What do CISOs think will happen in 2024? One is Sergej Epp, Chief Information Security Officer (CISO) for Central Europe at Palo Alto Networks. He presents his seven predictions for CISOs in 2024.
In addition, the expert provides practical recommendations for action for each of these developments that companies can use to specifically protect themselves against new threats.
Prediction 1: AI will challenge CISOs
In the future, companies and IT departments will have difficulty defining the exact responsibilities for artificial intelligence (AI) in the company. At the same time, attackers will use Large Language Models (LLMs) and generative AI to significantly improve spear phishing emails, combining them with deepfake and other AI-powered attack methods that maximize the success rates of these attacks.
Recommendations for action:
CISOs should identify and effectively communicate the risks of AI-powered processes to the business. This requires a clear prioritization of projects that have the greatest value for the company and a significant impact on cybersecurity. To increase security efficiency while reducing complexity, CISOs should rely on AI-powered platforms. In addition, experts should share best AI security practices with each other and integrate them within the company.
Prediction 2: Generative AI as a driver for cybersecurity
As generative AI continues to evolve in 2024, the introduction of Security Copilots will increase the productivity of Security Operations (SecOps). This will significantly shift the focus within the team towards proactive thinking - with a focus on building threat intelligence platforms that use AI as early warning systems. At the same time, threat hunting will provide better visibility into attack surfaces before security teams begin digital-first projects.
Recommendations for action:
The role of the CISO should evolve towards a Chief AI Security Officer (CAISO), who uses AI models to predict threats in real-time and autonomously. By further developing the CISO role, managers are to be brought together and cybersecurity established as the central basis for the secure development of AI-supported digital projects. Additionally, CISOs should establish measurable metrics, such as how long it takes to resolve an incident, and use AI to protect against data contamination or degradation.
Prediction 3: Consolidation and platform approach to improve security
In 2024, consolidating cybersecurity applications will become a key priority for organizations. Although it promises to reduce costs and complexity, it is clear that it alone is not enough to increase cybersecurity efficiency. Companies will realize that consolidation does not mean platformization. Projects that focus solely on being more cost-effective while ignoring improving safety outcomes are doomed to failure.
Recommendations for action:
Security teams must create a modular, systematic platform approach as a differentiator for the organization. They should reduce the number of providers from more than 30 to two to three trustworthy cybersecurity partners that operate in an ecosystem. Companies should engage innovative cybersecurity partners who also have a focus on real-time and automated security. At the same time, the user-friendliness and integration of the security solutions should be improved.
Prediction 4: Resource shortages among regulators
The increased requirements of NIS2 and DORA compared to the NIS1 directive put pressure on organizations. These requirements pose the risk of misinterpretation and incomplete information, which in turn can lead to a shortage of resources for the authorities. This lack of resources makes it difficult to prioritize and qualify cases and results in fewer resources for support, education and response.
Recommendations for action:
Both authorities and organizations should use technology to understand the severity and potential impact of new requirements, rather than reactively assessing them in times of crisis. It is critical that agencies and organizations develop programs based on attack surface management technologies, proactive threat intelligence and assessments. Additionally, they should utilize the services of reputable security companies when responding to security incidents. Agencies must take a threat-focused approach to cybersecurity to qualify reports.
Prediction 5: Active board involvement in cybersecurity
New regulations such as NIS2 require boards to be more responsible in the area of cybersecurity. As a result, companies will add more experts or former CISOs to their boards and establish dedicated cybersecurity committees to address increasing scrutiny from regulators. Continuing cybersecurity education will be an important factor in strengthening trust between the CISO and the board.
Recommendations for action:
Companies should establish a cyber resilience governance framework that has the explicit support of the board. CISOs should establish annual board meetings involving ecosystem partners (e.g. strategic vendors, customers and/or suppliers), as well as proactively advise the board and conduct tabletop exercises.
Prediction 6: Assessment of infrastructure for “quantum readiness”
At least 50 percent of organizations in critical infrastructure (KRITIS), such as financial services or national security, will initiate projects to assess the impact of emerging quantum computing on their cybersecurity.
Recommendations for action:
KRITIS organizations should conduct a comprehensive risk analysis, particularly with regard to threat actors who can intercept, record and store encrypted communications. Because when quantum computers become widely available, this communication can be easily decrypted later. Organizations must evaluate which homegrown applications and vendor technologies should implement post-quantum cryptography (PCQ) immediately or in 2025.
Prediction 7: Alignment of security measures with software development
The proliferation of generative AI in software development is expected to lead to an increase in bugs in homegrown software, thereby accelerating attacks on these applications. Combined with the increasing risk of supply chain attacks and an exponential increase in open source usage, at least 30 percent of organizations will rank application security as one of the top three cyber risks in 2024.
Recommendations for action:
CISOs should assess the security posture in, on and around the software development pipeline and create a plan to balance security with development speed. When planning security measures, CISOs should consider the developer experience (DevEx), such as smooth integration into the developer ecosystem, connection between code-build-run, controls during coding, and high automation using infrastructure-as-code security tools.
More at PaloAltoNetworks.com
About Palo Alto Networks Palo Alto Networks, the global leader in cybersecurity solutions, is shaping the cloud-based future with technologies that transform the way people and businesses work. Our mission is to be the preferred cybersecurity partner and protect our digital way of life. We help you address the world's biggest security challenges with continuous innovation leveraging the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are the leaders in protecting tens of thousands of businesses across clouds, networks and mobile devices. Our vision is a world where every day is safer than the one before.