AI, zero trust and threat hunting shape next phase of global cybersecurity defense

Cybersecurity researchers warn that the global threat landscape is moving faster than institutions can manage, with cyber attackers using sharper tactics, stronger technical knowledge and wider social disruption to test governments, companies and citizens.  A new editorial argues that defending digital systems now requires more than technical fixes, placing pressure on policymakers, researchers and industry leaders to build coordinated, proactive and society-wide defenses.

The study, titled “Advanced Cybersecurity Applications: Solutions to Counteract Cyber Threats” and published in Applied Sciences, brings together research on local government security, energy infrastructure, intrusion detection, blockchain lending, power systems, zero trust, malware detection, surveillance vulnerabilities and smart health ecosystems.

Cyber threats move from isolated crime to national security risk

The researchers claim that attacks are shaped by economic, political and socio-cultural motives, making the threat environment more complex and harder to predict. Cyber incidents can create uncertainty, weaken public trust and amplify disinformation, especially when people believe existing systems are unable to protect them.

Against this backdrop, proactive defense systems that combine different cybersecurity approaches are critical. The researchers note that waiting for attacks to occur is no longer enough. Governments, organizations and researchers must anticipate threats, identify attacker motives and strengthen the systems that protect public services, businesses and ordinary users. As more services move online, the failure to protect digital infrastructure can quickly affect access to healthcare, local government services, financial systems and emergency response.

The editorial also stresses that cybersecurity depends on human behavior as much as technical controls. Interconnectivity has widened exposure to cyber risk, but the authors say weaknesses often grow from how people and organizations understand and use technology. That makes cybersecurity training, risk communication and organizational readiness central to any defense strategy.

The paper calls for a holistic approach that links cybersecurity with risk management, business continuity, crisis management, emergency planning and organizational resilience. In this view, cybersecurity is not only the responsibility of technical teams. It requires staff who understand risk, managers who can respond during disruption and policymakers who can support practical security guidelines across different user groups.

Research targets attacks on local government, energy networks and critical systems

The Special Issue begins with a review by Hossain and co-authors on the cybersecurity landscape facing local governments. The work identifies knowledge gaps, barriers and policy needs while examining the types of data handled by local authorities. The focus on local government is significant because municipalities often manage essential services but may lack the resources and security maturity of national agencies or large corporations.

Another contribution, by Ryu and co-authors, examines cybersecurity vulnerabilities in energy IT infrastructure. The research focuses on major malware threats including Industroyer, Triton, NotPetya and BlackEnergy3, and proposes a layered security architecture for SCADA and SIS systems. The editorial presents this as part of a wider shift toward integrated defense strategies for critical infrastructure, where a single breach can have consequences beyond one organization.

Alabdulatif’s work introduces a hybrid ensemble learning-based intrusion detection framework that combines deep learning and traditional machine learning with explainable artificial intelligence. The system uses an artificial neural network, support vector machine and random forest to improve detection performance for network-based cyberattacks. The inclusion of explainable AI reflects a key demand in cybersecurity: systems must not only detect threats but also help analysts understand how those decisions are made.

The Special Issue also addresses blockchain-related risks. Al-Zubaidie and Jebbar examine a security protocol for digital cryptocurrency wallets protected by the XSalsa20 algorithm, with a focus on blockchain-based lending and flash loan systems. Their work responds to the rapid growth of decentralized finance, where lending systems and digital wallets have become targets for attackers exploiting protocol weaknesses and transaction speed.

Power systems receive separate attention through research by Qiu and co-authors on cyber-physical cross-domain attack paths. Their work applies graph knowledge to analyze how attacks can move through connected power and cyber systems. The editorial highlights this as a major area of concern because failures in cyber layers can cascade into physical systems, creating risks for electric power stability and infrastructure resilience.

Zero trust is another key theme. Park and co-authors compare multi-level security models in the United States and Korea and propose a zero-trust-based multi-level security model. Their work responds to the limits of isolated network environments and older security frameworks. The zero-trust approach assumes that no user, system or network segment should be trusted by default, making verification and access control continuous rather than one-time processes.

AI, malware detection and smart health security reshape the defense agenda

The editorial shows that AI is becoming a major part of both cybersecurity defense and threat analysis. Pu and Wan focus on advanced persistent threat malware and propose a detection model based on heterogeneous multimodal semantic fusion. Such work targets stealthy, long-running attacks that often evade traditional detection tools because they are designed to remain hidden while collecting information or preparing further damage.

Woo and Lee examine vulnerabilities in event-based person re-identification models, focusing on adversarial attacks against systems used in surveillance contexts. Their findings point to weaknesses in event-based Re-ID systems and the need for robustness-aware design. This expands the cybersecurity discussion beyond conventional networks and into AI-driven recognition systems, where attacks can manipulate model behavior and undermine trust in automated surveillance.

The final contribution, by Alabdulatif and Thilakarathne, focuses on smart health ecosystems and a cloud-enabled cyber threat-hunting platform. The research considers the growing threat landscape in healthcare, deception technology and threat intelligence. The editorial places this work within a broader concern that connected medical systems and smart health platforms can expose sensitive data and critical services if they are not protected through active threat hunting.

Across the Special Issue, the researchers present cybersecurity as an interdisciplinary field that must draw from computer science, public policy, organizational studies, crisis management and social behavior. Their editorial argues that research must produce practical insights, stronger theoretical understanding and policy recommendations that can be used by governments, companies and communities.

The authors also draw focus to collaboration. Cyber attackers may be ideologically driven, disruptive, financially motivated or highly organized. Because the threat actors are diverse, the defenses must also be diverse. Cross-border research, shared knowledge and cooperation between academic institutions, public agencies and private firms are presented as essential to building stronger cybersecurity systems.

Policymakers need to invest in cybersecurity research that delivers usable frameworks and practical countermeasures, the paper insists. For industry, it points to the importance of layered defenses, explainable detection systems and resilience planning. For society, it warns that digital safety now depends on the ability of institutions to act before disruption spreads.