The industry has to look forward to the future of cybersecurity – including a new generation of specialists, and newly developed tools and procedures.
This past Sunday, nearly 200 students from 16 universities across the country gathered at the Rochester Institute of Technology for a national-level Cybersecurity competition. Rather than the typical workshops, the competition was run as a set of games with the students attempting to keep systems secure from a team of hackers.
This event, and more like it, will help shape the future cybersecurity specialists whose work will define the field. Not only is a red-versus-blue setup like this a better way to test skills in a more realistic environment, it allows the students to show off their skills to the senior generation and potential recruiters.
The new generation’s tools
The future of cybersecurity is not only going to be shaped by the specialists, but also by the tools they have available to them. We’ve already covered the potential of AI and some of the uses (and misuses!) it has enabled, but AI tools continue to evolve and open new possibilities.
On the cybersecurity side, we see AI making inroads as a tool to help with predictive analysis, threat detection, and boosting response times. An AI tool can pick up on differences in pattern by a logged-in employee that might suggest they’ve been co-opted by an outside actor – even things as small as atypical mouse movement.
It is to be expected that some of these avenues will be dead ends; but for now, the future of cybersecurity is replete with new innovations that are only balanced by the equaly rapid evolution of threats. AI-powered Advanced Persistent Threats or deepfake-enabled spearphishing are new and growing hazards that existing procedures and tools are not fully prepared to tackle. As always, the solutions are good training, preparedness, and a well-established disaster recovery plan for when things inevitably go wrong.
Newly affected industries
Cybersecurity is a universal issue, but some fields have traditionally been more affected than others. The last decade has seen a gradual shift, however, with operational technologies systems becoming increasingly targeted.
Typically, OT systems have been a target largely for state-actors looking to disrupt critical infrastructure; this has been the reason for EU-level regulation specifically mandating security increases for any field labeled as critical. Now, however, we are also beginning to see non-state commercial threats leak into the space. Largely this is due to the convergence of fields; traditionally, operational technologies and information technologies were largely separate, with OT running on air-gapped or even fully disconnected systems. This no longer applies, as organizations look to make greater use of automatization and remote access. The increased computerization has brought great benefits but also begun to expose fresh systems to risk.
There will inevitably now be a scramble to try and patch newly accessible systems into existing cybersecurity structures – while hostile actors try and take advantage of a rare greenfield opportunity presented by unprepared and unsecured computers running critical tasks.
Your Data In Your Hands – With TECH-ARROW
