The present situation has primarily been shaped by digitalization and technological advances, which have accelerated in recent years—accompanied by demands from an increasingly technically demanding environment. Today, the society depends on having digital solutions for applications such as production, information and communication function without interruption. It will become even more important for countries and government authorities to develop clear legal requirements and regulations that help operations protect sensitive information and infrastructure. As the number of hostile actors increases and the attacks get more advanced, it is vital for these operations to make it a priority to conduct methodical and continuous security risk management. In a changing world where both workplaces and communication technologies are evolving, security must be integrated with accessibility.
Cybersecurity is based on different capabilities—namely, detection and protection—that must be balanced to provide the most complete protection possible. It is not enough to focus on the protection capabilities and forget to integrate detection capabilities into the security work. According to the MSB report Cybersecurity in Sweden 2020—recommended security measures (Cybersäkerhet i Sverige 2020 – rekommenderade säkerhetsåtgärder), organizations within government authorities, municipalities and regions ought to introduce some type of function to detect cyberattacks. One recommended measure stated in the report is for organizations to implement a Security Operations Center (SOC). An SOC uses both automated and manual methods to analyze log data and monitor networks in order to detect anomalies in the system. If such a detection capability is not established, for example with an SOC, attackers may be able to hide their existence in critical systems, and undesirable activities may be able to take place without detection. In many cases, cyberattacks are not discovered until they have a tangible impact on day-to-day operations.
“It’s actually not possible to completely predict what types of attacks we can expect in the future. On the other hand, we can guarantee that the number of cyberattacks will increase and operations must work according to the theory that it’s a matter of when, not if, they will be hit by a cyberattack,” says Leif Nixon, Cybersecurity Expert at Sectra Communications.
One of the major threats to future-proofing confidentiality for sensitive and classified information is quantum computers, advanced supercomputers that can perform certain types of calculations much more efficiently than today’s computers and may therefore pose a threat to the encryption methods used today. In some organizations, current security solutions must be able to protect information for the next 30 to 40 years, which means that it’s important for new security solutions to be built on quantum secure principles.