Legitimate businesses, organizations, and public sector organizations do not possess exclusive rights on new technologies. Bad actors (hacktivists, cybercriminals, and nation states alike) also leverage new compute environments for zero-day malware and exploit development, as well as attack vectors. Some have even embraced the as-a-service model in new variants of ransomware to streamline the extortion process. And adversaries also keep a foothold in the past by repurposing tried and true threats including weaponized content and attack methods such as spam emails containing malicious links.
Indeed, those protecting against compromises and those perpetrating the attacks live in the three time dimensions of yesterday, today, and tomorrow. Organizations should evaluate security systems that not only support legacy and new environments, but also have a history of being out in front of new technologies that enable organizations to remain secure as they move from the lab into production. This paper explores the meta trends that make cybersecurity increasingly challenging and offers considerations for the evaluation of effective and operationally efficient security systems that can transcend paradigm shifts.