How Computer Security Has Evolved and What You Can Do Now
You may not often think about how far computer security has come over the last 30 years; the evolution is remarkable. Early attacks, such as viruses, passed around on floppy disks, worms spreading for notoriety, and hacktivism done for a cause felt more punk rock than organized crime. Today, according to Canalys, ransomware is the top concern for small businesses. But will it stay that way?
For decades, cybersecurity relied on putting technology between the attacker and your applications; perimeter firewalls that guarded the network edge and antivirus or endpoint products on Windows devices that detected known malware. These tools were designed to stop direct technical intrusions. We’d know, at WatchGuard; we’ve spent the last 30 years trying to unify the right components as applications evolved to find a better, faster, and stronger way to detect and respond to cyber threats.
But attackers have learned that the fastest way to monetize their efforts is often outside the technology. Instead of trying to defeat the firewall, they phish the user. Instead of breaking through endpoint protection, they convince an employee to grant access or become an insider threat, sometimes unintentionally. The result is that the very technologies organizations invested in can be bypassed not through technical exploits but through human behavior.
Now, as with everything in the computer world, new advances in artificial intelligence are shaping the way attacks unfold. Instead of a highly skilled attacker painstakingly working through individual networks and users to find sensitive data or target systems, they can automate the entire process using agentic AI. A recent agentic Cyberattack at Anthropic shows that it is not only the methods that are changing, but also the attackers themselves.
So does this mean more cybersecurity vendors to solve this new problem? Canalys reports in a recent survey that many organizations already have more than five cybersecurity vendors (stops and counts in my head). At WatchGuard, we believe that trying to create a perfect operational fit with more cutting-edge tools, such as using AI and ML, should actually help reduce the number of vendors and free up resources for teams to become more proactive. With little room to spare and a tight budget in IT, the future will likely see a greater expenditure on the problem. It’s likely time to modernize how your cybersecurity is actually architected, instead of just adding more new startup vendors to the stack.
So, what are some practical strategies we need to implement with what’s left of our 2025 execution or early 2026 plans?
First, threat actors, whether agentic or human, need network access to their target in order to be successful. This means they either target cloud applications, internal network layers, or remote users who often have no way to filter the threats aimed at them. This forces a last-mile battle on the endpoint, where the attacker has an advantage.
This must change by rearchitecting how we protect network traffic wherever it exists, including internal networks, remote home users through SASE, and a redesigned approach to VPN that removes basic SSL VPN-style attacks from the equation.
Second, any connection to your applications should not only use a secure method for validating traffic but should also continuously verify the identity of the users and devices entering those tunnels.
Third, we need to fight fire with fire. The new security operations center will be an autonomous one, powered by AI agents, with experts tuning the loops rather than being trapped inside them.
Computer security will continue to evolve as technology advances. What will not change is the impact of everyday user behavior. Protecting your identity, maintaining strong digital hygiene, and staying aware of emerging threats are just as important as the tools you use.