editorial

From the Editor

It is well know that cybersecurity is an ever-evolving field, with malicious actors and security researchers locked in a continuous battle to one-up each other. Over time this produces changing trends, often dictated by the most cost-effective and financially profitable methods and targets of attack, and ultimately shapes the wider cybersecurity landscape.


But sometimes new elements are introduced that can have a profound impact on how cybersecurity needs to be approached – in some cases changing entire avenues of the field for good.


In this issue of Verdict Encrypt, we look at some of the developments on the horizon that could produce such impacts, as well taking our usual look at some of the biggest stories, trends and developments from the last few months.

“Sometimes new elements are introduced that can have a profound impact on how cybersecurity needs to be approached – in some cases changing entire avenues of the field for good.”

Arguably one of the biggest future changes for cybersecurity is set to come from quantum computing.


Although it is a technology that remains a long way off commercial reality, when it does eventually hit, it will turn the rules of encryption on its head – making it possible to access previously locked down data, no matter how sensitive.


The security industry is well aware of the risks – and is already beginning to prepare for the day quantum computing rises to reality. We find out what needs to be done to prepare, and why organisations should be taking notice now.

On the more sci-fi side, numerous companies are now working on sophisticated brain-machine interfaces, with Elon Musk’s Neuralink among the most high-profile. But if the technology does become as widespread as the Tesla CEO hopes, it will also create a significant and deeply concerning potential attack surface. We consider what the security issues are, and how they may be tackled.


Back in the here and now, the past few months have been characterised by a host of high-profile data breaches. We look at some of the most notable, including the Capital One mega breach that impacted over 100 million customers and the rather embarrassing Honda security lapse, which has left the company’s systems exposed to hackers.


There has also been the matter of the UK’s first GDPR fines, which have been eye-watering for both British Ariways and Marriott. With this in mind, we consider how DevSecOps could have helped the former, and why other companies need to be more aware of the importance of effective application security.


Plus, as attacks on smartphones continue to rise, we look at why security awareness on mobile devices remains behind other devices, and what more needs to be done to beef up smartphone security.


For all this, and much more, read on in the latest issue of Verdict Encrypt.


Lucy Ingham

Editor