Threat actors will continue to breach defences and cause loss, with the human factor remaining the weakest part of organisations' security systems. The continued search for the best balance between system security and usability will allow for continued penetration of systems. New challenges such as AI-related scams will create further risk. Although tools such as multi-factor authentication make third-party access harder, with cloud-based systems and resilient back-ups aiding recovery, none represent a panacea. In the future, we anticipate that data will simply be stolen, compared to current trends where data is often encrypted and ransomed against publication. For consumers affected by these incidents, while bank redress schemes may offer some form of remedy, they may encourage threat actors to see data theft as a victimless crime. For businesses, however, there will be no such redress.