What issues will CISOs have to deal with in 2025? Two experts take a look at the future and outline possible strategies. Spoiler: The future isn’t going to be completely different.
Text: Andreas Heer, Pictures: Swisscom
12 December 2022
What will cybersecurity look like in 2025? It’s only two years away. Nevertheless, in a survey of Swisscom Business Days participants, the vast majority did not yet have a strategy or did not want to comment specifically on this topic. Martin Weder, CISO of Zürcher Kantonalbank (ZKB), and Marco Wyrsch, CISO of Swisscom for Business Customers, explained what things might look like.
The two CISOs do not think the threat status in 2025 will be significantly different to the current one. ‘We have to anticipate being affected by a cyber attack at some point and therefore increase our cyber resilience accordingly,’ says Martin Weder, summing up the goal of the fourth-largest Swiss bank. This includes better protection against ransomware to detect and stop attacks as early as possible – before data is encrypted and business operations are compromised. And before ransom demands are made: ‘I expect that by 2025, the hurdles for paying ransoms will be higher, either on the part of insurance companies or due to legal regulations,’ predicts Martin Weder.
The ongoing networking of in-house and external systems means that monitoring the software supply chain is gaining in importance. This is demonstrated by events such as log4shell in December 2021. ‘We need to better monitor such risks so that we can react immediately in the event of a security breach,’ says Weder. According to the ZKB CISO, one approach to this is SBOM, software bills of material, a kind of general goods list for software components and libraries. This makes it easier for companies to determine which libraries they use. It allows companies to quickly identify whether they have been affected by a security vulnerability.
The cloud solutions from various providers that are ubiquitous today offer a different starting point. Their use will continue to increase until 2025. ‘We need to ensure the same basic protection as on-premises across different technologies,’ says Martin Weder, summarising the challenges.
Marco Wyrsch adds another aggravating factor: ‘With cloud solutions, there is an additional challenge for companies to ensure the protection of additional environments with the same resources.’ This doesn’t necessarily have to be for financial reasons, but may simply be due to a shortage of skilled workers – a factor that both CISOs consider aggravating.
To further develop the required level of protection, ZKB has developed a security model. Essentially, it involves identifying and periodically evaluating the skills required in the organisation in the future. A current situation analysis serves as the basis for the security strategy. ‘Building on this, we systematically ask ourselves what degree of maturity we want to achieve in which area. This determines the measures we take,’ says Martin Weder of ZKB’s approach.
IT security must continue to evolve. This is not so much down to the cybercriminals’ attack patterns, but to the ongoing development of IT itself. According to Marco Wyrsch, hybrid and multi-cloud approaches are opening up additional attack vectors and raising new questions about data security: ‘Where is what data stored and how well is it protected?’
Access control and thus identity management are becoming increasingly important in the cloud. ‘We have to adopt new security models, such as the zero-trust approach,’ says Wyrsch. ‘This is an ongoing development of architecture that takes time and requires a step-by-step approach.’
But the cloud also offers new opportunities for cybersecurity, says Weder: ‘Cloud-based security measures such as modern XDR (extended detection and response) solutions already help to better protect on-premises infrastructure and thus increase maturity.’