At the Security Analyst Summit (SAS) 2025 in Khao Lak, Thailand, a location synonymous with serene beaches, the global cybersecurity world convened for a high-stakes strategic discussion. Kaspersky CEO Eugene Kaspersky delivered a powerful message: the future of the digital economy hinges not on “reaction” to threats, but on their “prediction.” Amidst the complex battlefield he dubbed the “Sus City,” Kaspersky affirmed his core belief: “I believe we will survive”—but only through relentless innovation and the ability to see the future first.
KHAO LAK, THAILAND — On the shores of Khao Lak, Phang Nga province, what seemed a setting for relaxation became the strategic nexus of the global cyber conflict. The Security Analyst Summit (SAS) 2025 kicked off, headlined by one of the industry’s most pivotal figures, Eugene Kaspersky, CEO and co-founder of his eponymous global cybersecurity firm.
In a world where the economy is driven by data and digital connectivity, cybersecurity has undergone a profound transformation. It has definitively shifted from being a mere IT “cost center” to becoming the core “heart” of competitive business strategy and, indeed, macroeconomic stability. The vision Kaspersky presented at SAS 2025 was a stark reinforcement of a new economic imperative: Prediction is the only weapon that will ensure the survival of the digital economy.
The summit began with an intriguing, thought-provoking introduction of Kaspersky as “the perfect exploiter.” While the host quickly clarified this did not mean exploiting technical “vulnerabilities,” the term acutely captured the modern business of cybersecurity.
From ‘Vulnerability’ to ‘Opportunity’: The New Economic ‘Exploiter’
Eugene Kaspersky’s presence on the SAS 2025 stage was not that of a “hacker,” but of a “cyber-economic strategist.”
In a business context, the term “exploiter” transcends its nefarious connotations. It signifies one who “seeks out opportunities” and “leverages” emerging trends. Kaspersky, as the leader of an organization that has been on this battlefield for decades, is the “perfect exploiter” in the sense that he sees the “opportunity” for prevention long before a “threat” can materialize into economic damage.
The host’s remark that the cybersecurity business is “never boring,” with which Kaspersky readily agreed (“I know that”), is rooted in the sheer scale of the assets at stake. Modern cyber threats no longer target personal computers. They target the very lifeblood of the global economy: critical infrastructure, financial and banking systems, global supply chains, and trillions of dollars in intellectual property (IP).
To be a “perfect exploiter” at a summit of thought leaders in Khao Lak, therefore, means possessing the ability to:
- Seek out hidden patterns in global data.
- Predict the strategies of malicious actors (from cybercriminals to state-sponsored groups).
- Leverage advanced technologies like AI and Machine Learning to construct the most robust economic shields possible.
The Evolution of Economic Risk: From Floppy Disks to Cyber-Warfare
Kaspersky transported the SAS 2025 audience back in time with a single, powerful question: “Who in this room started in cybersecurity before the internet was even invented?”
Only four hands were raised.
This question was not mere nostalgia; it was a strategic framing device to illustrate the violent evolution of threats and their economic consequences. “Do you remember the time when computer viruses traveled at the speed of a floppy disk?” Kaspersky asked. “How much has it changed since then? It has changed… many times over.”
In the floppy disk era, a virus was an annoyance. It caused limited damage, and its economic impact was virtually zero, confined to the cost of cleansing a few machines.
The arrival of the internet changed everything. The “speed” of propagation was no longer limited by the physical exchange of disks, but by the speed of light. Threats, and their “economic costs,” evolved in distinct, terrifying phases:
- Phase 1: The Virus and Worm Era (Late 1990s – 2000s): Threats like “ILOVEYOU” and “Code Red” caused massive economic damage, not through theft, but through catastrophic “Downtime.” They halted business operations, logistics, and communications globally, costing the world economy billions.
- Phase 2: The Cybercrime Era (2000s – Present): This phase saw the creation of clear “business models” for criminals. The rise of Ransomware, banking trojans, and sophisticated phishing attacks created direct “liabilities” and “expenses” for businesses. Threats were no longer just disruptive; they were extractive.
- Phase 3: The Cyberwarfare & Espionage Era (2010s – Present): The most dangerous evolution. Attacks now originate from State-Sponsored Actors. Their goal is not just “money” but “sabotage” of critical infrastructure, “theft” of trade secrets and national IP, and the creation of “geopolitical advantage.” The economic cost in this era is immeasurable, striking at the heart of national competitiveness and security.
The “many times over” change Kaspersky referenced was not just technological. It was the exponential, compounding escalation of economic consequences, which is precisely why the strategic discussions at SAS 2025 are so critical.
The Core Strategy: Why ‘Prediction’ Trumps ‘Reaction’ in Economics
This was the central, non-negotiable point Eugene Kaspersky drove home at SAS 2025. It is the new gospel of cybersecurity economics.
“My point is, to be good, we don’t just have to see what’s happening. We have to predict what will happen next,” Kaspersky emphasized. “We have to observe what is happening, we have to remember what happened in the past, and see what is in the future.”
In economic terms, a “Reactive” posture means the damage is already done. The business has already stopped. The data has already been leaked. The brand reputation has already been destroyed. The Recovery Cost (including fines, remediation, and lost business) is always magnitudes higher than the Prevention Cost.
What Kaspersky is proposing is a fundamental Paradigm Shift: from Reactive Defense to Predictive-Driven Proactive Defense.
This is why the industry invests astronomical resources into “Threat Intelligence.” A business can no longer afford to wait for a new malware variant to strike its network before developing a “signature” to block it. It must know in advance what cybercriminals are planning, what tools they are developing, and which industries they are targeting.
This “Prediction” is now the single most valuable “commodity” in the cybersecurity economy. The ability to tell a client—a major bank, a utility provider, or a manufacturer—that “in the next six months, Hacker Group X is developing a new malware targeting financial systems using Technique Y” is information worth millions. It allows that organization to strategically allocate its budget and resources to “close the vulnerability” before the attack ever occurs.
The Battlefield: Welcome to ‘Sus City’
Kaspersky linked this mission directly to the future we all inhabit, coining a term for the modern digital economy: “our cyber city… our ‘sus city’.”
“And this is one of the reasons why we called all of you… to come together [at SAS 2025],” he said. “To talk about what we see. To talk and to predict what will happen next. What we have to see in our cyber city… our ‘sus city’ in the days, weeks, years to come.”
“Sus City,” derived from the slang for “suspicious,” is the perfect metaphor for the modern digital economy. It is a metropolis defined by a complete lack of trust.
In the past, an organization’s computer system was an isolated fortress. Today’s “Cyber City” is hyper-connected, and the traditional “perimeter” of defense has completely dissolved. Every connection is “suspicious,” and every device is a “risk.” This city is built on:
- The Internet of Things (IoT): Billions of devices, from smart lightbulbs to industrial factory sensors, have become new, undefended “doors” for attackers.
- Smart Cities: Public transportation, power grids, and water systems are now controlled by AI and connected to the internet, making them massive, high-value targets.
- Cloud Computing: An organization’s most critical data and operations no longer reside within its own servers.
- Remote Work: The global workforce is connected via consumer-grade home Wi-Fi networks, which lack enterprise-level security.
SAS 2025 in Khao Lak, therefore, is not a simple technical conference. It is a “War Council” for the leaders and strategists tasked with designing the defense of this sprawling, chaotic, and deeply “suspicious” economic metropolis.
The Khao Lak Accord: A “Difficult Situation,” But “We Will Survive”
Kaspersky did not paint a rosy, utopian picture. He was candid about the challenges ahead: “Unfortunately, I’m afraid we will have to face a rather difficult situation.”
This “difficult situation” is driven by several powerful economic and technological headwinds:
- AI vs. AI: This is the new, unending arms race. Defenders use AI for threat detection. Attackers now use Generative AI to write flawless phishing emails, create polymorphic malware that changes its own code, and scan for vulnerabilities at machine speed.
- The Expanding Attack Surface: As outlined in “Sus City,” the more we connect, the more vulnerable we become.
- The Global Skill Shortage: The world faces a deficit of millions of cybersecurity professionals, even as the threats grow exponentially.
Yet, amid this stark warning, Kaspersky delivered a powerful message of confidence in the industry’s capability: “But we are good. I believe we will survive. We will be able to find a way to prevent, predict, and develop. To protect. That’s why we are here [at SAS 2025].”
This statement is a critical “signal” to the market and the global economy. It is not blind optimism; it is a justification for continued, massive investment. The “we will survive” is conditional: we will survive… if we continue to invest in ‘prediction’ and ‘development’. It is a call to action for corporate boards, investors, and governments to fund the research & development (R&D) and innovation necessary to stay ahead.
The Aesthetics of Strategy: Beaches, Sunlight, and ‘Shots’
Even while discussing grim future scenarios, Kaspersky acknowledged the unique culture of the industry and the specific setting of Khao Lak.
“This place [Khao Lak] is not very good for developers. It’s more for the beach, the sun,” he mused. “But sometimes we need to come to places like this.”
The interpretation is clear: the dark, complex, technical work of fighting cyber threats (the developer’s lab) sometimes requires the “inspiration” and “creativity” that can only be found outside the box. A relaxed, beautiful setting like Khao Lak fosters the novel, abstract, and creative thinking that is essential for predicting the future.
Finally, the open and frank culture of this community was crystallized by an SAS “rule” mentioned by the host: “No one leaves the stage without having a shot.”
Kaspersky’s reply was telling: “I know. That’s why I’m here.”
The act of taking the first “shot” of the day and receiving a “super sus coin” was more than just ceremony. It was a symbolic acceptance of the “rules of the community.” It was a “sealing of the deal”—a pact among everyone present, from the CEO to the frontline researcher, that they are all in this together. They are all ready to face the “difficult situation” and, starting from this summit in Khao Lak, collectively predict and build the future.
The conclusion from Eugene Kaspersky’s address at SAS 2025 is unequivocal. The sustainability of the 21st-century economy does not depend merely on the new technologies we create. It depends entirely on our ability to protect what we create. And the heart of that protection is no longer a reactive firewall; it is the strategic, economic, and predictive imperative to see the future before it arrives.
#SAS2025 #EugeneKaspersky #Kaspersky #KhaoLak #SecurityAnalystSummit #Cybersecurity #DigitalEconomy #CyberThreats #PredictiveSecurity #SusCity #EconomicNews #Thailand #AI #ThreatIntelligence
