The past and future of cybersecurity

Welcome to the new 65 cyber warriors who joined us last week. Explore our weekly delivery of inspiration, insights, and exclusive interviews from the global BHMEA community of cybersecurity leaders.

Keep up with our weekly newsletters on LinkedIn — subscribe here. 

Discover insights and exclusive interviews with the global Black Hat MEA community, in your inbox every week. 

This week we’re focused on…

The last five years and the next five years in cybersecurity. 

Why? 

Because we asked Kirsten Davies (Founder of Institute for Cyber; three-times Fortune 500 CISO) and Umer Khan (CIO and Senior VP of Software Engineering at Relativity Space) to tell us two things: 

1. An unexpected cybersecurity development that has surprised them the most over the last five years.
2. One change they’re predicting in the field over the next five years. 

What did they say about the last five?

Looking back, Kirsten focused on a positive: she said it’s been “a delight” to observe the “broad adoption of innovative, startup technologies.” 

There’s been a shift among CISOs of major organisations away from only using established, well-known technologies, to adopting innovative solutions that are coming out of the startup ecosystem – “from companies which are largely pre-IPO, and many have remained as ‘stand-alones’ and not gone the route of being acquired by bigger companies to fold into their ‘platform of solutions’ – which is often the death knell for innovation (sorry, not sorry).” 

The result is that investment and venture groups have more and more influence on the “shape, scale, and capabilities” of our defences. “We’re seeing a rapid and positive evolution in the defenders' space,” Kirsten said, “because these investment and venture groups are incorporating the voice of their CISO customer into their investment decisions, and the evolution and development cycles of the solutions themselves.” 

For Umer, the proliferation of cybercrime-as-a-service platforms has been one of the most surprising recent developments in cybersecurity. 

From Ransomware-as-a-Service (RaaS) to DDoS-as-a-Service, “these platforms have made sophisticated attacks accessible even to non-technical individuals, transforming cybercrime into a highly organised and scalable business model.”

And it’s not just that these services are available – but also that they operate much like legitimate businesses, providing customer support and guaranteed results. They’re very accessible – and that makes them very dangerous. 

And the next five years? 

Umer predicts that cybersecurity teams will need to undergo significant restructuring in the coming years. 

Centralised cybersecurity teams are, increasingly, not fit for purpose – they “cannot possibly possess the granular knowledge necessary to secure such a diverse ecosystem effectively while staying ahead of rapidly evolving threats.” 

Instead, organisations will need to change the way they structure their teams and operations, using centralised teams to set overall strategies, policies, and governance – but working with distributed cybersecurity subject matter experts (SMEs) embedded within different teams across an organisation:

“These SMEs, specialised in their individual areas, bring deep, domain-specific knowledge that complements the centralised team’s broad oversight.” 

Umer said this hybrid approach will be characterised by decentralised expertise, centralised coordination, and cross-team collaboration; and critically, centralised teams will focus on enabling distributed teams to do their work effectively – rather than on attempting to control every aspect of the entire environment’s security.   

Want to learn more? 

Dig deeper into Kirsten and Umer’s perspectives on the blog this week. 

Start here: Looking back: The most surprising changes in cybersecurity

Join us at Black Hat MEA 2025 to grow your network, expand your knowledge, and build your business.