What the Last 20 Years Tell Us About the Future of Cybersecurity

Insights
Written By Marie Garcia

Key Insights

Cyber security resilience is not achieved through reliance on a single tool or an idealised architecture. The organisations that remain robust are those that accept complexity, design for failure, and prioritise layered defence over convenience. This article explores how historical incidents and emerging threats should reshape how we think about cyber risk, it includes:

  • Why even mature security platforms can introduce systemic failure, as demonstrated by the CrowdStrike outage and the risks of fast release cycles without sufficient validation.

  • The dangers of over reliance on single vendors or consolidated security stacks, and how this undermines defence in depth principles.

  • How architectural decisions such as kernel level access and privileged execution environments can amplify the impact of software defects.

  • Why cyber resilience is not just a vendor responsibility, but a shared accountability across architects, IT leaders, and procurement decisions.

  • The expanding attack surface of modern infrastructure, including cloud dependency, DNS and routing layer fragility, and physical infrastructure risks such as submarine cables and power systems.

  • The emergence of low probability, high impact threats driven by technological convergence, including quantum computing, AI enabled attacks, and critical infrastructure interdependencies.

  • Why future readiness depends on diversity of controls, post quantum preparedness, and building adaptive, multi layered security rather than reactive vendor replacement.

Full insight below or click here to skip to key takeaways.
Read time: 12 minutes

 

The past two decades have seen an unprecedented evolution in the landscape of cybersecurity. From the early days of widespread viruses, worms, ransomware like WannaCry, Conficker, Heartbleed, to sophisticated, state-sponsored cyber espionage operations like Stuxnet and SolarWinds, the trajectory has been clear: cyber threats are becoming more complex, more frequent, and more impactful.

The Lessons from CrowdStrike

The recent global outage caused by CrowdStrike's security platform underscores a critical lesson: even the most advanced cybersecurity solutions are not infallible. This outage could have been avoided perhaps if only lessons had been learned from a similar incident on their Linux-based clients (June 24). Unfortunately, CrowdStrike's fast-paced culture struck again, this time hitting Windows-based systems hard and again due to the inadequate release and testing processes.

Much of the global press misattributed the issue to Microsoft, but the root cause of this issue lies deeper. Starting with the kernel drivers being allowed to run in Ring Zero – why? - because we want performance. The original Windows New Technology NT design called for the drivers to run on higher rings thus preventing the BSOD, the compromise was made with the introduction of NT4, with the use of tooling such as signed drivers, validation testing, memory protection etc; and so in my view, it is somewhat negligent that CrowdStrike failed to do this and were allowed to do so.

As architects and IT managers, we bear responsibility too. Relying too heavily on a single tool, and not ensuring adequate testing from the supplier.

CrowdStrike marketed itself on rapid threat detection and mitigation, a necessity in the face of zero-day vulnerabilities. It provided a formidable shield, making detection difficult and systems almost impregnable to penetration testers. However, the bigger picture reveals that our reliance on such tools must be balanced with diversity and resilience if we are to keep to our defence in depth approach, here we have sacrificed the depth for pace and this is the time to look again at this.

The many risks on the horizon

The CrowdStrike outage is a stark reminder of the risks ahead. I list some potential catastrophic failure scenarios which we may face in the future, how ready are we for them – yes CrowdStrike’s lack of testing was the cause but could it have happened with Microsoft’s own defender? Here are some other in-our-face catastrophes waiting for us:

  1. Firmware Upgrades: Frequent and critical firmware updates increase the risk of flawed updates causing widespread hardware failures. A compromised CPU microcode update for all X86s could brick the CPUs via an OS upgrade.

  2. DNS Outages: The Domain Name System (DNS) is the backbone of the internet. Significant disruptions could render the internet largely inaccessible.

  3. BGP Misconfigurations: The Border Gateway Protocol (BGP) routes data across the internet. Errors or malicious attacks could lead to large-scale internet outages.

  4. Cloud Provider Failures: Major cloud providers like Azure and AWS host vast amounts of critical data and services. A major failure or attack could have a cascading effect on global internet services.

  5. Solar Storms: Extreme solar weather can disrupt satellite communications, GPS, and power grids, leading to a multi-faceted global crisis.

  6. Submarine cable attack: Miles of unprotected cables represent a target for people who want to cause disruption.

The Unseen Threats

While these risks are prominent, I wanted to ask what’s going to come left field, the less obvious threats. Here are my top five obscure yet plausible catastrophic scenarios:

  1. Quantum Computing Breakthroughs: Advances in quantum computing could render current encryption standards like AES-256 obsolete, exposing sensitive data to unprecedented risks.

  2. AI-driven Autonomous Systems: AI could be weaponised to create self-learning, autonomous hacking systems that evolve faster than human defences can adapt.

  3. Smart City Infrastructure Attacks: As cities become more interconnected, attacks on smart infrastructure could paralyse essential services, from traffic control to emergency response systems.

  4. Biohacking and Synthetic Biology Threats: Convergence of cyber and bioengineering technologies could lead to cyberattacks on biotech facilities, creating harmful biological agents.

  5. Global Software Supply Chain Attack: A large-scale supply chain attack could introduce vulnerabilities into widely-used software, potentially affecting millions of systems worldwide.

Single Supplier vs. Diverse Solutions

The CrowdStrike incident also raises questions about relying on a single cybersecurity supplier. Before choosing CrowdStrike, had we considered the pros and cons of using a single supplier, simplified management and integration we loved the cost savings and consistent security by policy but at what cost?

The Road Ahead

Looking forward, the balance between performance and security remains critical. As quantum computing looms on the horizon, the transition to post-quantum cryptography will be essential and organisations should be preparing for this eventuality. Robust, multi-layered cybersecurity strategies incorporating diversity and resilience are more pressing than ever. The future of cybersecurity requires not just technological advancements but a fundamental shift in how we approach and manage our digital defences.

The most notorious cyber groups often blur the lines between financial motivation and nation-state backing. Continued spending on cybersecurity is essential, however, a knee-jerk reaction to replace CrowdStrike with another product won’t help. We must learn from these incidents and build a more resilient complete cybersecurity framework.

 

Key Takeaways for Businesses

  • Avoid over reliance on single cybersecurity vendors or highly consolidated security stacks, ensuring resilience is achieved through diversity and layered controls rather than dependency on one provider.

  • Treat cyber security as a shared organisational responsibility, where architects, IT leadership, and procurement decisions collectively shape resilience and reduce systemic risk.

  • Prioritise defence in depth over speed and convenience, recognising that optimisation for performance or rapid deployment can introduce significant operational fragility.

  • Design for failure across the wider technology ecosystem, including cloud providers, DNS and routing infrastructure, and critical physical dependencies such as subsea cables and power systems.

  • Plan for emerging high impact risks, including quantum computing disruption, AI enabled autonomous attacks, and large scale software supply chain compromise.

  • Focus on long term resilience through adaptive, multi layered security architectures rather than reactive vendor replacement or short term fixes.

By embedding resilience into architecture, supplier strategy, and forward looking risk planning, organisations can reduce systemic exposure and build cyber security models that remain robust under real world conditions.

 

Credits

Aaron Garcia

Platform Smart Associate - Principal Consultant

LinkedIn

 

Cyber resilience is no longer defined by individual tools or isolated controls, but by how well organisations design for failure across an interconnected digital ecosystem. From supplier dependency to infrastructure fragility and emerging systemic threats, the challenge is to build security that can withstand disruption rather than assume it will not occur.

If you are looking to strengthen your cyber security strategy and build a more resilient, risk aligned approach to managing modern threats, get in touch today.

Send Message
Marie Garcia
Previous

How Do You Collaborate with Partners to Enhance Internal Capability Effectively?
Next

Business Analysis: Powering Business Strategy and Growth