-
Featured services
Think beyond the robots
The successful integration of AI and IoT in manufacturing will depend on effective change management, upskilling and rethinking business models.
Read the blog -
Services
Leverage our capabilities to accelerate your business transformation.
-
Services
Network Services
Popular Products
-
Services
Cloud
Popular Products
-
Cloud Architecture and Modernization
Discover how to achieve your business goals through cloud modernization practices, that deliver improved agility, reusability and scalability.
-
Cloud Optimization
Discover how to maximize operational excellence, business continuity and financial sustainability through our cloud-advanced optimization services.
-
-
Services
Consulting
-
-
Services
Data and Artificial intelligence
-
Services
Technology Solutions
Client stories
-
Services
Global Data Centers
-
Services
CX and Design
-
Services
Application Services
-
Services
Sustainability Services
-
Services
Digital Workplace
-
Services
Business Process Services
Master your GenAI destiny
We’ll help you navigate the complexities and opportunities of GenAI.
Explore GenAI -
-
-
Insights
Recent Insights
-
The Future of Networking in 2025 and Beyond
-
Using the cloud to cut costs needs the right approach
When organizations focus on transformation, a move to the cloud can deliver cost savings – but they often need expert advice to help them along their journey
-
Make zero trust security work for your organization
Make zero trust security work for your organization across hybrid work environments.
-
-
Master your GenAI destiny
We’ll help you navigate the complexities and opportunities of GenAI.
Explore GenAI -
-
Master your GenAI destiny
We’ll help you navigate the complexities and opportunities of GenAI.
Explore GenAI -
Discover how we accelerate your business transformation
-
About us
CLIENT STORIES
-
Liantis
Over time, Liantis – an established HR company in Belgium – had built up data islands and isolated solutions as part of their legacy system.
-
Randstad
We ensured that Randstad’s migration to Genesys Cloud CX had no impact on availability, ensuring an exceptional user experience for clients and talent.
-
-
CLIENT STORIES
-
Liantis
Over time, Liantis – an established HR company in Belgium – had built up data islands and isolated solutions as part of their legacy system.
-
Randstad
We ensured that Randstad’s migration to Genesys Cloud CX had no impact on availability, ensuring an exceptional user experience for clients and talent.
-
-
Sponsorships
CLIENT STORIES
-
Liantis
Over time, Liantis – an established HR company in Belgium – had built up data islands and isolated solutions as part of their legacy system.
-
Randstad
We ensured that Randstad’s migration to Genesys Cloud CX had no impact on availability, ensuring an exceptional user experience for clients and talent.
-
Everest Group PEAK Matrix® Assessment
NTT DATA is a Leader and Star Performer in the Everest Group Sustainability Enablement Technology Services PEAK Matrix® Assessment 2024.
Get the Everest report -
- Careers
Topics in this article
What is the biggest cyberthreat of tomorrow?
“Of course attackers can do that, but I’ve only ever seen it once, so it’s not a risk I’d worry about until we see data that shows it happening regularly in the wild…” – anon Recently, whilst enjoying a pint of craft beer at a local Brisbane brewery (Sea Legs Brewing Co., right near the Story Bridge in Kangaroo Point; I highly recommend it!), a fellow cyber professional uttered words to the effect of the quote above. The beer was excellent, the food was fantastic, and the conversation was even better, but this remarkably common statement points at a far more fundamental question for the cyber industry:How do cyber defenders keep missing attack trends until after they have already happened?
In the early 2000’s, during intelligence analyst training at a military base just inland of the Gold Coast, my fellow students and I learnt an important lesson that might help to answer this question.
“Your role is to think like the adversary and make sure your leadership understands what the red team’s most likely and most dangerous courses of action might be.”
The logic is that if we know what the bad guys will probably do, and what the worst they could possibly do, and if we defend against both, then we’ll probably keep everyone in our organization safe. This logic is as critical for cyber defenders as it is for defence operations.
In the relentless pursuit of data-driven cyber operations, I wonder if our industry has tended towards lag indicators of the most likely course of action, and in doing so, lost sight of some lead indicators, and of ‘what might be’ around the most dangerous course of action?
Here’s an example. Web Application Attacks Grow Reliant on Automated Tools (darkreading.com). This trend, the move toward automated attacks (application-based DDoS in this case) is hardly new, but as recently as a year ago, there were a number of suggestions that predictions around automated attacks from reports such as Recorded Future's report on Combating the Underground Economy's Automation Revolution (recordedfuture.com and NTT’s 2020 Global Threat Intelligence Report (among many others!) were unwarranted as there weren’t ‘many such attacks in the wild’ yet. Clearly, history has already proven that automation is indeed a rapidly growing feature of cyberattacks!
At what point does something become a trend?
In cybersecurity, if we wait until something has become frequent before we call it a trend, then by definition, it’s already too late for the many organizations that have already fallen victim to it. And yet, many cyber decision makers have been conditioned to dismiss forecasts until there is enough actual data to show a trend. Data is important, but our interpretation of it is even more critical.
Data with instinct
Dashboards are great, but when we analyze them, we must do so from the bottom up. The frequency of a particular IOC is interesting, but irrelevant in and of itself. We must look deeper; a single instance of an attack that worked, where the reasons why it worked apply to a broad industry vertical or technology type, and where it made the attacker a great deal of profit is far more likely to re-occur than an attack type that has been seen 1,000 times but has yet to deliver any profit to the threat group that perpetrated the attacks. As cyber professionals, our instincts should be attuned to where history is likely to repeat itself; we don’t need more data to call this the most likely course of action, we’ve got all the lead indicators we need and we shouldn’t look at lag indicators, like how often something has occurred to date, in isolation to drive our assessments on tomorrow’s risk.
Cyber defence with attitude
As cyber professionals, thinking like an attacker is critical… What’s the most dangerous course of action? If you were the threat actor and wanted to maximize your profit, how would you use the assets at your disposal against those of the defender? What would you do? And I don’t mean what could you do, I mean what would you do – how would you break into the bank? Or the insurer, the school, the hospital or other organization that needs to be defended? This top down approach to threat-analysis requires imagination, but it helps a defender to ensure that they aren’t just defending against the highest volume threats, but also the ones that could generate the maximum harm to their business.
With all of this in mind, the question of ‘what’ is the biggest cyberthreat of tomorrow?’ is still not an easy one to answer. Indeed, the landscape is changing so quickly that there really isn’t an all-encompassing answer that would be remotely accurate for more than a few moments. However, as long as we don’t rule out anything because it’s not yet prevalent, and as long as we think about the most likely and most dangerous courses of action for the bad guys each and every day, as cyber defenders, we should be able to keep those we defend safe. And, if you ever hear a fellow cyber professional talk about lag indicators as gospel, make sure you ask them some very difficult questions!