AI and CISO Role Take Centre Stage in 2024 Cybersecurity

AI-and-CISO-Role-Take-Centre-Stage-in-2024-Cybersecurity

Tata Consultancy Services Reveals Its Top Five Cybersecurity Trends for 2024 According to Business Leads

Tata Consultancy Services revealed the top five cybersecurity trends it believes will shape global enterprises in 2024: generative AI, board room discussion, sovereign cloud, vendor strategy, and insights on hiring. The predictions come during the 20th year of Cybersecurity Awareness Month—which was launched by the U.S. Department of Homeland Security and the National Cybersecurity Alliance as an effort to educate and bring awareness to security every October.

Margareta Petrovic, Global Managing Partner, Risk and Cybersecurity Consulting & Service Integration, TCS and Dr KPS Sandhu, Head of Global Strategic Initiatives, Cybersecurity, TCS developed the insights from TCS

Here are the five essential cybersecurity trends that businesses must consider and monitor for success in 2024: 

1.Generative AI Creates Security Opportunities and Pronounces Threats

Generative AI and machine learning are increasing the frequency and complexity of cyber-attacks, creating new pressures on companies. This technology can allow cybercriminals to launch sophisticated and stealthy attacks like deepfakes or self-evolving malware, compromising systems on a large scale. To counter these advanced threats and fight fire with fire, enterprises must use AI-driven cybersecurity. This technology can transform the industry by improving enterprise posture through automated hardening of configurations and compliance, overcoming micro-segmentation challenges, fine-tuning least privilege access, enhancing reporting and more. It can be used to significantly improve security operations in many ways, such as the identification of false positive alerts with the application of supervised machine classification and active learning, detection of advanced attacks like DNS tunnelling with the help of machine learning-based payload analysis and traffic analysis, and discovery of new threat samples using deep-learning supervised classification models. 

As threats become more eminent and dangerous, companies can consider two distinct methods to uplift their cyber resilience programs, which will see prominence in the future: cyber insurance and real-time threat dashboards. 

Currently, leaders in cybersecurity understand the need to prepare for generative AI threats and opportunities—with insurance becoming less of a choice and more of a necessity. As a core precautionary method, a centralized visibility dashboard is a tool we expect many companies to invest in as it can plan, track, and react to attacks while giving insights into real-time cyber risks. 

We believe AI and machine learning will be used more widely to help protect data across hybrid cloud environments by identifying shadow data, monitoring data access, encrypting data in transit and at rest, and alerting security teams about potential data breaches. In the future, user authentication, AI and machine learning will continue to grow in influence. Leaders can use new technology to help balance security with user experience by analysing the risk of login attempts and verifying users through behavioural data, biometric data, or multifactor authentication. Additionally, malware can be detected and blocked by analysing file characteristics, network traffic, user behaviour, and other indicators of compromise. As enterprises embark on this journey, they should prioritise employee education on the secure use of AI tools, ensure the security of data transmitted to and from AI tools, have stringent access control and monitoring, and continuously harden models to mitigate potential security vulnerabilities.

2. Spotlight on Cyber with Increased Focus at the Top, Emphasizing Pressure on CISO Role

Due to increased cyber-attacks and opportunities for breaches, we expect C-suite to become increasingly involved in cyber risk-related decisions. According to reports, with increased executive accountability and heavy fines for violations, boards will focus on cybersecurity regularly. They could take actions like creating a dedicated cybersecurity committee, engaging with external advisors, and requesting regular reports from CISOs. Legislative changes such as the EU’s NIS2 Directive and rule changes by the Securities and Exchange Commission (SEC) around material cybersecurity breaches will affect board and cyber organisation structures while influencing decisions about investing in security access management, cloud security, data security, 

This has elevated the office of the Chief Information Security Officer (CISO), who have traditionally operated from a technocrat mindset of managing tactical risks, putting out fires, and enforcing compliance to being included in business strategy decisions and driving cybersecurity-enabled competitive advantage. Now, these leaders increasingly report to the board and have more autonomy to make investment decisions. Boards will have a dedicated cyber committee and specific C-suite cyber performance metrics, while also requiring companies to mandate cybersecurity education and training programs as further ways to mitigate cybersecurity risks and integrate cybersecurity best practices into any company-wide strategy.  

3. A More Regulated, “Sovereign Cloud” Becomes Standard in Global Business

We expect the adoption rate of sovereign cloud to grow significantly in the coming years as more countries and regions develop data sovereignty laws and initiatives. When utilising this cloud, companies can safeguard valuable data and systems from unauthorised foreign access on a country or local level. Data privacy regulations and the geopolitical landscape are constantly changing, and these affect the control and flow of data. The coverage of these laws is fast expanding and by end of 2023, nearly 5 billion people responsible for nearly 70% of global GDP will fall under a privacy law. The stringent stance taken by countries against privacy violations with huge fines being levied on enterprises makes data sovereignty a key imperative. By adopting a sovereign cloud solution, organisations can reduce the risk of data breaches, espionage, and sabotage, while enhancing trust with investors, customers, and regulators. 

The current adoption rate of sovereign cloud varies depending on the sector, industry, and geography. According to a survey by IDC in 2020, 40% of European organisations have already adopted sovereign cloud solutions, while 31% plan to do so in the next two years. The adoption rate is higher among public sector organisations (49%) than private sector ones (37%), and among organisations in France (54%) and Germany (51%) than those in the UK (29%) or Italy (28%).)

Some examples of sovereign cloud solutions are Gaia-X: a European project that aims to create a federated data infrastructure that ensures data sovereignty, security, interoperability, and portability for European cloud users and Azure Government: a Microsoft cloud service that offers dedicated regions and compliance certifications for U.S. federal, state, local, and tribal government entities, as well as their partners.  Alibaba Cloud is a Chinese cloud service that operates multiple regions within China and complies with Chinese laws and regulations for data security and privacy. 

4. Expanded Digital Ecosystems Leave Room for Attack, Altering Vendor Strategy

As business models involving digital ecosystems (complex networks of businesses, individuals and various systems and stakeholders that use technology to interact) become more sophisticated, we expect cyber threats to be more imminent. Right now, it is no longer feasible to address every threat identified in an organization’s digital ecosystem. Because of this, it is recommended that enterprises adopt a continuous approach to threat management which involves expanding threat assessments to include integrated supply chains while consolidating vendors. 

As cybersecurity threats emerge and evolve, organisations often respond by adding more security products and partners, but this can ultimately work against their security goals. To solve this, many organisations are considering opting for vendor consolidation so that security posture can also be improved. In fact, 75% of organisations are pursuing a security vendor consolidation, which is a substantial increase when compared to figures of 2020 when it was only 29%. The rationalisation of the cybersecurity vendor portfolio is urgently needed to provide the security team with an efficient platform to manage risks effectively across the broad threat landscape.

5.While Talent Gaps Continue to Widen, New Hiring Strategies Can Prevail

There are over 700,000 job openings in the U.S. and according to some estimates, there is a need for more than 2.7 million cyber professionals globally.  The talent gap in cybersecurity has created a dire need for skilled and qualified people to prevent, detect, and respond to novel and ever-growing cyber threats and incidents.

To combat these rising challenges, companies should consider hiring in-house specialists to bolster internal teams or outsource this work to large external resource companies (consulting firms, cloud providers) to reduce costs and risks. If hiring is not imminently possible, administrators should opt for a managed services provider. The partner can then implement and operate a unified security platform using automated and streamlining processes to strengthen defences against advanced threats while providing complete visibility into the security posture of the enterprise. 

At the education level, the White House’s cybersecurity strategy in July 2023 promises a build of ecosystems to improve cyber education in K-12, higher education, community colleges, and technical schools. We expect to see more emphasis on schooling, leading to a fuller job pipeline. We believe that consistency paired with automation will help organisations optimise their cyber security operations and overcome human resource limitations.