The IT Nerd

As the year draws to a close, I have gathered predictions from an array of cybersecurity experts who have given insights into trends they see in 2024.

Ryan Benevides, Principal, WestCap

• As large language models and generative AI become the next big platform chefs and the new form of communication between business and their customers, new cyber risks will become prevalent. These advanced tools are susceptible to sophisticated attacks such as prompt injection where attackers can manipulate the model to extract sensitive information or generate unauthorized content. Instances like these highlighted in recent media coverage show the need for security protocols for AI communications, especially as large financial institutions such as Morgan Stanley integrate these technologies into client-facing services like wealth management advising.
• In 2024, the widespread adoption of SaaS applications will present significant cybersecurity challenges as businesses become increasingly dependent on systems like Workday, Salesforce, and Google Drive to run every part of their business effectively. There will be a heightened focus on cybersecurity tools that will help protect these environments from high-risk scenarios where attackers gain access to customer’s sensitive data and help employees respond to incidents faster.

Avishai Avivi, CISO, SafeBreach 

• CISOs begin to treat regulation as an opportunity instead of a burden – The White House National Cyber Security Strategy got a surprising reaction from many CISOs; many felt it didn’t go far enough. Usually, the thought of the government introducing new regulatory changes makes the industry nervous. But as many CISOs have experienced unless there is a law on the books they can show to the board – see GDPR as an example – some companies will opt out of approving the budgets necessary to protect the business. CISOs can leverage new rules, such as the SEC’s recent cyber disclosure laws, to start putting a tangible price tag on the cost of fines from non-compliance with incident reporting and disclosure included with the increase in cyber risk.
• CISOs become more guarded as the level of accountability rises – CEOs are required to sign off on their company’s financial statements. The days are not far off when CISOs must sign off on a company’s cybersecurity program. They will have to attest that the company is secure and that they are doing everything they are required to do to exercise due care in the protection of their computer assets and company, customer, and partner data. This will extend to the security of technology that can cause physical harm, including loss of life, like OT assets in industrial organizations or IoT assets in healthcare, like medical devices. When this happens, there will be a shift in the role of the CISO. To not be the sole name in a lawsuit, CISOs will need new reporting structures and safeguards. We may even start to see the role of CISO and CIO merge to make those responsible for information systems also in charge of security. In this new role, CISOs can’t be overruled for budget requests by the CIO, and CIOs can better implement a secure-by-default approach across the organization. 

Debbie Gordon, founder and CEO, Cloud Range

• With the evolving SEC regulations and increased scrutiny on the board level, security leaders will be held more accountable for their roles. Board members must manage cyber risk as part of fiduciary/oversight responsibilities. This will require stricter and quicker reporting as well as a deeper understanding of materiality. To support the requirements, tabletop exercises can be a valuable resource. The new SEC rules also mean it’s crucial to prepare your team’s IR capabilities and invest in training. 
• Increased budgets for cyber talent development and retention – Cybersecurity talent and development in the cyber workforce will receive more financial support. There is still a disconnect between open jobs and the cyber shortage as people coming out of school with degrees lack hands-on experience required by employers.
• Impact of AI – The cybersecurity landscape will significantly change with more of an emphasis on human-centric defense strategies and advanced technologies. AI and machine learning (ML) will become important in identifying and mitigating threats, which will allow practitioners to focus more on strategic decision-making, creating a level playing field with threat actors. Using virtual environments will see improvements in user experience while the importance of human elements such as training and awareness will become more recognized.

Tom Marsland, VP of Technology, Cloud Range 

• Open source, software bill of materials – Given that a significant portion of code in products is from open source libraries, this will remain a substantial attack surface. We will continue to see attacks targeting vulnerable libraries and weak points, like SolarWinds, Log4j, Citrix bleed, and other similar breaches. Attacks will focus on where they can have the greatest impact
• Skills gap in cybersecurity – While there is no lack these days of entry-level cyber candidates, there is a lack of mid-level or the next step above entry-level candidates. Companies will have to shift more resources toward their own workforce development and training programs to enable their entry-level people to fill those gaps. Hopefully, there will be an emphasis on internal training and development programs to bridge this skills gap.

This entry was posted on December 29, 2023 at 8:36 am and is filed under Commentary. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.