About this series: Ahead of Mandiant’s 2024 mWise event in Denver Sept. 18-19, we’re talking to security industry influencers about the current state of security—specifically the topics, challenges, and opportunities that are on the mWise agenda.
The cybersecurity landscape is constantly evolving, with new threats and challenges emerging at an unprecedented pace. Theresa Payton, CEO of Fortalice Solutions, LLC, and former White House CIO, brings a unique and comprehensive understanding of what lies ahead. In this discussion, she delves into the most pressing cybersecurity challenges defenders will face over the next 2-5 years, offering predictions and strategies to stay ahead of the curve.
As someone who has dealt with the challenges of cybersecurity from the vantage points of financial services, as a CEO, and as a former White House CIO, what do you see as the greatest cybersecurity challenges defenders will have to confront in the next 2-5 years?
Payton: I have a few predictions for 2025 that may give a clearer picture of what lies ahead:
Prediction #1: Masquerade - Spies Among Us: In 1950, Alan Turing introduced the Turing Test to measure if a machine could exhibit human-like intelligence. Now, 75 years later, I predict that rogue nation-states will use generative AI and Deepfakes to create personas capable of passing this test. These AI-generated personas and virtual assistants will seamlessly blend into society, from workplace meetings to social media, allowing these nations to commit political and economic espionage by building and exploiting trust.
Prediction #2: Silhouette of Deceit - Biometrics Stolen and Reproduced: As the world embraces biometric technologies for security, although there is great promise to improve authentication, I foresee a darker side. With biometric usage set to double by 2025, criminals will exploit vulnerabilities, using 3D printers and data breaches to replicate biometrics. By combining these replicas with AI and Deepfakes, they’ll create convincing forgeries to bypass security systems, leading to widespread digital and physical breaches, theft, and espionage.
Prediction #3: Echoes of Deceit - Misuse of Deepfake and AI Technologies: In the aftermath of the 2024 U.S. election, I predict that 2025 will see an unprecedented wave of political manipulation. Nations like China, Russia, Iran, and North Korea will deploy advanced AI to create counterfeit documents, audio, and video, influencing public opinion and deepening societal divides. Fact-checkers and media outlets will struggle to keep up, as these AI-powered campaigns blur the lines between reality and fabrication.
Prediction #4: Codebreakers - Hacking Security Platforms and Operational Workflows: By 2025, a significant portion of security operations will be automated, creating new vulnerabilities. I anticipate that criminals will exploit these automated systems, using AI to mask intrusions and erase their tracks. Much like in a Hollywood thriller, these bad actors will manipulate security feeds and workflows, making it appear as though everything is normal while they carry out their attacks undetected.
Prediction #5: Bot Betrayal - Unleashing Chaos in the Code: As Fortune 500 companies increasingly rely on chatbots for customer service, I predict that cybercriminals will uncover hidden flaws in these systems. By exploiting these vulnerabilities, they will access and steal sensitive customer data without detection. The compromised chatbots will continue to operate as usual, making the breach difficult to detect until it’s too late.
When it comes to the best path forward, what is the security sector currently doing right, especially when it comes to shaping a workforce that’s more diverse and supportive of women and neurodiversity?
Payton: The security sector has made commendable strides but more work needs to be done. Initiatives to attract and support people from all walks of life from high school graduates to those changing careers and inclusion of women and neurodiverse individuals are reshaping the industry.
For instance, depending upon the research report you read, women now make up over 15% of the cybersecurity workforce, a significant increase from previous years. Many organizations are implementing mentorship programs, providing scholarships for underrepresented groups, and fostering inclusive workplace cultures.
These efforts are essential in building a diverse talent pool, which enhances creativity and problem-solving within the cybersecurity field. We need everyone to join the good fight and the industry's recognition of the value of diverse perspectives is a significant step forward.
There remain significant barriers to entry in the cybersecurity field. Many hiring organizations still require applicants for entry-level positions to have extensive work experience, advanced degrees, and costly certifications. This practice must change. Hiring managers should create straightforward onboarding pathways for entry-level roles and provide comprehensive on-the-job training to build a skilled and diverse workforce.
Follow-up to question 2: Where does the industry continue to fall short and what should we be doing about that?
Payton: Despite the progress made, the industry still struggles with attracting and retaining talent. One significant issue is the tendency for organizations to poach talent from one another rather than nurturing their own. To address this, organizations should develop clear career progression pathways, offer flexible working arrangements, and actively tackle unconscious biases in hiring and promotion processes. Additionally, continuous education and awareness programs highlighting the benefits of diversity are essential for fostering an inclusive and dynamic workforce. I’d like to see more tech firms sponsor programs to get young people more interested in STEM fields especially cybersecurity. We should be investing in the future protectors of our Nation’s assets.
How do you see the current state of election security/integrity?
Payton: Maintaining election security and integrity is crucial for sustaining public trust in democratic processes. This is why I updated my book, Manipulated: Inside the Cyberwar to Hijack Elections and Distort the Truth. While notable advancements have been made in safeguarding freedom of speech, identifying misinformation and disinformation, and encouraging states to secure their voting infrastructure, challenges remain. The FBI and DHS’ CISA released a public service announcement that they are worried about election cyber interference such as DDoS attacks. There is the ongoing fight against misinformation campaigns. A striking statistic from a recent study by the Bipartisan Policy Center reveals that 82% of Americans are concerned about the security of the country's election system. Continuous monitoring, incident response planning, and public awareness campaigns are essential to uphold election integrity and public confidence.
I have to ask the AI question – Your thoughts on its potential to move the business of cybersecurity forward, and your thoughts on its potential misuse?
Payton: AI holds tremendous potential for advancing cybersecurity. It can enhance threat detection, automate the security operations center team’s incident responses, and provide predictive analytics to identify vulnerabilities before they are exploited. AI-driven tools can process vast treasure troves of data, like access logs quickly. A market research report by “Markets and Markets” predicts that by 2028, AI in cybersecurity is expected to grow to a $60 billion market. However, the misuse of AI poses significant risks. Adversaries can use AI to develop more sophisticated attacks, such as AI-driven phishing schemes and automated hacking tools. It's imperative for the cybersecurity industry to develop ethical guidelines and robust security measures to mitigate these risks while harnessing AI's benefits responsibly.
