Matthew Lloyd Davies discusses the steps companies must take to stay ahead of malicious behavior and advanced threats.
“Periods of political instability have historically been accompanied by increased cyber activity and today’s situation is no different,” Matthew Lloyd Davies, chief security writer at Pluralsight, told SiliconRepublic.com.
He explained, state-aligned terror groups, criminal networks and politically motivated terrorists often exploit moments of tension, to launch malicious campaigns against world governments, infrastructure providers and private sector organizations.
In April alone there were several incidents of breaches of law and security reported by organizations dealing with sensitive information. For example, Dublin recruitment platform Healthdaq was recently hit by a cyberattack from hacker group XP95which says it has access to hundreds of thousands of files.
And in April, OpenAI said the organization will work to secure and revise the certification process for its applications running on MacOS following reports of a security problem involving a third-party development tool. It was also reported that a private Discord group could gain unauthorized access to Anthropic’s new AI model. Myths.
Lloyd Davies, noted, said: “Operations vary greatly in sophistication, some involving sophisticated espionage or prolonged infiltration by highly skilled actors, while others are sophisticated but still disruptive, such as distributed denial-of-service attacks, corruption campaigns, or the release of stolen data.”
He said, “The bottom line is that organizations don’t need to be directly involved in a country’s conflict to feel the impact. Shared infrastructure, third-party providers and cloud platforms create indirect ways in which cyber activity can spread globally. This means that cybersecurity teams must prepare not only for more sophisticated attacks, but also for the waves of opportunistic disruptions that often emerge.”
A skills safety net
The security industry is rapidly evolving to the point where threat actors and real professionals alike are increasingly using AI and other advances to create new opportunities. On top of that, employers are finding it difficult to build a consistent talent pool in an environment where cyber resilience now depends on defensive skills that are visible to all employees, not just certain groups.
“Developers, cloud engineers, IT managers and security teams must all understand how to build, deploy, and maintain secure systems. Without continued skill development in all of these roles, as global tensions rise and attacks become more sophisticated, even well-funded security systems can struggle to keep up with emerging threats,” he said.
Organizations that invest in improving their cloud and cybersecurity capabilities, across all employees, will find themselves in a better position to detect security threats early, respond quickly and adapt.
“This means going beyond reactive security measures and embedding cybersecurity capabilities in the broader technology workforce. Upskilling engineers in secure coding, strengthening cloud security technologies and ensuring security teams can effectively use emerging technologies like AI all contribute to a strong defensive posture.”
He suggested that organizations can benefit from letting go of traditional ideas of training such as a one-size-fits-all model and instead of taking skills based on roles or certifications, they should consider hiring based on competence, where companies quickly identify gaps, create teams that can adapt, learn new skills and adapt to threats as they occur.
Lloyd Davies said, “Training programs need to be aligned with real-world operational demands, drawing directly on the attack vectors that security teams face every day and the conflict situations that exist behind them. Infrastructure cannot be secured by theory alone. Context-based learning is essential.”
To be truly successful he said, “Cyber teams must be given opportunities to practice and hone their skills in safe sandbox environments and as cyber threats continue to grow, skill development must too. Organizations need to invest in simulation platforms and scenario-based exercises that mimic modern attack environments that include ransomware and identity compromise.
“Continuous learning without the risk of real-world consequences can allow teams to build confidence while staying updated on emerging threats. Equally important is embedding this learning into regular workflows, to avoid skill development being seen as a ‘one-off,’ so professionals can stay agile and ready to respond effectively to cyber-attacks.”
Don’t miss out on the information you need to succeed. Sign up for Daily BriefSilicon Republic’s digest of must-know sci-tech news.
