People ask me all the time what it’s like to be in cybersecurity. I tell them it’s a fast-paced industry, you’re never bored, and you get the opportunity to work alongside extremely bright people. This 2024 predictions webinar was a perfect example of all three.
I recently had the honor of being on a panel with some of these extremely bright people. In our webinar, After AI: Cyber Predictions for 2024, experts from Fortra and Forrester looked at the year in review and talked about what this fast-paced industry can expect in the year ahead. Here are a couple of notable takeaways to help us all get a little closer to cybersecurity maturity in 2024.
A Platform Approach to Cybersecurity
It was only a few years ago when the number of security vendors was around 2,000. Today, that number has more than doubled as new attack vectors resulted in a new category of tools and new entrants into the industry. Organizations that once used a “best-of-breed” approach found themselves having to stitch all these tools together, pulling anything from anywhere to patch new holes without taking the time to make sure the tools were the best available. The outcome was tool sprawl, which offered limited value. Consequently, many of those tools ended up as shelf-ware. Today, we are seeing a shift from a “best-of-breed” approach to a platform approach, where integration and automation are prioritized. The difficulty? Patching the holes while still trying to get top-notch tooling.
Threat Intelligence Collaboration
There is an ancient proverb that says, “The enemy of my enemy is my ally”. I don’t know who said it, but it seems like this aligns perfectly with where we are in cybersecurity today. Regardless of what industry your organization falls into, you are trying to win the same business as your competitors. You are also fighting the same cybercriminals as they are. Therefore, collaborating with your competitors to fight a common enemy is something that should seriously be considered. Cross-sharing insights on attack campaigns – including what you learned from them, any relevant threat intelligence, and how you hardened your environment to protect against them – helps everyone.
Where to Focus in 2024
There is always a lot to do, and that list keeps growing. With so many novel attacks, vectors, and changes, it’s easy to get caught up in chasing the next trendy thing. However, I like the guidance given by the panelists:
Emphasize Security 101
It’s important to do the basics well. This includes MFA, a disciplined patching program, and awareness training.
Focus on Your Vital Few
These may be partnerships, capabilities, or tools. You can’t do all of them at once, so figure out what is vital and focus on that.
Invest in Your People
Your employees are the first and last line of defense. Keeping them informed of the latest tactics is important, but so is developing their skillsets, which include both technical and soft skills.
At this point, you may be asking yourself why AI/ML is absent from the 2024 predictions. That was by design. This discussion was meant to analyze the security trends resulting from the onset of AI, and what new AI-induced changes have left us to deal with. However, time was also spent on additional hot-button topics such as geopolitical tensions and (yes) signs of optimism. To hear about those and other insights, check out the webinar.