Cyber Teams
Hack The Box (HTB) supports over 1,500 global teams at the frontlines of incident response and security testing. This gives us unique insights into the skills gaps plaguing cybersecurity teams and how they’re adapting to a volatile threat landscape.
While predicting the future isn’t an exact science, we’ve identified five key trends poised to shape cybersecurity in 2025.
These trends highlight the most in-demand skills and actionable steps teams can take to close critical gaps and stay ahead of emerging threats.
The first big trend we’re watching in 2025 is that companies and recruiters will place less emphasis on degrees and focus instead on skill-based hiring Loading Preview...
That is, looking less at college degrees, and more on practical capabilities that job seekers can be tested on or provide portfolios for.
Intelligent.com reported that Loading Preview...
This, paired with a recommendation to seek skill-based applicants from the White House’s National Cyber Director, Loading Preview...
Based on HTB’s own Cyber Attack Readiness Report (CARR) 2024 Loading Preview...
If hiring is changing, the best piece of advice for team leads is to start hiring differently.
Consider running a skills gap assessment Loading Preview...
After that, find ways to test applicants for those skills, and work those tests into your hiring process—with measurable criteria.
If that feels fairly obvious, it’s because the main shift is in looking less at the university name attached to their degree, or the companies on the applicant’s resume, and instead paying more attention to the skills that candidates bring to the table.
You may find your perfect fit in the least expected place, and a candidate who doesn’t interview extremely well (in a high-pressure social environment) might blow you away on a technical cybersecurity assessment Loading Preview...
Painted against the backdrop of growing attack surfaces and emerging threats, the rising demand for blue teamers to upskill is a trend we've already observed.
As of November 20, 2024, a total of 35,378 vulnerabilities have been published, marking a 39% increase compared to the same period last year, according to both Statista Loading Preview... Loading Preview...
While attack surfaces are growing, the Center for Strategic & International Studies Loading Preview...
Even after onboarding staff with the right skills, blue teamers get less time to train Loading Preview...
All of this suggests there’s a gap between the skills blue teamers have, and what they need to be the best at their vital jobs.
Enabling a purple team approach to upskilling is a strategic way to tackle the issue of “limited time and resources.”
Forward-thinking companies like Easi already follow this mutually beneficial approach by aligning threat exposure management exercises Loading Preview...
First, the security team chooses a Machine that red teamers have compromised. Then, administrator or root accounts are created for the blue team, who must investigate the Machine to find all traces of attacks.
This synergistic approach Loading Preview...
90% of Fortune 1000 companies rely on Active Directory Loading Preview...
Keeping up with real-world risks means skills that were once considered “bleeding-edge” can easily be rendered as “expected,” even for junior or entry-level SOCs. One example is basic-intermediate knowledge of defending against AD attacks.
Years ago, it was considered part of a seasoned SOC professional’s arsenal, but that’s no longer the case. Since AD attacks are common practice among attackers nowadays, today’s junior SOC professionals should be aware of common Active Directory attack vectors and how to detect them Loading Preview...
In December 2024, HTB announced the Certified Active Directory Pentesting Expert (HTB CAPE Loading Preview...
Based on the high availability of AD services, and the knowledge gap in securing AD, we're confident that 2025 will see a new wave of security specialists on the market with exceptional skills in both defending and testing AD networks Loading Preview...
As with some of the other trends, doing some research or training really is one of the best places for your teams to start. Schedule time for them to build a foundational knowledge of AD attacks.
Master Active Directory security with HTB CAPE
Enable skills for securing complex Active Directory environments. Access advanced techniques such as identifying hidden attack paths, chaining vulnerabilities, evading defenses, and professionally reporting security gaps.
Through hands-on demonstrations of real-world network vulnerabilities and misconfigurations, candidates gain practical skills to tackle modern network security challenges.
Cybersecurity teams face new risks as artificial intelligence (AI) becomes increasingly embedded in web apps and product offerings.
While AI can bring efficiency and innovation, its adoption comes with vulnerabilities. 60% of security professionals fear AI Loading Preview...
Because AI-powered applications are designed to mimic human speech patterns, they can be vulnerable to both prompt injection vulnerabilities and used by adversaries to craft advanced social engineering-style attacks—like the weaponization of deepfakes Loading Preview... Loading Preview...
The best way to start preparing your teams to catch the proverbial wave is by deepening everyone’s knowledge of AI and web application security. Encourage your teams to read up on vulnerability trends, practice App testing, and get familiar with AI vulnerabilities and AppSec frameworks.
Here are a handful of places for teams to start:
38% of attacks against Industrial Control System (ICS) assets come from an IT foothold Loading Preview...
This interconnectedness expands the attack surface, making it easier for adversaries to breach ICS assets through IT entry points. That’s why in 2024, we paired with Dragos, a leading ICS/OT cybersecurity technology and solution provider, to release the Alchemy Lab focusing on ICS security.
While ICS pentesting is an emerging field, there is already a wealth of resources available to anyone who’s looking to get more involved. For teams interested in testing & securing ICS assets, HTB’s Alchemy Lab allows participants to compromise a simulated industrial production facility Loading Preview...
We suggest teams start by reading some of the foundational ICS pentesting materials. This includes the Lockheed-Martin Cyber Kill Chain whitepaper Loading Preview... Loading Preview... Loading Preview... Loading Preview...
Professional development won’t happen unless leaders actively prioritize it.
Day-to-day demands can easily overshadow upskilling initiatives, but if you want to future-proof your team in 2025, carving out dedicated time for training is essential.
Building a culture of continuous upskilling Loading Preview...
High-performance security teams go beyond merely reacting to threats; they proactively improve their skills, stay ahead of emerging trends, and enhance their cyber performance Loading Preview...
So, whether you're a security leader looking to refine your team’s focus, or a professional seeking to elevate your own expertise, the path forward is clear:
Invest in consistent, targeted upskilling, and be ready to lead the charge in cybersecurity's next evolution.
Community
Blog Upcoming Events Meetups Affiliate Program SME Program Ambassador Program Parrot OSGet Help
Help Center Contact SupportCommunity
Blog Upcoming Events Meetups Affiliate Program SME Program Ambassador Program Parrot OSGet Help
Help Center Contact Support