Cybersecurity threats are escalating in scale and sophistication, and organisations around the world are scrambling to keep pace with the evolving digital risk landscape. Governments and corporations alike face increasing pressure to strengthen cyber resilience as attacks extend across critical infrastructure, supply chains and data systems with growing frequency.
At the forefront of national and global efforts to understand and counter these threats stands Michael Daniel, President and CEO of the Cyber Threat Alliance. With more than two decades of experience in federal security, he previously served as Cybersecurity Coordinator for President Barack Obama, leading the development of national cybersecurity strategy and policy and forging collaborative partnerships between government, industry and international actors.
Daniel’s unique combination of strategic insight, policy leadership and risk management expertise has made him one of the most respected voices in cybersecurity today. His work helps organisations reframe cyber risk as a business imperative rather than a technical afterthought. In this exclusive interview for the IT Security Guru, carried out by the Champions Speakers Agency, Michael Daniel shares his perspectives on the evolution of cyber threats, practical strategies to strengthen organisational defences, and how emerging technologies are reshaping the future of cybersecurity.
How have cyber threat actors evolved in sophistication and organisation over the past decade, and what does this mean for enterprise security teams?
“I would say that over the course of the 15 or 20 years that I have been involved with cyber security, some of the biggest changes have been the professionalisation, if you will, of cyber crime. If your image of the cyber criminal is still the guy in the hoodie living in his mother’s basement, that is not really the type of adversary we face today.
“Cyber criminals are highly organised. They run it like a business. It is diversified, they are specialised, different groups carry out different pieces of the process, and they are very interconnected and highly developed. My joke is they have definitely read their Harvard Business School cases, they have read their Adam Smith, and they really run these operations like a business. That has probably been the single biggest change.
“Another change that I would highlight is that many nations have now discovered that carrying out operations in cyberspace is beneficial to them from a national security or foreign policy standpoint. There are considerably more actors in cyberspace than there used to be.
“That said, for the United States and most of Western Europe, the primary adversaries actually remain the same: Russia, China, Iran, and North Korea. It is actually remarkable how stable those sets of adversaries have been over the last 15 to 20 years.”
What practical steps should organisations prioritise to strengthen their cybersecurity posture beyond technology investments?
“When you talk about strengthening your cyber security strategies, it is usually good to start with the basics. In other words, start with what it is that you are actually trying to do, because you are not just strengthening your cyber security to protect the machines. You are strengthening your cyber security to protect your business.
“That is why I think it is important to make sure that you have the basics in place, meaning the foundational activities. Start with a management framework, something like the NIST cyber security framework, that helps you think about how to approach cyber security from an executive standpoint.
“You have got to know what assets you have, what assets you want to protect, why you are protecting them, and then think a little bit about what you are trying to protect them from. Do you have the capabilities in place to protect those assets, whether that is the data, the personal information of your customers and clients, or your intellectual property?
“Can you detect if you have an intrusion that is active, or if something is going wrong? How do you respond to that incident, and how can you recover from that incident if one occurs?
“Underlying all of this is your governance structure. How are you set up to actually manage cyber security in your business? You will notice that in this laydown I did not really talk about technology specifically. Technology is a piece of it, but it is only one piece of the puzzle.
“In fact, the solution for many businesses may be changing processes, adopting new policies, or looking at their organisation differently. It may not involve buying a new piece of technology. It may even involve retiring some old technology.
“I approach cyber security from a holistic point of view, from a managerial point of view. It is not really an impossible problem to take on. Even small improvements in cyber security can dramatically reduce your risk, so it is really important to focus on those basic steps and not worry, particularly when you are getting started, about the really sophisticated high-end threats, because that is not what most companies face.”
How did your experience as the US government’s cybersecurity coordinator shape your view of risk management and strategic cyber resilience for businesses?
“Working for President Obama was really amazing from a whole variety of standpoints, but in terms of shaping how I think about risk management, it is really about how you approach cyber security as a risk problem, just like you approach litigation risk, brand risk, or the risks of natural disasters or other things.
“You try to buy down that risk. You try to mitigate that risk as much as possible. You try to hedge against unforeseen, unknowable events, and then you try to put in place structures to move that risk around, for example by setting up cyber insurance. Some risk you just have to accept at the end of the day and be prepared to manage it if the risk actually materialises.
“President Obama approached a lot of issues from a very analytical point of view, wanting to have as much of the facts as possible, but also realising that you would probably never have all of the information that you really wanted. You were always making decisions under uncertainty, but that did not mean that you did not have to make a decision at the end of the day.”
How are emerging technologies such as artificial intelligence and quantum computing expected to influence future cyber threat landscapes and defence strategies?
“When you talk about emerging technologies, what most people really mean these days is artificial intelligence, although the truth is we have actually had AI and machine learning systems around for quite some time.
“Those technologies are going to affect cyber security in several different ways, although it is not clear right now whether they will favour the intruder or favour the defender. For almost everything you can think of that you could do for the intruder, such as writing better fishing emails, you could also use those technologies to identify those fishing emails more accurately.
“If you are searching for vulnerabilities to exploit, the bad guys can do that, but so can the good guys. It is not clear yet how some of those technologies will affect cyber security in the long run. It is entirely possible that they will actually favour the defender and enable us to eliminate whole classes of vulnerabilities.
“That said, there are other kinds of emerging technologies too. Quantum computing is imminently on the horizon. That will have some profound effects on things like encryption, but also on our ability to solve certain kinds of very hard problems, such as routing issues across the internet, which are notoriously difficult for classical computers to deal with.
“That could have profound effects on organisations needing to increase what is called their crypto agility, meaning their ability to change cryptographic algorithms and how they do their encryption very rapidly when a working quantum computer emerges.
“There are still other emerging technologies, connected systems and biophysical systems that are integrated, and all of these will continue to make the cyber security landscape more complex and more difficult than it is today.”
