Dig Security CEO Dan Benjamin, offers valuable insights into the top security trends expected to shape 2024, covering generative AI, data security consolidation, and compliance maturation.
Dan Benjamin, CEO and Co-Founder of Dig Security
Security programs for generative AI
As companies begin to move generative AI projects from experimental pilot to production, concerns about data security become paramount.
LLMs that are trained on sensitive data can be manipulated to expose that data through prompt injections attacks
LLMs with access to sensitive data pose compliance, security, and governance risks
The effort around securing LLMs in production will require more organizational focus on data discovery and classification - in order to create transparency into the data that ‘feeds’ the language model
Consolidation of data security tooling
As organizations moved to the cloud, their infrastructure has become increasingly fragmented. With multi-cloud and containerization becoming de-facto standards, this trend has intensified. Data storage and processing is dispersed, constantly changing, and handled by multiple vendors and dozens of tools.
To secure data, businesses found themselves investing in a broad range of tooling - including DLP for legacy systems; CSP-native solutions; compliance tools; and more. In many cases two separate tools with similar functionality are required due to incompatibility with a specific CSP or data store.
This trend is now reversing. Economic pressures and a growing consensus that licensing and management overhead have become untenable are leading organizations toward renewed consolidation. Businesses are now looking for a single pane of glass to provide unified policy and risk management across multi-cloud, hybrid, and on-premises environments. Security solutions are evolving accordingly - moving from point solutions that protect a specific data store toward more comprehensive platforms that protect the data itself, wherever it’s stored.
Maturation of compliance programs
Organizations are realizing that compliance needs to be more than an annual box-ticking exercise. With regulators increasingly willing to confront companies over their use and protection of customer data, it’s become clear that compliance needs to be a strategic priority.
Businesses will invest more in programs that enable them to map their existing data assets to compliance requirements, as well as tools that help identify compliance violations in real time - rather than waiting for them to be discovered during an audit (or in the aftermath of a breach).