025, if not sooner. All these developments point to a concerted industry effort to make passkeys a success. I expect broad adoption of passkeys in 2025, but it may not ‘cross the chasm’ entirely until 2026.”
Lots of change means lots of opportunity, like the chance to use innovative technology to be proactive, protect every employee’s credentials, and enforce strong security standards—making 2025 your best year yet.
Go beyond password management to achieve proactive credential security. Learn more about how to get started today.
Sign up to receive news and updates about Dashlane
