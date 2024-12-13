It’s that time of year where we, in the industry, attempt to be cyber soothsayers. A tall order – even more so when you’re trying to look ahead to 2030.

The cyber security landscape is in a state of flux, and the past five years has kept us on our toes. As I do my best to peer into the crystal ball of the late 2020s, it’s clear that the challenges facing CISOs and their teams will become even more complex. From the persistent threat of ransomware to the rise of cyber sabotage, the threat landscape is undergoing a big transformation. And the implications go beyond just the technical – the potential for personal liability for security leaders is also a looming issue that could reshape our roles.

Here are my thoughts on the exciting and chaotic opportunities that we might see emerging in the next five years.

Sabotage on the rise Ransomware will persist, but a blurring of cyber and physical sabotage attacks targeting critical infrastructure specifically may become more prevalent. This is due to the blurred lines between state-sponsored and criminal activities. Sabotage in cyber security means intentionally causing damage to, or manipulation of, digital data or systems, with the intent to disrupt operations, cause damage, or compromise security. Cyber attackers may aim to disrupt operations and compromise the integrity of computer systems and networks. This malicious activity can have severe consequences ranging from temporary disruption to serious long-term issues, financial losses, and data breaches. Sabotage is interesting as it represents a departure from where we were five to 10 years ago in the cyber security landscape. Previously, cyber security professionals didn’t have to consider sabotage as a primary threat – but that’s changing. The interesting thing here is that cyber sabotage isn’t new, but the impact that it can have is increasing and will continue to do so. Recent incidents that suggest sabotage is more of a concern, exemplified by the Nord Stream gas pipeline attacks and a recent fibre optic cable incident in the Baltic Sea. These types of physical attacks on critical infrastructure are being viewed as potential acts of sabotage. Sabotage is quite a political issue, which means cyber security professionals may need to be careful in the coming years to avoid getting involved in sensitive geopolitical matters.