The Cyber Landscape 2020–2025: From Pandemic Shock to AI-Driven Threats
The Cyber Landscape 2020–2025: From Pandemic Shock to AI-Driven Threats
In just five years, cybersecurity has been fundamentally transformed. The pandemic in 2020 became the starting point for a digital leap. Companies shifted to remote work overnight, cloud services grew explosively, and cybercriminals adapted instantly. Suddenly, both defenders and attackers were playing on an entirely new field.
Since then, threats have become more numerous and advanced. What began with ransomware and phishing has evolved into supply chain intrusions, attacks on critical infrastructure and assaults where AI plays a central role. Organizations around the world have realized that cybersecurity is not only a technical issue but also a strategic management concern that involves human behavior.
The World Economic Forum notes in its Global Cybersecurity Outlook 2025 that cybersecurity is now one of the biggest global risks, on par with climate change and geopolitical instability.

2020: The pandemic’s digital leap
When the world shut down in 2020, work moved to kitchen tables and living rooms. Home networks became part of companies’ attack surfaces.
According to Check Point Research and Interpol, the traditional security perimeter dissolved at the same time as the use of cloud services exploded, which dramatically increased risks. Cybercriminals saw an opportunity: phishing emails about COVID tests and vaccines spread in large numbers.
Several sources show that malware attacks rose significantly during the year. Some reports, such as AAG IT, indicate an increase of over 350 percent, but this is difficult to verify. More established measurements point to increases of around 50 percent in certain categories.
2021: Cloud and supply chains in focus
At the end of 2020, the SolarWinds attack was discovered, but it was during 2021 that the consequences became clear. The incident showed how a single supplier could affect organizations worldwide.
The Verizon Data Breach Investigations Report described how intrusions were increasingly carried out with malware-free methods. Instead of malicious code, attackers used stolen login credentials and exploited existing system functions.
Other reports, including those from Tenable and Verizon, also highlighted the rapidly growing problem of misconfigured cloud services.
2022: Ransomware at scale
Ransomware surged in 2022. SonicWall registered 236 million attempts during the first six months of the year. These were attempts, not successful breaches.
Many attacks targeted hospitals, government agencies and industries. ENISA and Verizon DBIR noted at the same time that data leaks and attacks on APIs were increasing.
The costs of breaches rose quickly, fueling rapid growth in the cyber insurance market, particularly highlighted by Allianz and Marsh.
2023: Social engineering at the center
In 2023, social engineering became the biggest threat. According to DBIR, about three out of four breaches were malware-free, relying on phishing, vishing and smishing.
ENISA and Kaspersky reported that IoT and edge devices became more frequent targets. To address these threats, organizations invested in zero trust architecture and automation.
Proofpoint’s Voice of the CISO report showed how economic pressures and lack of resources left many organizations more vulnerable to cybercrime.
2024: Critical infrastructure under attack
In 2024, many advanced attacks targeted critical infrastructure.
Dragos reported in its annual ICS/OT Cybersecurity Year in Review that the water and energy sectors were particularly affected, often with suspected state support.
The World Economic Forum noted that it became increasingly common for attackers to combine ransomware with data theft and attempts at geopolitical influence.
At the same time, regulatory pressure increased and more industries developed joint incident response plans.
2025: AI for better and worse
Today, in 2025, AI is at the center. Generative AI is being used to create increasingly sophisticated attacks such as deepfakes and automated phishing, but also to strengthen defense through AI-driven detection and response.
Proofpoint reports that 84 percent of CISOs are worried about their personal liability in the event of a breach, showing that the issue is now firmly on the leadership agenda.
The World Economic Forum points out that human factors are the most common cause of breaches, often in the form of mistakes or poor routines in identity management. This is driving investments in training, simulations and strategies to strengthen the human firewall.
Cloud, identity and critical infrastructure remain the most common targets for attacks, according to reports from ENISA and Microsoft Security.
From perimeter to people and beyond
The development between 2020 and 2025 shows a clear shift. The focus has moved from malware attacks and collapsing network perimeters to a reality where AI, identities and human factors dominate the threat landscape.
And the journey continues. ENISA predicts that threats leading up to 2030 will become even more complex. AI-driven systems may map vulnerabilities in real time, and quantum technology could eventually threaten today’s encryption.
The World Economic Forum also highlights cybersecurity as an increasingly important geopolitical factor. Attacks are used both to make money and to destabilize societies. Therefore, collaboration between countries, authorities and companies will be critical for building digital resilience.
For organizations, this means cybersecurity must be treated as a central strategic issue. It is not enough to build walls around networks. The strength lies in the ability to quickly detect, respond and recover. Training, exercises and investments in competence are just as important as the latest technology.
What began as a reaction to the pandemic has become a long-term transformation. The future of cyber defense is about trust, resilience and the ability to adapt in a world where digital risks are a permanent part of everyday life.

Get in touch!
Get in touch!
Choose your nearest office, looking forward to hear from you!
Region Norrköping/Linköping