December 3, 2018

Cybersecurity Futures 2025

Background and Overview

A consistent observation about the digital era is that when people and technology mix, the results are surprisingly hard to anticipate. That kind of uncertainty has put cybersecurity professionals at a structural disadvantage because it favors attackers and exploiters over defenders and protectors. Looking forward in time at the intersection of people and digital technology, there is a (potentially growing) gulf between the operational security priorities that are on the agenda today, and the range of cybersecurity issues and challenges that will present in a decision-relevant future time frame.

To address this mismatch, in 2016 the World Economic Forum Global Future Council on Cybersecurity (GFC) and the UC Berkeley Center for Long-Term Cybersecurity (CLTC) began discussing a collaboration to develop a set of future-looking cybersecurity scenarios. GFC and CLTC intended for the scenarios to spur a much-needed discussion about the cybersecurity challenges that government, industry, and civil society will face in the future, beyond the immediate horizon.

Beginning in October 2017, the GFC partnered with CLTC and CNA’s Institute for Public Research (CNA) to explore how governments, firms, and societies in different parts of the world are thinking about, evaluating, and responding to emerging cybersecurity challenges. With the establishment of the World Economic Forum Global Centre for Cybersecurity (C4C), the GFC’s challenge to examine the future of cybersecurity developed into Cybersecurity 2025, a foundational plank of C4C’s activities.

The Cybersecurity Futures 2025 project rests on the foundational idea that if we can anticipate how cybersecurity challenges will evolve and understand how governments, firms, and societies in different parts of the world think about those challenges, we can better position decision makers to reduce detrimental frictions and seize opportunities for cooperation. By tapping into a broadly-felt sense that current policy and strategy frameworks in cybersecurity are inadequate and becoming more so, the Cybersecurity Futures 2025 project hopes to provide a roadmap for new high-level concepts and strategies that drive operational and tactical adaptation going forward.