We can’t predict the future, but we can use futures methodologies to create possible scenarios, identify critical uncertainties and drivers of change to explore forks, consider risks and anticipate challenges.

Futures, foresight, and futurecasting are phrases which may be used to describe this discipline. In academia it is known as future studies. I will refer to the subject as futures. Futures is a well-established field originating in the 1960s. Today it is used by businesses, governments and academics as part of strategic planning, risk analysis and oppurtunities research.

I design and run futures methodologies to collate and derive insight from multiple experts and stakeholders to answer questions of importance. I also conduct independent research to analyse the future cyber security landscape.


In the information security industry few individuals have contact with, or stay within academia, talent is transient as individuals move, and considering remote-only practice, a new approach is required to access the knowledge within industry. I use the phrase open futures to refer to futures research which alters the traditional approach of academic-only experts to rebuff these challenges and improve access to knowledge. Open futures research is just that; participation has fewer barriers and the results of research are made available to the security community.


This scenario explores how advances in Natural Language Processing (NLP) may effect the tools, techniques and behaviour of threat actors focused on the period 2021-2026. Attention is paid to the effect of landmark advanced machine learning models such as OpenAI’s GTP-3 and EleutherAI’s GTP-Neo.