Top 9 Trends in Cybersecurity for 2024

Security and risk management (SRM) leaders face disruptions on technological, organizational, and human fronts. Preparation and pragmatic execution are key for dealing with these disruptions and providing the right cybersecurity program.

Gartner’s latest report listed the top 9 cybersecurity trends for 2024. Here are excerpts from the report.

1. Continuous Threat Exposure Management (CTEM)

Organizational attack surfaces have grown enormously in recent years. This growth has been driven notably by accelerating the uptake of software as a service, the widening digital supply chain, a growing corporate presence on social media, custom application development, remote working, and internet-based customer interaction.

This larger attack surface has left organizations with potential blind spots and many potential exposures to address. To cope, SRM leaders have introduced pilot processes that govern the volume and importance of threat exposures and the impact of dealing with them with CTEM programs. They are now expanding these pilots beyond cybersecurity validation activities. More mature organizations offer a range of security optimizations to better mobilize business leaders, not just short-term remediations.

2. Extending Security-enabling Identity and Access Management’s (IAM) Cybersecurity Value

An identity-first approach to security shifts the focus from network security and other traditional controls to IAM. It makes IAM a key contributor to organizations’ cybersecurity outcomes and, therefore, to business outcomes. Organizations adopting this approach need to pay more attention to basic IAM hygiene and the hardening of IAM systems to improve their resilience. This includes closing long-standing gaps in the capabilities for prevention, such as extending control over cloud entitlements and machine identities and introducing new advanced capabilities for ITDR (identity threat detection and response). IAM architecture is evolving toward an identity fabric and taking on new functions to allow for real-time identity controls in a composable manner.

3. Third-Party Cybersecurity Risk Management

Knowing for certain that third parties will experience cybersecurity incidents is pressuring SRM leaders to focus more on resilience-oriented investments and move away from frontloaded due diligence activities. That is why progressive SRM leaders stress activities driven by resilience: implementation of compensating controls and improvement of incident response planning. At the same time, they provide targeted support for business partners to inform third-party contracting and influence control decisions.

4. Privacy-Driven Application and Data Decoupling

For decades, MNCs that have relied on single-tenant applications are now facing increased compliance demands and risks of business disruption. The cause is the rise in nationalistic privacy, data protection, and localization requirements, leading to enforced fragmentation of enterprise application architectures and data localization practices. Forward-thinking organizations are responding to plan and implement various application and data decoupling strategies that reduce IT resource dependencies, adopt modular and composable architectures, adopt industry cloud platforms, and isolate applications, data repositories, and infrastructures for highly regulated markets. This reduces compliance risks and creates a competitive advantage.

5. Generative AI

Large language model applications, like ChatGPT, have put generative AI (GenAI) on the table for inclusion in most business, IT, and cybersecurity road maps. GenAI defines those techniques that learn from the data’s representations and the model’s artifacts to generate new artifacts. GenAI introduces new attack surfaces that need protection. The changes extend to application and data security practices and user monitoring. The rise of GenAI will also change the cybersecurity market’s dynamics.

6. Security Behavior and Culture Programs

Security behavior and culture programs (SBCPs) encapsulate an enterprise-wide approach to minimizing cybersecurity incidents associated with employee behavior, whether accidental or deliberate. An SBCP seeks to change behavior. It includes traditional practices, such as awareness training and phishing simulation, and a range of behavior-influencing disciplines, including Organizational change management, Human-centered user experience (UX) design, and DevSecOps.

7. Cybersecurity Outcome-Driven Metrics

Cybersecurity outcome-driven metrics (ODMs) are a special type of operational metrics that make it possible for cybersecurity stakeholders to draw a straight line from investment to the delivered levels of protection that investment produces. ODMs are a centerpiece to building a defensible strategy for cybersecurity investment. They represent agreed protection levels; they have powerful properties in providing a credible and defensible expression of appetite for risk that can be used to support direct investment. ODMs help to perform numerous jobs that have been problematic for decades.

8. Evolving Cybersecurity Operating Models

Technology acquisition, creation, and delivery continue to shift from central IT functions to lines of business. This, in turn, breaks the traditional cybersecurity operating models. SRM leaders are now shaping cybersecurity operating models to meet business needs for autonomy, innovation, and agility. Decision rights are becoming dispersed, policy details are now owned at the edge, some governance is being centralized and formalized to better support risk owners at the edge, and the SRM leader role is evolving into a value enabler role.

9. Cybersecurity Reskilling

The shortage of cybersecurity talent is a perennial issue, with talent shortages at alarming levels on a global scale. In the U.S., for example, the current demand for qualified cybersecurity professionals is only being met at about 70%, an all-time low over the past decade. Unfortunately, supply-and-demand issues in labor markets are beyond the reach of any SRM leader. What could be sorted out is an emergent skills gap: cybersecurity teams’ skills are required to change in a big way, but cybersecurity leaders continue to hire for legacy roles and skills. This means that SRM leaders need to upskill their teams through the retraining of existing talent and the hiring of new talent with new profiles.

Conclusion

As an SRM leader working to optimize your organization’s cybersecurity program and investment, you should:

• Drive organizational resilience via continuous, pragmatic, business-aligned risk management efforts across your organization’s digital and third-party ecosystems. Expand the role of identity and access management in driving down cybersecurity risk.
• Coordinate cybersecurity decision-making to empower distributed technology initiatives. Track the performance of the security function against business-aligned, outcome-based metrics (OBMs) commensurate with protection-level agreements (PLAs).
• Enable resilient operation in the face of localization requirements by embracing a composable application architecture as part of a data-decoupling strategy.
• Adopt a strategic, human-centric approach to driving improvement of the performance of the security function, achieve this by reskilling existing security talent, using GenAI to augment — not replace — human efforts, and implement a contextually adequate security behavior and culture program.

As part of our Cybersecurity Assurance Program (CSAP) for Enterprises, Cigniti conducts and provides the following services: Security Requirements Analysis, Architectural review, Threat Modelling and threat Assessments, Static Application Security Testing, Dynamic Application Security Testing, Mobile Application Security Testing, and Vulnerability Assessment and Penetration Testing. Our focus areas are Processes and Practices, Governance, Tools, and Integration and Automation.

Need help? Contact our Cybersecurity experts to learn more about the top trends in Cybersecurity for 2024.