CISO Tip Series: The Top Security Priorities and Predictions for 2024
The digital world is evolving. This makes the CISO a crucial player in cybersecurity and cyber-resilience. As an extremely strategically significant role, it is now often included in executive teams, influencing business strategies with a unique and vital viewpoint. Here are some cybersecurity priorities and predictions that, with some New Year luck, might improve CISOs’ strategizing and cybersecurity.
1. Ransomware Attacks Will Persist
Prioritizing cybersecurity measures and employee training will help secure your organization from ransomware attacks. Being aware of this critical issue can be helpful for organizations that are trying to prevent the impacts and potential disruption that accompany ransomware attacks. “In the last few weeks, multiple critical infrastructure entities have responded to ransomware.” CISO Michael Gregg suggests “Ransomware is not going away, but the focus on targets will shift.”
2. Managing Supply Chain Risks
The supply chain is a target for cyberattacks and can greatly affect your organization. Steve Winterfeld, Advisory CISO at Akamai, says “As uncovered in our most recent ransomware research, abuse of zero-day/one-day vulnerabilities has led to a 143% increase in ransomware victims.” It should be a priority to know the cybersecurity posture of third parties involved in your organization. With this information, you can protect your organization’s networks accordingly.
3. Improved Board Engagement
“We’re also seeing the challenge of how to manage costs and show value from security programs and the ever-growing list of tools we’re incorporating into the SOC,” Greg Notch who is the CISO at Expel says. On Board engagement, our very own CEO Sivan Tehila says “Define roles, responsibilities, and reporting mechanisms to facilitate CISO and executive alignment when it comes to effective communication and decision-making.” Finally, George Jones CISO at Critical Start predicts “Demonstrating the value of cybersecurity programs and communicating metrics effectively will gain increased prominence.”
4. Increased Focus on Application Security
Kayla Williams, CISO at Devo, says you should inspect and keep track of application security carefully. Set up and familiarize your team with a system for securing applications. This will help your security team have an organized process to protect your organization’s application security.
5. Effects of the New SEC Cyber Disclosure Rule
The SEC’s cyber disclosure rules will encourage honesty and transparency. It will also encourage CISOs to gain more visibility of their program performance so that they can proactively mitigate risks. “Develop a clear framework” Sivan Tehila says “for evaluating the "materiality" of cybersecurity incidents, as stated in the regulatory text, and understanding their potential impact on the organization's financial and operational landscape.” Howard Taylor, CISO at Radware, summarizes the importance of compliance “Everyone in a company must understand the importance of complying with the new SEC rules. Failure to properly report cyber incidents can lead to heavy fines in the hundreds of millions of dollars, and even criminal charges.”
6. Updated Incident Response and Recovery Planning
CISOs regularly update and test Incident response and recovery plans to ensure an attack or breach will be responded to effectively. As the new year approaches, it is a great time to update outdated security plans. Howard Taylor has a tip for this: “Conducting a “lessons learned” session after an incident will improve the process.”
7. Sharing Threat Intelligence
CISO Howard Taylor said “Companies can learn a lot by researching the “big name” security breaches that have recently appeared in the news.” Google recently shared threat intelligence in response to the largest DDoS attack to date. Google “...helped lead a coordinated effort with industry partners to understand the attack mechanics and collaborate on mitigations that can be deployed in response to these attacks.” We hope this type of sharing of intelligence will continue to promote cybersecurity health throughout all industries.
8. Maintaining Security Awareness Training
It is likely that security awareness training will become more and more important for creating a culture that is conducive to cybersecurity. “Ongoing awareness training for employees, supplemented by regular phishing campaigns.” is proactive for cyber resilience according to George Jones.
9. Protecting Remote Work and Strengthening Endpoint Security
Remote and hybrid working models are becoming increasingly common. This creates some security challenges. Heather Hinton, CISO, of PagerDuty, predicts “Organizations will renew their interest and deployment of secure endpoints, including endpoint lockdown, secure configuration, and endpoint-level data-leak protection.” CISOs can utilize endpoint security measures to protect devices used by remote workers. Preventing unauthorized access is also a priority related to this. Technologies like VPNs, multi-factor authentication, and virtual desktop infrastructure can help protect against unauthorized access. There should be plenty of training for remote workers in best security practices.
10. Implement AI-driven Threat Prevention
George Jones predicts “CISOs will focus on leveraging these tools for advanced threat detection, response, and decision-making.” AI-driven threat prevention can speed up data analysis. This can help an organization’s ability to prevent and respond to threats quickly. AI can perform manual work which can help people have more time to focus on more intensive tasks. It's important to keep in mind that the data that is being used to train the AI is very important and should be kept strictly confidential.
11. AI Red Team Exercises
Having a dedicated AI red team can be beneficial for your organization. It's important to test AI models at the base model and application levels. Red teaming the base model can be an early signifier for misuse cases and can help ease uneasiness regarding emerging AI systems. When discussing ways to counteract smart attacks. George Jones, suggests “Integrating cybersecurity considerations into the design, development, and deployment of software.”
12. Achieving Zero Trust Architecture Maturity
CISA’s Zero Trust Maturity Model is a helpful framework that will be useful for cybersecurity. About access management, Kayla Williams, says having a centralized system will help allocate access to users who need it.
We hope you found a resolution that resonates with you and your organization’s cybersecurity strategy. Also, we would enjoy hearing about your own resolutions so don't hesitate to share them in the comments.
