Expert Cybersecurity POV for 2024 Predictions
The commentary from Patrick Hayes, Chief Strategy and Product Officer at Third Wave Innovations and former CISO for several organizations.
AI in Threat Intelligence
As we forge down a path of AI use for threat intelligence, anomaly detection, red team testing, incident response simulations, and more, the data sets are of utmost importance. We have a responsibility to adequately train models against appropriate data sets, while continuously testing for accuracy, especially if any automated response is involved. Adversaries are more than equally using AI in their tactics, techniques, and procedures to attack our organizations. The difference is that attackers have no boundaries when developing their strategies, and are often way ahead of the curve. The day will come where AI, which is ultimately neither good or evil, will evolve to self-protect and defend our organizations. Alternatively, we will see attacks that are not necessarily initiated by humans, rather AI continuing to evolve in its training. The fact is AI lacks empathy for the human condition and, without this, AI can only process the world based on the available data presented.
Role of CISO in 2024
The role of the CISO has been poorly defined and misaligned with the needs of the business. The CISO has never been a pure technology role, even before we started putting ’cyber’ before security. Moving ahead, the CISO should be viewed as the trustee of the organization’s risk. Charged with discovering the current state of the organization’s security risk, it is the CISO who helps define the alignment with business strategy, regulatory compliance, and the threat landscape. This vision is presented to the executive leadership of the company to make hard decisions around what gets funded and what is acceptable. It is near-impossible to own a security strategy that is only focused through the lens of technology.
Cybersecurity Job Cuts Impact
Workforce reductions have largely underscored the fallacy promoted in the cybersecurity industry. While we keep being told there are millions of unfilled jobs, there seems to be little evidence of this idea that you’ll never be worried about being employed in cybersecurity. However, there is plenty of evidence that companies are eliminating positions due to poor top line revenue performance, shifting attentions to EBIT and shareholder confidence. This dangerous cycle has infected the cybersecurity space, with unknown consequences. Expecting the staff left behind after a workforce reduction to carry the load of their peers comes with much greater risk in the cybersecurity space. Fewer people means, less oversight of your technology, less observations being observed and investigated, and worse more incidents becoming breaches.
Overal Cybersecurity Predictions for 2024
– Cybersecurity incidents, such as ransomware, will only increase
– Employees will be the first to suffer the increase in workload and demand to manage more with less
– Customers will suffer the breaches resulting from organizations shifting to a more with less strategy for cybersecurity
– Organizations will look to outsourcing more of their cybersecurity learning that attackers are not downsizing
– Service providers will need to scale beyond traditional managed detection and offer greater observability across event and entity data