Cybersecurity considerations 2024

Global businesses are operating within an increasingly complex cyber and privacy regulatory space. National interests are playing out, leading to diverse regulatory requirements over information sovereignty, supply chain security, transparency of cyber controls compliance, incident reporting, and, of course, privacy. Businesses should seek to calibrate their regulatory reporting for an increasingly borderless world but also maintain security controls that can be tailored to local requirements. Organizations should be prepared to respond quickly to changing geopolitics and diverse sanctions requirements.

Many organizations’ current approach to third-party and supply chain security does not align with the reality of today’s complex and interdependent ecosystem of partner organizations. Traditional models were built around the assumption that third parties provide services on a transactional basis. That view does not reflect today’s intricate network of APIs and processes tethered by a complex set of software-as-a-service dependencies. Organizations are encouraged to establish more strategic supplier partnerships focused on continuously monitoring and managing the evolving risk profiles of these suppliers to strengthen operational resilience.

With careful planning and execution, artificial intelligence (AI) has the potential to transform how, when, and by whom work gets done. All the talk is currently about generative AI, but many other branches of AI, from robotics to machine learning, continue to transform business. Calibrating the security, privacy, and ethical implications inherent in these technologies is challenging, and organizations are looking to establish frameworks that provide both risk management and governance when implementing AI.

Businesses are increasingly moving systems to the cloud, the volume of data that needs protection is skyrocketing, and more people are working remotely and accessing corporate networks with their own devices. As a result, the cyberattack surface is expanding, creating more alerts, false positives and triage events for CISOs to manage. There’s a lot of noise in security operation centers (SOCs), and there aren’t enough panes of glass or humans to deal with the volume. How can CISOs keep detecting threat after threat and feel they're not missing something? They need to collect, correlate and escalate the signals that require a response — and it must be done rapidly. The only way to do that is through automation.

Every organization with which consumers interact assigns them a unique digital identity, and just as usernames and passwords vary, authentication methods do as well. From a cybersecurity perspective, the identity model is evolving. Most identity and access management (IAM) models were originally devised to manage digital identities and user access for single organizations. Many are now being reconceptualized to encompass a level of resilience suitable for federated, private, public or multi-cloud computing environments. This will eliminate the need for individuals to ensure the exhaustive, time-consuming and intrusive process of identity-proofing every time they interact with a new institution, either as a customer or employee.

During a cyber incident, organizations need a response measured in minutes and hours, not days and weeks. In today’s volatile environment, resilience has become a common theme for organizations across critical infrastructure sectors such as energy, communications and transportation, with executives focused on recovery if preventative controls fail. Resilience should seamlessly align with cybersecurity, emphasizing protection, detection, and rapid response and recovery. Cyber resilience is vital for maintaining business operational capabilities, safeguarding customer trust, and reducing the impact of future attacks. These disciplines must work in tandem to help organizations manage risk.