The field of cybersecurity has advanced significantly since computer programmer Bob Thomas created the Creeper virus in 1971. Although this virus, which targeted the Advanced Research Projects Agency Network (ARPANET), was not a malicious virus, it marked an important moment in cybersecurity history. Over 50 years later, cyber attacks have grown increasingly malicious and become a significant threat to society.

Technologies, such as Artificial Intelligence (AI) and Internet of Things (IoT), bring new challenges and risks that must be addressed to maintain robust cybersecurity. For example, although AI can help improve defences against cyber attacks, it can also increase the threat by enabling automated malware.

While these digital technologies expose organisations to new threats, they are also becoming increasingly essential for organisations to manage and protect themselves. For instance, quantum computing will enable the implementation of complex and potentially very secure cybersecurity protocols. Such technologies offer significant opportunities for both individuals and organisations.

Despite these technological advancements, it remains crucial to stay vigilant about potential threats. Understanding the tools and techniques used by cybercriminals and knowing how to secure yourself and your organisation is essential for maintaining (cyber)resilience. In recent years, incidents within the education sector have highlighted the significant damage that can result from a seemingly harmless click by a so-called patient zero.

An understanding of how technologies can and could potentially shape the future of cybersecurity is essential. Therefore, this chapter has been included in the SURF Tech Trends to explain how new threats are emerging and to highlight the opportunities arising from technologies that have become integral to daily life. As society grows increasingly reliant on digital systems, cybersecurity and cyber resilience have become vital components of organisational strategy and operations. Organisations must focus on protecting (sensitive) data, complying with evolving policies and regulations (such as the EU Cyber Resilience Act), addressing the vulnerability of IoT devices to malicious attacks or unauthorised control, and mitigating emerging threats.

Authors
Anna Gerasymenko (Leiden University), Martine Groen (Hogeschool Utrecht), Mick Deben (MBO Digitaal), Rob Gerritsen (formerly Graafschap college), Nicole van der Meulen (SURF)