Maksim Kabakou - Fotolia
The most pressing challenges for CISOs and cyber security teams
From Covid-19 to war in Ukraine, SolarWinds Sunburst, Kaseya, Log4j, MOVEit and more, the past five years brought cyber to mainstream attention, but what comes next? The Computer Weekly Security Think Tank looks ahead to the second half of the 2020s
The UK Ministry of Defence recently published its Global Strategic Trends report which sets out the developments that will shape the world over the next five years. These provide an insight into some of the challenges that CISOs and cyber security teams will face.
The first threat is that of global and regional political instability. As regional and global power competition intensifies, we may see growing authoritarianism and a decline in democracy. The capabilities of violent extremist organisations and organised crime groups to cause harm will increase. Access to data will become a key component of global power for both state and non-state actors, all of which will require greater vigilance from cyber teams.
The second area of concern comes from the expanding attack surface, The exponential reliance on data and connectivity across states, organisations, and individuals in an increasingly connected world will significantly expand the attack surface. With stretched resources from dealing with an ageing population and climate change, nation states may not be able to provide the increasing level of direct support needed for cyber defence operations.
A further trend driving cyber threats is the technological arms race. The increased reliance on data and connectivity, coupled with advances in Quantum and AI, will escalate the arms race between cyber exploiters and victims. This shift is already being seen in the rise of zero-day attacks. The National Cyber Security Centre (NCSC), in collaboration with cyber security agencies from the US, Australia, Canada, New Zealand, and others, identified that most of the top 15 vulnerabilities exploited in 2023 were initially targeted as zero-day attacks. This trend has continued into 2024, highlighting the evolving tactics of cyber adversaries and the increasing availability of advanced exploitation tools.
Pressing challenges for CISOs and security teams
Given these trends, the most pressing challenges for CISOs in the next five years will be related to the rise of AI, building a culture that fosters secure behaviours, the threats from insiders, data management and patching and monitoring, as well as the ongoing need for operational resilience.
The rise and risk of AI is increasing as adversaries weaponise AI for malicious purposes, using it to create undetectable malware, automate reconnaissance, and execute deepfake-based scams. Organisations are rapidly chasing the ‘AI dream’, looking at ways in which it can deliver significant business benefits and CISOs will need to make their voice heard at the planning stage to avoid security being seen as a secondary consideration.
Organisations invest heavily in protecting their digital systems, physical assets, and people from adversaries with software solutions to detect cyber threats, restrict access to buildings and safeguard sensitive employee information. However, up to 95% of security incidents typically result from human actions, whether through unintentional errors or intentional breaches. A technical solution alone is not going to keep the future organisation safe. To protect what matters most CISOs should look to leverage the power of their people by embedding the right security behaviours into organisational culture to create an effective first line of defence. A robust security culture ensures every individual within the organisation understands their role in maintaining security and takes proactive steps each day to enhance it.
Insider threats, whether stemming from intentional actions by malicious employees and contractors or unintentional mistakes by negligent staff, remain a significant source of security breaches. These risks are further amplified by the rise of hybrid work models, which reduce organisational control over devices and network environments. These create additional vulnerabilities that security teams must address through more joined up approaches to physical and cyber security.
Data management and protection is ever more critical as there is more data and greater connectivity to manage. CISOs need to know what their critical data is, where it is located, who has access to it, how it flows, how it is protected, and where it is vulnerable. Understanding their own systems and their residual risks, as well as the risks to their data when it is in the hands of others, is crucial. CISOs also must have confidence in their supply chain and its ability to protect assets properly. Networks and data sources must be appropriately protected both in transit and at rest. Ransomware and phishing remain a persistent and evolving danger, with attacks becoming more targeted and destructive. Meanwhile, the advent of quantum computing poses a looming threat to traditional encryption methods, compelling organisations to prepare for a transition to post-quantum cryptographic standards.
The increasing use of effective zero-day exploits means that we need to stay on top of patching and monitoring, which itself will occur at a faster pace. CISOs must get smarter with protective monitoring so that they can identity suspicious system behaviour as early as possible. They should also make better use of AI and machine learning tools as they develop.
As all these threats increase, security teams will have to prioritise operational resilience so they can respond to natural disasters, geopolitical instability, and supply chain disruptions that can compromise infrastructure and data availability. The growing reliance on third-party vendors and services heightens the risk of supply chain attacks, exposing organisations to vulnerabilities that lie beyond their direct control. Ensuring rapid recovery and effective business continuity will increasingly become central to security strategies.
Many of these threats are not new but their number and impact is growing and it is clear that the task of the CIO is only going get harder in the next five years.
