Insights from CyberUK 2024: Future Tech, Future Threats, Future Ready

I recently attended CyberUK 2024, the U.K. government’s flagship cybersecurity. As a delegate, I’d like to share my experiences and insights from this event. 

CyberUK is a global forum for cybersecurity discussions, providing a platform for leaders and professionals in the field to exchange ideas and tackle challenges. The event was a melting pot of minds from various sectors and countries, including government agencies, academia, and industry. Notable participants included GCHQ, NCSC, The White House, CISA, Canadian Centre for Cyber Security, ICO, NSA, Google, Microsoft, and Oxford University. 

This year’s theme, “Future Tech, Future Threat, Future Ready”, set the tone for the conference, which was neatly divided into three streams. In the following sections, I’ll share my thoughts under these headings, keeping it light and avoiding any deep dives into complex topics. 

Future Tech: AI and Quantum Computing 

As we await the advent of full-blown quantum computing, we grapple with the challenges of generative AI and build our problem-solving muscles for the “future tech” to come. 

• AI plays a pivotal role in cybersecurity, but it’s a double-edged sword. While it can enhance defender capabilities, adversaries can also exploit it. 

• Generative AI can bridge the skills gap by automating routine tasks, allowing security professionals to focus on critical alerts and strategic improvements. A good example would be security engineers in SOCs bogged down by manual tasks being freed up to focus on critical alerts and improvements.  

• Securing data sources for large language models (LLMs) is crucial to prevent data poisoning and manipulation by adversaries. 

• Quantum computing remains a wildcard. Its arrival could threaten public-key cryptosystems, compromising confidentiality and integrity. 

Future Threat: Technical Debt and the Growing Influence of China 

Threats come from within and without as we head into a new age of technology and advancement. Internal vulnerabilities are ours to correct, while external threats are ours to study, know, and prepare against.  

• The internet’s non-secure design poses a significant problem. Correcting this technical debt is essential. 

• Continued use of non-memory-safe languages creates vulnerabilities that attackers can exploit. 

• China’s growing influence: 

  • China has emerged as a major threat in cybersecurity.

  • China-backed hacking network, Volt Typhoon, aims to pre-position itself in critical U.S. infrastructure for future sabotage. 

  • China’s lack of transparency in sharing cybersecurity progress raises concerns. 

  • Their use of generative AI for reconnaissance and rapid vulnerability reporting legislation adds to the growing concern. 

Future Ready: Collaboration and Resilience 

We are seeing more willingness to reach across the aisle and offer cross-collaborative support to our cybersecurity allies in other – even competitive – organizations. Here, the words of Abraham Lincoln hold true: “A friend is one who has the same enemies as you have.” 

• Building partnerships across academia, public, and private sectors is critical to “out-cooperate and out-innovate our adversaries”. 

• The changing victim landscape includes health services, schools, libraries, and small businesses who need cross-industry support. 

• Prioritizing secure-by-design practices and resilience over defense is essential. 

Inspired by CyberUK 2024, I’m energized by the potential to counter threats through partnerships, allyship, and technology. At Fortra, these principles resonate deeply with our core values. We believe in collaborative efforts to protect our customers and this mission drives us daily. Knowing that our work contributes to a safer digital world fuels our passion and commitment.