The day finally came. After months of preparation and coverage of the various sessions happening at the #TECHSUPERSHOW, Enterprise Cybersecurity Expo 2025 kicked off with a no-nonsense discussion on the threat landscape, where industry experts laid out what organizations should fear most in the coming year.

I had the honor to moderate a panel titled “Cybersecurity 2025: The State of Cyber Threats,” which featured Chris Mirabello, AVP of IT and Security at 365 Data Centers, and John Riley, Chief of Emerging Tech at Impactifi.

Together, they provided the audience with a clear picture of what’s coming down the pipeline when it comes to cybersecurity.

The panel wasted no time diving into the biggest threats on the horizon. Ransomware remains a top public enemy, with attackers refining their methods to exploit human vulnerabilities rather than just technical ones. AI-powered deepfakes and social engineering scams are evolving at an alarming rate as they make it harder for employees to distinguish real from fake.

Meanwhile, post-quantum cryptography, or PQC, and operational technology (OT) security are emerging as critical concerns. They force companies to rethink how they protect their most sensitive data.

As for industries in the crosshairs? Financial services, healthcare (which Mirabello has extensive background in) and critical infrastructure are prime targets. Basically, Mirabello said that industries that deals with data or essential services are targets.

Next, I asked Mirabello and Riley about the biggest cyber risks.

Firth, they addressed the growing ransomware crisis and emphasized the human factor. Attackers don’t need to hack your network when they can just trick an employee into opening the door for them. Social engineering tactics (think phishing emails, fake executive requests, and deepfake scams) are also becoming more sophisticated, which makes user education and zero-trust security frameworks more critical than ever.

AI is adding fuel to the fire by amplifying the effectiveness of these attacks. With AI-generated voice and video scams reaching near-perfect realism, businesses must adopt more stringent authentication measures.

PQC is another rising concern, with experts urging companies to start preparing now. As quantum computing advances, today’s encryption methods will eventually become obsolete, leaving businesses scrambling to secure their data. Riley said something along the lines that the time to future-proof your encryption isn’t when quantum computers arrive it’s now. Why? Because quantum computing is moving fast.

And then there’s operational technology (OT). While IT networks get most of the attention, OT devices, like those running industrial control systems and infrastructure, are often the weakest link. The two panelists agreed that if hackers want to get into your systems, they’ll find the path of least resistance. And right now, that’s OT.

For businesses navigating the complex cybersecurity landscape, one thing is clear: waiting to react is no longer an option.