In August, a cybersecurity webinar for US federal agents set out the leading security trends in their field. The event was attended by leading experts and cybersecurity directors from organizations such as the public/private partnership ACT-IAC and the US space agency NASA. The latter’s CIO, Mike Witt, explained, “We’ve got to get away from the mind-set of ‘you can account for every alert’. You’ve got to embrace orchestration and technologies, artificial intelligence, machine learning”. Wendi Whitmore, vice president of IBM X-Force Incident Response and Intelligence Services, underlined the argument with data from an IBM report. “Organizations who have invested in automation and orchestration (have) hugely, vastly different average data breach costs: $2.45 million versus over $6 million.” Which is why she believes we should all be adopting such tools.

Yet every technological advance humanity has ever made has at some point been exploited maliciously or inappropriately. In the case of machine learning, you could analyze or influence the Cyber Kill Chain (CKC, the sequence of steps involved in a cyberattack). While we tend to think of automation tools in terms of detection of vulnerabilities or spear phishing, and the study of how cyberattacks spread, there is also the other perspective: how such tools can be used to evade forensic analysis or boost attacks against industrial control systems and critical infrastructure.

As such, the WatchGuard Technologies Threat Laboratory predicts that, in 2021, automation will play a major role both in the creation of cyberattacks and in the efforts of those whose mission is to counter them.


Specifically, WatchGuard predicts that hackers will leverage such new tools to automate the manual tasks involved in creating spear phishing campaigns, using targeted and personalized data on victims, obtained either from social media or from companies’ own websites. And, as society continues to struggle with the repercussions of COVID-19, these automated spear phishing attacks are also likely to fuel other fears surrounding the pandemic, influence political strategies adopted by governments, and have economic repercussions.

The WatchGuard research team also believes that automation will aid cloud storage providers, such as Amazon, Microsoft, and Google, in tackling the cybercriminal gangs that exploit their reputation and services to launch dangerous malicious attacks.

To find out more about the leading threats and other cybersecurity predictions that will shape 2021, see all the information from our experts at the WatchGuard Laboratory.