Freely subscribe to our NEWSLETTER

With today (28 January) being Data Protection Day*, Kevin Curran, IEEE senior member and professor of cybersecurity at Ulster university, shares his thoughts for the year ahead:

“The cybersecurity landscape is always evolving, but the threat remains at large. Cybercriminals are starting to employ more advanced tactics, such as artificial intelligence (AI) to enhance attack efficiency. New ransomware groups continue to emerge, reflecting the ongoing profitability of these operations. Attackers are employing multi-pronged extortion techniques, combining data encryption with threats to leak sensitive information and launch distributed denial-of-service (DDoS) attacks. Critical sectors like healthcare and manufacturing will likely remain primary targets, as they cause the most disruption.

“The integration of (AI) into malware development is also an emerging trend. AI enables cybercriminals to create more sophisticated and adaptive malicious software; threat actors can better evade detection and exploit vulnerabilities. For instance, AI can automate the generation of polymorphic malware, which alters its code to bypass traditional security measures. AI-driven tools can also craft highly convincing phishing emails and social engineering attacks, increasing the likelihood of successful breaches.

“This year, as AI technology becomes more accessible, the volume of AI-generated malware will increase, posing significant challenges for organisations and security teams. Moving forwards, CISOs should have a holistic understanding and approach to cybersecurity. Adopting a ‘secure by design’ framework or zero trust policy will be key. This includes identifying which risks to avoid, accept, mitigate, as well as specific plans in each case. As well as establishing adept protocols for employee access, data storage, data backups, network security, compliance and recovery procedures.”