Today’s guest on our Prediction Video Series is Steve Winterfeld, Advisory CISO at Akamai—a company focusing on enhancing internet performance, providing security solutions, and offering cloud-based development capabilities. In this episode, Winterfeld shares his predictions for the upcoming year, focusing on the evolving security landscape and the anticipated challenges.

Winterfeld predicts a broader integration of physical and cybersecurity roles, noting a trend where more CIOs transition to CSO positions. Winterfeld also foresees the continued rise of autonomous AI systems and highlights their impact on security decision-making processes. Another critical area Winterfeld talks about is API security and the necessity for visibility to protect sensitive data. Winterfeld emphasizes, “I continue to see APIs needing more and more visibility and security. We can’t protect what we don’t know about.” Cryptographic agility is becoming increasingly important, especially in light of emerging threats like quantum computing.

Discussing his methodology for formulating his predictions, Winterfeld explains that he focuses on trends in people, processes, technology, and threats. Generative AI (GenAI) remains a prominent topic, particularly its dual role in enhancing productivity and presenting new risks. Winterfeld stresses the need for engineers capable of securing AI models and the challenge posed by a skills shortage in this area. Regulatory developments also influence Winterfeld’s perspective, and he stresses the need to incorporate these changes into organizational strategies.

Research plays a pivotal role in identifying emerging trends and Winterfeld cites Akamai’s end-of-year summary blog, which reveals cybersecurity trends such as the increasing frequency of Domain Name System (DNS) and Distributed Denial of Service (DDoS) attacks. Winterfeld also points to the rise of sophisticated, AI-driven chain attacks and the blending of traditional threat actors like nation-states and hacktivists. Winterfeld stresses that understanding these dynamics is crucial for predicting and mitigating potential risks.

One of the most notable challenges predicted for this year is understanding the evolving attack ecosystem. The blending of different attack vectors adds further complexity to predicting who will attack and what sorts of attacks to expect. In addition to these challenges, Winterfeld emphasizes the need for talent to become well-versed in understanding emerging threats such as Generative AI (GenAI) and quantum computing.

Technical debt is another key area that needs to be focused on. It continues to be a significant risk following major incidents related to supply chain vulnerabilities, insider threats, and IoT security. Balancing the adoption of new technologies with managing existing technical debt is critical to preventing major incidents and ensuring long-term resilience.

Looking ahead, Winterfeld shares Akamai’s priorities for 2025. These include enhancing Generative AI (GenAI) capabilities and enhancing protection for AI models. Akamai will also focus on advancing Domain Name System (DNS) and Distributed Denial of Service (DDoS) security measures and providing secure, cloud-based environments for customers.

Guest: Steve Winterfeld (LinkedIn)
Company: Akamai
Show: 2025 Prediction Series

This summary was written by Emily Nicholls.