Matthew Lloyd Davies discusses the steps companies must take to stay ahead of malicious behaviours and advanced threats.
“Periods of geopolitical instability have historically been accompanied by increased cyber activity and today’s situation is no different,” Matthew Lloyd Davies, a principal security author at Pluralsight, told SiliconRepublic.com.
He explained, state-aligned threat groups, criminal networks and politically motivated hacktivists often exploit periods of heightened tension, in order to launch harmful campaigns targeting world governments, infrastructure providers and organisations in the private sector.
In April alone there were multiple breaches and security incidents reported by organisations dealing with sensitive information. For example, Dublin recruitment platform Healthdaq recently suffered a cyberattack from hacker group XP95, which claims to have accessed hundreds of thousands of files.
Also in April, OpenAI said that the organisation would be working on safeguarding and updating the certification process for its apps running on MacOS following reports of a security issue around a third-party development tool. It was also reported that a private Discord group possibly gained unauthorised access to Anthropic’s new AI model Mythos.
“Operations vary widely in sophistication,” noted Lloyd Davies, who added, “Some involve advanced espionage or long-term infiltration carried out by highly capable threat actors, while others are less complex but still disruptive, such as distributed denial-of-service attacks, defacement campaigns, or the release of stolen data.”
He said, “Crucially, organisations do not need to be directly involved in a geopolitical dispute to feel the impact. Shared infrastructure, third-party suppliers and cloud platforms create indirect pathways through which cyber activity can spread globally. This means cybersecurity teams must prepare not just for highly sophisticated attacks, but also for waves of opportunistic disruption that often accompany geopolitical events.”
The skills safety net
The security industry is evolving quickly to a point where threat actors and genuine professionals alike are increasingly using AI and other advancements to create new opportunities. On top of that employers are finding it difficult to create a consistent talent pool in a space where cyber resilience is now dependent on the defensive skills evident across the wider workforce, not just within specific teams.
“Developers, cloud engineers, IT administrators and security teams must all understand how to build, deploy, and maintain secure systems. Without continuous upskilling across these roles, as global tensions rise and attacks become more complex, even well-funded security programmes can struggle to keep pace with evolving threats,” he said.
The organisations that invest in developing their cloud and cybersecurity skills, across the workforce, will find themselves better positioned to detect security threats earlier, respond faster and adapt.
“This means moving beyond reactive security measures and embedding cybersecurity capability into the broader technology workforce. Upskilling developers in secure coding, strengthening cloud security expertise and ensuring security teams can effectively use emerging technologies like AI all contribute to a stronger defensive posture.”
He suggested that organisations could benefit from letting go of traditional ideas of training such as the one-size-fits-all model and instead of assuming proficiency based on roles or certifications, should consider merit-based hiring, wherein companies quickly identify gaps, creating teams that can adapt, learn new skills and keep pace with threats as they occur.
Lloyd Davies said, “Training programmes need to be aligned to real-world operational demands, directly drawing on the evolving attack vectors that security teams encounter daily and the conflict scenarios behind them. Infrastructure can’t be secured by theory alone. Scenario-based learning is crucial.”
To be truly effective he said, “Cyber teams must be given opportunities to practice and hone their skills in safe sandbox environments and as cyber threats evolve continuously, upskilling must too. Organisations need to invest in simulation platforms and scenario-based exercises that mirror modern attack vectors including ransomware and identity compromise.
“Continuous learning without the risk of real-world consequences can allow teams to build confidence while being updated on emerging threats. Equally important is embedding this learning into regular workflows, avoiding skill development being seen as a ‘one-off,’ so that professionals remain agile and prepared to respond effectively to cyber attacks.”
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
You must be logged in to post a comment Login