Cloud security analyst Isabel Castillo discusses future cyber vulnerabilities and the importance of retraining to stay ahead of malicious behavior.

For Isabel Castillo, the love of puzzles and the many challenges of Cybersecurity sector has been a constant draw. Currently a cloud security analyst at cybersecurity threat mitigation platform Lastwall, Castillo has honed her skills at prestigious institutions such as Harvard as well as in the U.S. Army, where she applied her talents to cyber military operations.

She works primarily in the areas of security information and event management (SIEM) configuration and vulnerability management. A key aspect of her role is securing systems against new threats. “One of the biggest challenges I’ve faced is the constant evolution of the cybersecurity landscape, which can make it difficult to stay up to date with the latest knowledge and skills,” explained Castillo.

To overcome this, she developed a rigorous plan that involved setting achievable goals, allowing time to learn, taking additional training, and developing a reward system that held her accountable for reaching milestones. “This approach has helped me keep up with developments in the industry and continually grow in my role,” she said.

Future vulnerabilities

As the world becomes more digitalized and innovative, more and more threats to the cybersecurity landscape are emerging. According to estimates by Statista Market Insights, the global cost of cybercrime is expected to rise sharply over the next four years, from $9.22 trillion in 2024 to $13.82 trillion in 2028.

“As new technologies emerge, so does the number of vulnerabilities, and there is a greater focus on using AI to address those vulnerabilities. This is being done under the guidance of compliance authorities, who are also under pressure to adapt and evolve.”

According to Castillo, one such threat that poses a risk to the future of global cybersecurity is the growth of Quantum computing. Research suggests that security innovations will be critical when quantum computers are advanced enough to crack traditional cryptography. Castillo says institutions will need to work together to create a future digital infrastructure that can withstand the consequences of advanced quantum computers.

“Organizations must not only demonstrate the ability to adapt, but also do so in a way that minimizes the attack surface and prepares them for future quantum-related vulnerabilities. Collaboration between organizations is key to ensuring the security of information.”

“For future vulnerabilities, I would focus on vulnerability management in the post-quantum world. This introduces additional complexity from the integration of quantum-resistant algorithms and technologies, as well as potential risks of quantum-related attacks, although quantum computing is not yet fully developed,” she said.

Competencies for the future

Castillo doesn’t necessarily believe there’s a skills gap that contributes to employees not being well prepared for future cybersecurity challenges. Rather, she believes there’s a disconnect between what companies expect from junior-level applicants and what’s taught in educational institutions.

In her experience, “the attitude of a young applicant is more important than his knowledge.” Companies are looking for people with ambition, determination and a pinch of modesty who are willing to continue their education.

“Continuous education and retraining are critical because staying one step ahead of threat actors requires constant learning. As technology evolves, so do the tactics of those seeking to exploit it. To effectively protect systems, you must keep up with these advances. In short, you must improve with them.”

One trend she has noticed is a rise in privacy-enhancing technologies (PETs), driven by growing consumer demand for information security, while noting that technological advances can also benefit people with malicious intent. “This is a double-edged sword, as privacy enhancement can also provide anonymity to threat actors,” she explained.

“The main goal is to give individuals control over their identity and credentials, reducing reliance on centralized databases that are vulnerable to attack. Essentially, these technologies are being adapted to avoid a single point of failure.”

Future professionals

Castillo recommends that anyone considering a career in cybersecurity spend two to three weeks learning about all the different facets of the industry. “Once you’ve determined your focus, dive deep into the field and utilize all the free resources available to build your skills and knowledge.”

She would advise people not to move too quickly and rush into the sector without fully understanding what the role entails, as often professionals find they become frustrated and confused by the lack of clear direction.

“It’s not speed that gets you there, it’s knowledge and application of it. Others ask for projects to get into, whereas the best project you can tackle is the one you’re passionate about, and you’ll only find that out if you spend time figuring out which sector you like best.”

Find out how new technology trends are changing the future in our new podcast, Future Human: The Series. Listen now on SpotifyTo Apple or wherever you get your podcasts.