Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Expert Cybersecurity POV for 2024 Predictions

December 2023 by Patrick Hayes, Chief Strategy and Product Officer at Third Wave Innovations

The commentary from Patrick Hayes, Chief Strategy and Product Officer at Third Wave Innovations and former CISO for several organizations.

AI in Threat Intelligence
As we forge down a path of AI use for threat intelligence, anomaly detection, red team testing, incident response simulations, and more, the data sets are of utmost importance. We have a responsibility to adequately train models against appropriate data sets, while continuously testing for accuracy, especially if any automated response is involved. Adversaries are more than equally using AI in their tactics, techniques, and procedures to attack our organizations. The difference is that attackers have no boundaries when developing their strategies, and are often way ahead of the curve. The day will come where AI, which is ultimately neither good or evil, will evolve to self-protect and defend our organizations. Alternatively, we will see attacks that are not necessarily initiated by humans, rather AI continuing to evolve in its training. The fact is AI lacks empathy for the human condition and, without this, AI can only process the world based on the available data presented.

Role of CISO in 2024
The role of the CISO has been poorly defined and misaligned with the needs of the business. The CISO has never been a pure technology role, even before we started putting ’cyber’ before security. Moving ahead, the CISO should be viewed as the trustee of the organization’s risk. Charged with discovering the current state of the organization’s security risk, it is the CISO who helps define the alignment with business strategy, regulatory compliance, and the threat landscape. This vision is presented to the executive leadership of the company to make hard decisions around what gets funded and what is acceptable. It is near-impossible to own a security strategy that is only focused through the lens of technology.

Cybersecurity Job Cuts Impact
Workforce reductions have largely underscored the fallacy promoted in the cybersecurity industry. While we keep being told there are millions of unfilled jobs, there seems to be little evidence of this idea that you’ll never be worried about being employed in cybersecurity. However, there is plenty of evidence that companies are eliminating positions due to poor top line revenue performance, shifting attentions to EBIT and shareholder confidence. This dangerous cycle has infected the cybersecurity space, with unknown consequences. Expecting the staff left behind after a workforce reduction to carry the load of their peers comes with much greater risk in the cybersecurity space. Fewer people means, less oversight of your technology, less observations being observed and investigated, and worse more incidents becoming breaches.

Overal Cybersecurity Predictions for 2024
 Cybersecurity incidents, such as ransomware, will only increase
 Employees will be the first to suffer the increase in workload and demand to manage more with less
 Customers will suffer the breaches resulting from organizations shifting to a more with less strategy for cybersecurity
 Organizations will look to outsourcing more of their cybersecurity learning that attackers are not downsizing
 Service providers will need to scale beyond traditional managed detection and offer greater observability across event and entity data


See previous articles

    

See next articles













Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts