Twenty years since the creation of the National Cyber Security Awareness Month (NCSAM) by the US Department of Homeland Security and the National Cyber Security Alliance in the United States
Staying informed about evolving threats, we once more take the opportunity to review where we are today on the topic of cybersecurity.
The rise of cybercrime
Cybercrime has moved downstream into the mass marketplace where you don’t need to have expertise in cybersecurity or computer science to disrupt, intentionally or not.
“Cybercrime is rapidly evolving, with ransomware becoming a service (RaaS), making it more accessible to novice attackers,” says Santosh Kumar Tripathi, the director of Information Security and Compliance at Virsec Systems. He observes that supply chain attacks are becoming more frequent as hackers target third-party vendors to access more extensive networks.
“Phishing and social engineering tactics are becoming more advanced, often leveraging AI to craft convincing messages. Zero-day vulnerabilities remain a significant threat, as attackers exploit unpatched flaws before organisations respond,” he continues.
Between 2023 and 2024, there was a 28% increase in insider-driven data exposure, loss, leak, and theft events. “Threat actors increasingly use AI and machine learning to automate attacks and improve accuracy, signalling a shift towards more efficient, scalable cybercrime operations,” adds Tripathi.
Identifying the threat actors
The threats organisations face come from a diverse array of actors. Nation-state entities, armed with substantial resources, engage in espionage and intellectual property theft. "These actors are not just targeting sensitive data; they are after critical infrastructure," Tripathi warns.
Organised cybercrime groups exploit vulnerabilities through ransomware and data breaches, while insider threats—whether from malicious insiders or careless employees—remain a significant risk. Additionally, hacktivists aim to disrupt operations for political or social causes, creating further challenges for organisations.
The challenges of vulnerability management
Despite ongoing efforts, current strategies for vulnerability and patch management struggle to keep pace with the evolving threat landscape. Organisations often grapple with the overwhelming volume of vulnerabilities, leading to delays in patch application, especially for critical systems.
"It's crucial to have a proactive approach to vulnerability management; otherwise, organisations risk falling behind," Tripathi emphasises. Zero-day vulnerabilities present an even greater challenge, as no patches are available when the exploit is discovered.
Although automation and AI tools are enhancing vulnerability detection, the technology is still developing, and inconsistent patch management practices across industries limit effectiveness. Employee training and awareness are essential to complement technical defences.
Leveraging Emerging Technologies
To counter these threats, emerging technologies show great promise. "Artificial intelligence and machine learning are game changers in automated threat detection and real-time response," says Tripathi.
Implementing a zero-trust architecture enhances security by verifying every access request, thereby minimising insider risks. Extended Detection and Response (XDR) solutions provide a comprehensive view of security data, speeding up threat detection and remediation.
“As quantum computing develops, organisations should adopt quantum-safe cryptography to future-proof encryption. Additionally, blockchain technology offers tamper-proof solutions for data integrity, especially in supply chain security and decentralised systems,” Tripathi continues.
The role of third-party security services
For organisations struggling with resource constraints, engaging third-party security services can be a wise strategy. "Third-party services offer specialised expertise that many internal teams may lack, especially as cyber threats grow more complex," Tripathi notes.
Managed Security Service Providers (MSSPs) enhance real-time monitoring and compliance with regulations like SOC2 and GDPR, making them invaluable partners in today’s landscape.
Tripathi suggests that outsourcing security services can be a more cost-effective solution than building or expanding an internal security team.
CISOs: evolving amidst challenges
While the challenges of escalating cyber warfare are significant, Chief Information Security Officers (CISOs) are not necessarily on the losing side. "Although attackers are quick to adapt, CISOs can leverage emerging technologies and foster collaboration within the cybersecurity community," Tripathi advises.
He also suggests that the growing emphasis on collaboration and information sharing across the cybersecurity community has improved threat intelligence, making organisations more resilient. “Though the job has become more complex, CISOs have access to better tools and strategies, which means they’re not necessarily on the losing side. CISOs aren’t losing—they're evolving with the right tools.” Santosh Kumar Tripathi
Staying ahead of evolving threats
To stay informed—and ideally ahead—of evolving threats, CISOs must adopt a multifaceted approach. Continuous threat intelligence feeds, industry collaboration through Information Sharing and Analysis Centres (ISACs), and ongoing training for security teams are crucial. "Staying connected with industry peers and participating in cybersecurity conferences can provide insights that are invaluable," Tripathi adds.
He suggests that leveraging AI and automation helps proactively detect and mitigate new threats. Ongoing training and skill development for security teams ensures readiness for evolving attack vectors.
“Lastly, participating in cybersecurity conferences, research, and publications allows organisations to stay ahead of innovations and adapt quickly to the shifting threat landscape. Intelligence, collaboration, and AI keep CISOs ahead of the curve,” concludes Tripathi.
