In an increasingly digital world, where technology is integral to our daily lives, the importance of cybersecurity cannot be overstated, and as we step into 2024, experts from Qualys offer insights into the evolving landscape and emerging trends that will shape the year ahead.
Jonathan Trull, Chief Security Officer, Qualys
CISOs are increasingly under pressure to quantify cyber risk in financial terms to C-suite and boardroom
De-risking the business and reducing cyber risk has become a central focus of executive stakeholders, from the CEO to the board of directors. CISOs find themselves in a challenging position – under immense pressure to address critical issues, while working with budget constraints that are tighter than ever. They are tasked with doing more with less. CISOs are being pushed more into the conversation of the financial impact of cyber risk. They need to be able to measure cyber risk in terms of financial risk to the business, communicate that effectively to the C-suite and boardroom, and eliminate the most significant risks expediently. The CISOs that succeed in these areas will be the ones that last in their roles.
Paul Baird, Chief Field Technical Officer, Qualys
CISOs will go from consolidation to simplification around security
CISOs will prioritize simplifying their security stack in 2024. Companies implement around 70 – 90 security tools on average, and these huge numbers call for CISOs to make their operations more effective and efficient. Rather than simply consolidating the number of security tools being implemented, CISOs will focus on simplifying their processes and making security easier across the board. Concentrating on ease of use and ‘one click to rule them all’ approaches will be the key objective for teams.
Looking at this in action, prioritized automation will be used more frequently to help security operations teams focus on the largest threats to their organizations, based on the most pressing issues and present the biggest chance of being exploited. We’ll begin to see remediation becoming more automated, freeing up skilled people who can better spend their time focusing on efforts that will make a difference.
Skill issues will force more hands around AI deployments
With AI’s acceleration in a variety of industries, we’ve seen panic around AI replacing humans. While AI does have the potential to take on low-level tasks that security teams usually handle manually, these deployments are there to augment security teams. AI will revitalize teams and increase productivity. For more entry level employees, automation will support their onboarding journey, allowing them to make a tangible difference in security operations faster. In fact, taking more menial tasks off the hands of security teams should prove beneficial for their mental health, with burnout being a constant issue in the IT/security industry. Not to mention, the economy will only exacerbate organizational issues such as quiet quitting and burnout. In 2024, security leaders will need to pay closer attention to the health and well-being of their team members, in addition to managing the business and risk. AI will help with risk management and security maintenance, but it won’t be able to have meaningful conversations with team members about how they’re feeling.
Gartner predicts that lack of talent will be responsible for more than half of significant cyber incidents by 2025. Supporting teams in being more effective will be a critical goal for IT leadership in 2024 to prevent that prediction from coming to fruition. AI will allow security teams to feel empowered to make a lasting impact within their roles, rather than replace them.
Education and soft skills will get more focus
Insider threats are a leading problem for IT/security teams – many attacks stem from internal stakeholders stealing and/or exploiting sensitive data, which succeed because they use accepted services to do so. In 2024, IT leaders will need to help teams understand their responsibilities and how they can prevent credential and data exploitation.
On the developer side, management will need to assess their identity management strategies to secure credentials from theft, either from a code repository hosted publicly or within internal applications and systems that have those credentials coded in. On the other hand, end users need to understand how to protect themselves from common targeted methods of attack, such as business email compromise, social engineering, and phishing attacks.
Security teams need to prioritize collaboration with other departments within their organization to make internal security training more effective and impactful. Rather than requiring training emails/videos to be completed with little to no attention to their contents, security executives need to better understand how people outside of their department think and operate. Using techniques like humor, memorable tropes and simple examples will all help to solve the problem around insufficient and ineffective security training – creating a better line of defense against insider threats.