Cyber threats are evolving everywhere – and "prevention alone is insufficient," says NordVPN CTO

NordVPN CTO Marijus Briedis speaking at a panel during RightsCon 2025 in Taipei, Taiwan, on February 25.

(Image credit: Future)

The evolution of cybercrime isn't ending anytime soon, sorry.

Massive data breaches, AI, and increased target refinement across media outlets, governments, and businesses are all contributing to this change. But, as NordVPN CTO Marijus Briedis said at Rightscon 25, "Prevention alone is insufficient. What you need is resilience".

NordVPN, provider of one of the best VPNs, had first-hand experience of the evolving cyber threat landscape following the surge in cybercrime incidents targeting Lithuania, where it's based, in the wake of the Ukraine conflict.

The need for cyber resilience

As Briedis explained, the last few years have seen nation-state hackers and cyber criminal gangs expanding and exploiting any digital vulnerabilities.

Worse still, "with little resources you can have a lot of damage," he added.

In 2024, data breaches reached an all-time high. Take the "mother of all data breaches" kicking off the year with 26 billion records leaked. In total, over 1 billion records were exposed throughout the year, as per NordLayer data.

Ransomware, phishing, and malware also remain a big threat during the year, with cybercriminals increasingly using AI to craft better attacks.

Generative AI was included in Google’s Cybersecurity Forecast 2025 as a primary threat, alongside state-sponsored threat actors and ransomware.

Nord Threat Protection Pro menu on Windows, showing options to turn on web and file protection, as well as vulnerability detection. — (Image credit: Future)

In the wake of all these evolving cyber threats, the likes of NordVPN are expanding the reach of their security offers with tools like its Threat Protection Pro – which was named as a top tool for malware and phishing protection – or its new ID-theft protection, NordProtect.

Most countries have also adopted laws to prevent cyberattacks as much as possible over the years. Organizations, government entities, and individuals have learned to protect sensitive data using virtual private network (VPN) software, firewalls, antivirus, and other security tools.

Yet, these efforts never seem to be enough.

That's because, Briedis explains, cybersecurity is not a fixed goal. He said: "We have to be adaptive and make sure that we are learning from these attacks. We need to be [cyber] resilience."

What's next?

While Briedis' RightsCon panel was mainly aimed at activists, NGOs, and other small organizations, everyone can take advantage of Nord's recommendations to be more cyber-resilient.

"The first thing is about education," he said.

Stay on top of the threats, familiarize yourself with security tech solutions, and share your knowledge. Remember to talk not only with your colleagues but also with your friends and family.

"The second part is shared responsibility." This means that it's everyone's responsibility to share the knowledge.

All in all, "Stay secure, stay cyber-resilient."

TOPICS

Chiara is a multimedia journalist committed to covering stories to help promote the rights and denounce the abuses of the digital side of life – wherever cybersecurity, markets, and politics tangle up. She writes news, interviews, and analysis on data privacy, online censorship, digital rights, cybercrime, and security software, with a special focus on VPNs, for TechRadar and TechRadar Pro. Got a story, tip-off, or something tech-interesting to say? Reach out to chiara.castro@futurenet.com