With the advent of 2024, in the ever-evolving cybersecurity environment, we are facing new threat scenarios: CISOs have their sight on raising the bar to outsmart AI-wielding malicious agents, empowering cybersecurity-illiterate users, providing security to larger amounts of Data spread across multiple Enterprise repositories and managing the skyrocketing amount of log data flooding SOC operations.
Preparing to face the new threat scenario, we have researched the subject matter and asked several CISOs to outline the hottest topics regarding their priorities for 2024. Here are the findings:
Upgraded cloud security strategy. Over a third of firms have seen their cloud environment breached, 35% above 2022’s figures. Zero Trust is at the forefront of Cybersecurity priorities. Clinching the SaaS Ecosystem is key as well, since most SaaS practices are not adequate nowadays. 68% of organizations are ramping up their investment in SaaS security. Nonetheless, there is plenty of work ahead.
API security. 94% of cybersecurity professionals, as well as API developers went through API cybersecurity issues in 2023. The numbers foresee that 95% of CISOs will pick up on API security within the next 24 months. There is work to do at identifying APIs, testing them for security issues and working alongside developers to assess and address security issues.
Post-quantum. Organizations such as CISA, NIST and the NSA urge firms to implement post-quantum cryptography by establishing a Quantum readiness map, as well as Conversations with tech vendors to hash out post-quantum roadmaps.
AI-driven threat prevention. Platforms that use Artificial Intelligence are needed to analyze and help decision making over large amounts of events data and logs that humans cannot. Existing SOC operators and analysts must evolve applying new strategies maximizing the benefits of AI-based tools.
AI red team exercises. AI Red Teaming is in its infancy stages, however Microsoft is already deploying an AI Red Team, and has been doing so since 2018. The company states that it is essential to put AI Red Teams at the pinnacle of their investing efforts, at both base model level and Application level.
Zero Trust architecture. CISA’s Zero Trust Maturity Model contains a useful Number of guidelines that helps organizations mature their zero trust implementation. In a landscape where 97% of firms have tackled zero trust initiatives, there is still room for improvement with the creation of roles such as the Zero Trust Program Manager or the Zero Trust Lead Architect, as well as maturing staff expertise.
Citizen Cybersecurity solutions. Still most attacks exploit the human factor. Most end-users are IT or Cybersecurity illiterates. There is a new trend to deploy Cybersecurity tools and frameworks that seamlessly protect them, without being noticed.
Data Security Posture Management. The explosive growth of data in organizations plus the diversity of the repositories where they are stored and the mobility of data between repositories makes it challenging to manage data security during its lifecycle. The implementation of a DSPM platform reveals itself as a powerful and effective way to manage data security in the current scenario.
Optimization of SOC Operations. The complexity of SOC operations requiring the management and integration of several tools together with the explosive increase in the amount of log event data makes it challenging for threat management and decision making. Automation, AI, and process reengineering are required to improve productivity and the quality of the results.
Mobile apps and mobile security. Mobile devices are the weakest element in the cybersecurity chain and their proliferation in the corporate environment make them an ideal target for Cybercriminals to steal credentials, bypass multi-factor authentication or launch phishing attacks. Mobile Device Management platforms become essential to manage cybersecurity across a wide spectrum of connected mobile devices.
Cyber Resilience. The measures aimed at relieving an attack that has already taken place. Cyber Resilience should extend beyond the cybersecurity team across all the organizational levels of the Enterprise. The pillars of a superb Cyber Resilience strategy are underpinned by a due identification, protection, detection, response and recovery.
Cyber exercises. Cyber exercises are needed to build cyber resiliency at an organizational level beyond the cybersecurity team.They train the employees of a firm, spanning every step of the organizational chart. These exercises expose us to realistic attack scenarios that may befall in the company. The insight we reap from these drills are the prerequisites for due planning and action.
Cyber talent. Nowadays, there is a shortage of skilled cybersecurity professionals. 60% of organizations struggle to recruit Cyber defense talent. The speed of innovation in cybersecurity also creates a gap between required skills and those possessed by the professionals. Continuous cybersecurity skill gap assessment and training is mandatory.
Supply chain Cybersecurity. Attackers are focusing more on the suppliers of large enterprises. They are typically smaller enterprises with less capability to invest in cybersecurity. The security of a chain is one of its weakest links. More effort has to be invested in accessing and monitoring the cybersecurity of your suppliers, making cybersecurity more of a collaborative effort.
Identity management. 85% of attacks started with stealing credentials and impersonating an authorized user. It is key to deploy Multi Factor Authentication and Identity Management all over the organization. For users with Privileged permissions, special security should be used such as the one provided by Privileged Access Management (PAM) platforms.
Managing the external attack surface. The amount of resources exposed to the internet grows in every organization. Attackers are continuously exploring every organization’s exposed assets looking for vulnerabilities they can exploit. To be ahead of them, you need to invest resources in read teaming, pen testing and consider Automated External Attack Surface Management platforms.
Abiding with these guidelines may be crucial but not sufficient to remain in the forefront of Cyber Defense (remember that in spite of your best cybersecurity practices, you will always experience attacks), so building a resilient organization is on top of everything else.
Cybersecurity is everyone‘s accountability, it falls on the shoulders of agents from all walks of cyber life.
In the words of Hazel Díez, CISO of Santander bank, in an interview in SIC Magazine, “Cross-border and cross-sector collaboration is necessary to defeat cybercrime. The biggest outcome of the public-private collaboration is to shift the paradigm of cybersecurity response. A global systemic risk calls for a global response.”
We hope that these guidelines will help you enhance your agenda for 2024, and we wish you a very successful year.