Going Beyond the Cybersecurity Headlines from This Year’s Munich Security Conference

Guten Tag! I enjoyed my trip to Germany last week for the 10th Munich Cyber Security Conference organised by Security Network Munich . Having reflected on the event, I’m feeling really optimistic about the future direction of cyber following some great discussions around how public and private enterprises can work together more collaboratively, how geo-political threats remain a hot topic, and, of course, AI.

So, besides rekindling my appreciation for Bavarian food and culture, what else did I learn from the event? Well, I have analysed the key themes from the latest Munich Security Report and picked out some frequent topics of conversation I had with peers last week.

Greater Collaboration is King for Actionable Threat Intelligence

Findings from the Munich Security Report 2024 confirm many of today’s cybersecurity concerns - global cooperation is giving way to relative gains and presenting the risk of lose-lose dynamics escalating across the cyber world. To quote the report directly, it warns “Diminished international cooperation leads to less efficient tech supply chains and a lack of global regulation to address technology risks”.

Transatlantic partners face the delicate task of balancing defence measures with preserving positive-sum cooperation in cybersecurity. I have been vocal on the need for greater collaboration previously, such as my LinkedIn article “why we should share actionable threat intelligence: a call for collaboration in the age of increased geo-political cyber threats”, and recognising the need to forge international partnerships to pursue shared goals as part of the key actions enterprises must take to align with the U.S. National Cybersecurity Strategy.?

There is a pressing need for harmonised reporting regimes and escalating regulatory impacts, a key item on my agenda when I spoke to policy makers on my trip to Washington D.C. last year. This will improve the quality and volume of actionable threat intelligence available, making organizations more cyber resilient and better preparing them for when an attack does happen.

Geopolitical Threats Remain a Hot Topic

In parallel to the Munich Cyber Security Conference was the 60th Munich Security Conference , one of the world's leading forums for debating international security policy. Around 60 heads of state and over 85 government officials addressed the world's most pressing security concerns, including high-profile speakers such as U.S. Vice President Kamala Harris and Ukrainian President Volodymyr Zelenskyy.

What grabbed the media headlines were discussions around ongoing wars in Europe and the Middle East and the potential paths to resolution. Digital warfare is taking centre stage in these conflicts, something which had not gone unnoticed to those I spoke to personally or heard discussed on panels at either conference.?

Geopolitical shifts and digital warfare, as seen in Ukraine over the last few years, are festering apprehension toward elections. With an expected 76 global elections in 2024, there is a huge potential for political campaigns to manipulate social algorithms.

Two keynotes which I attended really drove this point home. Alejandro Mayorkas, Homeland Security Secretary for the U.S. (pictured below) and Chris Wray, Director of the FBI, both reiterated the importance of strong cybersecurity posture and how we must stay vigilant to how we reassess risk against this geopolitical backdrop.?

Artificial Intelligence is Shaping Every Aspect of Security, Especially Defence ?

We know AI is an evolving technology which brings complexities in both cyber defence and attack, and I’d run out of digital paper if I were to write down every avenue of conversation I had around AI. One particular discussion I enjoyed was listening to however was Sir Alex Younger, Former Chief of MI6, and Sir Jeremy Fleming, Former Head of GCHQ, on the challenges and opportunities AI presents in the realm of cybersecurity and intelligence

The Munich Security Report made AI a prominent feature, stating (amongst other references): “AI technology will be a key determinant of geopolitical power in the coming decades. The abilities of modern machine-learning systems, a subtype of AI, to analyze masses of data at superhuman speed could revolutionize military capabilities.”

I wanted to focus on this point around “revolutionizing military capabilities”, something I commented on last November in Cyber Magazine. Critical military systems, infrastructure and communication networks are essential for national security, and any breach or compromise could have devastating consequences, including the potential for espionage, sabotage or theft of sensitive military information.

As defence systems become increasingly reliant on advanced technologies, such as IoT and autonomous systems, the attack surface for cyber threats also expands. This threat is heightened with the evolution of AI, with cyber criminals incorporating machine learning techniques into their malware, targeting critical national infrastructure, and evading antivirus software detection.

But just as AI presents new challenges for defence, it also offers solutions. Knowing that a defence organisation has robust defences and the capability to retaliate in cyberspace can discourage potential adversaries from launching attacks.

At DXC Technology , we predict we will see more automated AI-based security controls and response mechanisms to enable organizations to react faster and more accurately to cyber and digital warfare attacks, reducing possible downtime and protecting national data. For a further discussion on this, read about importance of establishing fundamental principles and processes when baking AI into your organization’s security operations.

Conclusion: Are we in a “lose-lose” situation in cyber?

The Munich Security Report this year was titled “Lose-Lose?”, flouting the idea that many governments are no longer focusing on the absolute benefits of global cooperation, but are increasingly concerned that they are gaining less than others. In cyber, we simply cannot afford to let this happen, as we are stronger together.

Getting together with cyber peers from around the world is always important; we compare trends, see things from different perspective, and ultimately ensure we keep our finger on the pulse of what is an ever-changing enemy. We also build more powerful bonds and establish new connections, an invaluable asset in our fight against cybercriminals. Greater collaboration by sharing actionable threat intelligence, in tandem with tighter reporting of incidents, will keep all security-aware organizations who value their cyber resiliency one step ahead of the enemy.??