What Cybersecurity Leaders Need to Know

Members of Baird’s Cybersecurity Investment Banking team recently attended the Black Hat USA 2025 conference in Las Vegas. This year’s event showcased the rapidly evolving landscape of cybersecurity, where identity, AI and operational technology are reshaping how organizations defend against increasingly sophisticated threats.

The following takeaways from the conference offer insight into the technologies, trends and challenges that are defining the future of cybersecurity.

1. Identity Takes Center Stage: IGA and PAM as Cornerstones of Cybersecurity
   Identity, particularly areas of Identity Governance and Administration (IGA) and Privileged Access Management (PAM), have become critical pillars of enterprise cybersecurity. As attackers increasingly target credentials to bypass traditional defenses, organizations are prioritizing identity-first security strategies to protect against account compromise and privilege escalation. Identity has become a foundational layer of all cyber and IT infrastructure, effectively becoming the new perimeter.
2. Physical Security and OT: Expanding the Threat Landscape
   The convergence of IT and Operational Technology (OT) security is accelerating, with critical infrastructure and industrial systems becoming prime targets for attackers. Companies like Claroty and Armis are leading the charge in securing OT and IoT environments, scaling to the hundreds of ARR (poised for public market entry), and further highlighting the urgency of protecting physical assets alongside digital ones. Outside of these big players, others are riding the same wave – creating capabilities to replicate the attack environment or infrastructure via digital twin or sandbox and use that to train teams and react in real-time to threats posed on physical and OT. We are seeing this trend becoming pervasive in the public sector and increasingly in the commercial sector.
3. The Human Layer: Addressing the Weakest Link in Cybersecurity
   Humans continue to be the most exploited vulnerability in cybersecurity. Social engineering, phishing, and insider threats remain persistent challenges. Solutions that integrate behavioral analytics, real-time training, and human-centric threat detection are gaining traction as organizations seek to mitigate risks stemming from human error.
4. AI Models Powered by Unique Data Sets: The Next Competitive Edge
   Proprietary and unique data sets are becoming a critical differentiator in AI-driven cybersecurity solutions – the fuel to the AI fire. Vendors are racing to build models that can analyze diverse and high-quality data to detect threats faster and more accurately, underscoring the importance of data ownership and curation in the AI arms race.
5. Agentic AI: The Rise of Autonomous Cybersecurity
   SentinelOne’s acquisition of Prompt underscores the growing importance of agentic AI—autonomous systems capable of detecting and responding to threats without human intervention. These systems promise faster response times and improved scalability, but they also raise questions about governance, oversight, and the potential for unintended consequences – driving big players to buy technology in the AI security space rather than rely solely on home-built solutions.
6. Platformization: Consolidation in the Cybersecurity Ecosystem
   The acquisition of CyberArk by Palo Alto Networks reflects the broader trend of platformization, where vendors aim to deliver integrated, end-to-end cybersecurity solutions. Enterprises are increasingly seeking fewer, more comprehensive platforms to reduce complexity, streamline operations, and improve ROI, driving consolidation across the industry.
7. Mounting Pressures on CISOs: Balancing Compliance, Risk, and Strategy
   CISOs are under growing pressure to balance regulatory compliance with proactive risk management. With heightened scrutiny from boards and regulators, CISOs are evolving into strategic business leaders, responsible for aligning cybersecurity initiatives with broader organizational goals while navigating an increasingly complex threat landscape.
8. Third-Party Risk Management: A Growing Ecosystem of Tools, Data and Insurers
   Third-party and supply chain risks are now top-of-mind for security leaders, driven by high-profile breaches like SolarWinds and Crowdstrike. Tools like Vanta, Panorays, and SecurityScorecard are gaining traction as organizations look to continuously assess vendor risk. Additionally, cyber risk insurers are playing a larger role in helping organizations quantify and mitigate third-party exposures, creating a growing ecosystem of solutions focused on supply chain security, supply chain visibility and attack / breach path validation.
9. ITSM Becomes a Cybersecurity and AI Battleground
   

   ServiceNow and other ITSM vendors enhance the service and security lifecycle by integrating with leading security tools to orchestrate, automate and track incident and vulnerability responses. By combining security alerts with business context and workflow automation, it enables faster, more coordinated, and fully auditable remediation. We expect interest to continue to develop around tooling that can accelerate AI adoption or add AI capabilities, following ServiceNow's lead — with its recent acquisition of Moveworks.

10. Continuous Monitoring of Network and Email Security is Non-Negotiable
    Network and email security remain critical areas requiring constant vigilance. With email still the most common attack vector for phishing and ransomware, and networks increasingly targeted by sophisticated lateral movement techniques, organizations must invest in solutions that provide continuous monitoring, advanced threat detection, and automated response capabilities to stay ahead of evolving threats.

Baird’s Cybersecurity team has extensive experience advising across the sector. Our sector expertise covers network and endpoint security, security operations, identity and access management, security awareness training, threat intelligence, data security, application security and managed security services. We welcome the opportunity to discuss these topics and how they may impact your business or future strategy.

Contact Baird Global Investment Banking

Matt Russell Managing Director

View Profile

Chelsea Smith Director

View Profile