It’s mid-February, which means IT security executives’ and industry analysts’ plans for 2018 are really starting to gather momentum.

Every year, this personnel faces the difficult task of deciding what security investments they should make given current developments in the cyber threat landscape. Google Trends and other services can help organizations make these types of decisions over the short-term. But it’s more difficult when we begin discussing what cybersecurity challenges organizations could face in 2028.

Why is this so?

Well, there are lots of factors that should inform how we think about what the world will look like in 10 years.

In the MIT Sloan Management Review, Amy Webb identifies a framework known as CIPHER that accounts for Contradictions, Inflection points that are indicative of change, new Practices that upset established norms, Hacks that change how users traditionally interact with a product, Extremes that push boundaries, and Rarities.

These factors, in turn, help us separate what’s probable, including developments in cybersecurity, from what’s merely plausible or possible.

Once you use these techniques to think about the future, you’ll be in a good position ask yourself five questions about future scenarios in cybersecurity. Some of these questions are as follows:

  1. How likely is it?
  2. What is the level of risk?
  3. What will threat actors do?
  4. How will we defend it?
  5. What is the end state?

There are numerous scenarios to which IT security executives and industry analysts can apply these questions in an effort to predict what cybersecurity could look like in 2028.

For example, they should reflect on the potential for quantum computing to break every traditional encryption algorithm that exists. Under this Y2K event for encryption protocols, an attacker might be able to steal encrypted data and use quantum computing to decrypt it 10 years from now.

Some (Read more...)