Following last week’s webinar, ‘The year is 2030: what has changed in cyber?’, our global CTO, Ollie Whitehouse, offers some insights into what cyber resilience could look like in 10 years’ time.
Cyber resilience is a young problem – in fact, the cyber security industry has only existed for around 60 years. For the most part, the science and evidence that we have is new or non-existent, and the process of gathering and analysing much of this is made more challenging by the complex, widespread nature of cyber security.
With this in mind, an evidence-based, scientific approach to security will become even more important in the future, as the cyber security landscape continues to shift across international, geopolitical and personal spheres.
How will cyber resilience change in the next decade?
On the world stage
Competition between the USA and China, along with the ambitious growth plans of many Chinese organisations, means that over the next decade we may see a shift away from a global technology base that is largely controlled and designed by the West.
This would lead to a shift in the way that businesses and individuals use technology, as well as having implications for how global supply chains operate and how the security industry can protect and defend against changing forms of cyber crime.
The response to this from the West could also influence the way technology is utilised globally – for example, we’ve already seen Donald Trump planning to ban China from key national supply chains. This is one part of a trend which, if it continues, could scatter an increasingly disparate technology base even further across the world.
In the boardroom
For decades, legacy infrastructure and the issue of securing it has been a challenge for many businesses. This is likely to continue over the coming years, as new technologies and methods of attack emerge. Securing outdated IT infrastructure is crucial, not just for organisational resilience, but for building customer trust as consumers demand more privacy and control over their data in the years to come.
With the introduction of a wider range of devices to work from, along with changing ways of working, we could also see more businesses adopt is a zero-trust security architecture, with device and user identities used to create a least-privilege model across businesses.
Within the security industry
As the importance of cyber resilience grows, so does the amount of related data and evidence that security professionals, governments and academia can draw on to quantify cyber risk and make more evidence-based decisions and recommendations.
Although it may be a while before we see fully autonomous AI in most business settings, we may also begin to see security management and response becoming more automated over the next decade, particularly as the scale of computing infrastructure becomes more expansive and AI-driven.
Over the next 10 years, we will see cyber security continue to evolve as a field. With new technologies and emerging threats, the industry will need to take a more evidence-based approach to be able to outpace cyber crime and, ultimately, build a safer and more secure global society.
To watch the full webinar, click below.