(Not) Predicting the Future

I hope to everyone reading this that you’ve had an enjoyable time off over the holiday season. It's my first Hacker Headspace of the year and what better way to celebrate than (not) dusting off the old crystal ball and looking to the future. There’s a lot of pressure at this time of year to look to the future and ‘predict’ what may happen next in the world of cyber. If the last five years have taught us anything, it’s that such a prospect is almost impossible.?

When it comes to cybersecurity, it’s better to be prepared for any and all eventualities. Proactivity is essential, above all. Being proactive is a good way to build cyber resilience against any issue that may be thrown at your organisation, whether that’s a new zero-day vulnerability or an at-present unthinkable expansion of the attack surface (who remembers the pandemic?).? Having said that, here’s what I know to be true: Cybercriminals are becoming more sophisticated and are attacking with increasing volume, dexterity and ease. What happens next (the how and the why) are more complicated.?

I have seen some trends over the past few years that have proven hardy and are representative of significant problems that aren’t going away any time soon. Here’s my two cents.?

No, AI isn’t going to take over

Headlines in the media continue to spread fear about whether AI might take over the world. Whilst such a sentiment makes for a great headline, I personally believe that AI, at least in the current form of using LLMs or similar, is going to fall flat. Practically thinking, we haven’t seen massive increases in uptake by significant parts of the economy (despite AI being the buzzword du jour and with large orgs pumping money into it). Reports suggest that the current generation of AI LLMs may be approaching a plateau in performance, as readily available sources of high-quality human-created content for training are becoming increasingly scarce. Does this mean we’re nearing ‘peak AI’? I think that may be so.?

Geopolitical Crises

As we’re half way through the decade, I think it’s worth looking a bit more long term, especially when it comes to geopolitics.?

I think that the next five years of cybersecurity will be dominated by geopolitical crises, with China at the forefront. Increased aggression from China, potentially escalating into both overt and covert conflict, particularly surrounding Taiwan, is highly probable.

China's continued encroachment on neighboring territories, exemplified by its actions in the South China Sea and Hong Kong, highlights its assertive foreign policy. This, coupled with a potential decline in Western influence, will significantly alter the global security landscape.

Western technology companies will increasingly play a critical role in national security, a responsibility they've largely avoided until now. The vulnerability of critical infrastructure to cyberattacks, as evidenced by incidents like Volt Typhoon and Salt Typhoon, poses a significant threat.

Conversely, Russia, while facing technological limitations due to sanctions, will continue to employ cyber warfare tactics, likely through the increased involvement of Kremlin-aligned ransomware groups.

The lack of urgency in addressing fundamental cybersecurity issues is alarming, especially in the realm of critical national infrastructure (CNI). Many organisations still fail to implement basic security measures like multi-factor authentication and adequate logging, leaving them highly vulnerable to exploitation. This cyber maturity gap, especially in terms of CNI, may compel governments to? impose stricter regulations and intervene directly.?

The Evolving Supply Chain?

Supply chain attacks have become a major threat. The CrowdStrike incident from last summer, while not a typical supply chain attack (and not a cyber issue at all), highlighted the devastating consequences of disrupting critical software. This incident demonstrated the deep interdependence of modern technology, where failures can cascade across industries, causing widespread disruption.

This interconnectedness makes supply chain vulnerabilities a significant and potentially catastrophic risk, capable of triggering economic shocks. Whether driven by geopolitical motives (like Russia and China) or financial gain (like ransomware gangs), attackers are becoming increasingly sophisticated. The coming years will likely witness more frequent and severe disruptions as these actors exploit vulnerabilities in critical infrastructure, businesses, and global systems. Business leaders must keep their fingers on the pulse when it comes to vulnerabilities.?

Final Thoughts

Over time, governments will inevitably counter cyber threats through policy, law, and cyber action. I urge my colleagues (from all of my past lives - Whitehall, Washington and beyond) to respond effectively, with proportionate and lasting measures. We must avoid overreaction while establishing norms for responsible technology use and cyber conflict that align with our values. We’ve seen this over the past year, with CISA’s Secure by Design pledge emerging and paving a way for a safer, more secure future.?

At ACDS, 2025 will be a year of growth. We’ll be attending more shows (internationally, watch this space) and engaging more with the wider community. We’re deepening our ties to the industry and will engage with even more initiatives that make us stronger and more resilient cyber-wise as a nation, if not a world. As always, we continue to evolve our product offerings, Observatory for example, promising to make the expanding attack surface easier to manage for all organisations.?