Industry executives and experts share their predictions for 2024. Read them in this 16th annual VMblog.com series exclusive.
2024 Data Security Predictions: Risk, AI, and Vendor Size
By Liat Hayun, CEO of Eureka Security
Leveraging
data for business purposes is now a core element of how organizations operate.
Business owners expect their security teams to enable extensive cloud data
storage, use and migration across multi-cloud environments without exposing
customer and business data to potential threats. As a DSPM
trailblazer, Eureka Security looks ahead to 2024 with the following predictions
for this space:
Risk
reduction is no longer enough
Stored
data is meant to be used - otherwise, there's no
reason to store it. With increased use comes increased risk, which a maturing
data security sector will be required to allow beyond mere risk reduction and
compliance. Going forward, organizations will now need to focus on
understanding, minimizing, and proactively identifying threats while
maintaining a competitive edge, without jeopardizing their assets. So, while it's important to reduce risk as much as possible by
taking actions such as removing unneeded data, unnecessary roles, and
over-permissive access - it's also key to
acknowledge some level of risk is acceptable, while identifying any actual
threats that might thrive within that space. Just as you accept the risk of
lending your house keys to a friend, if the keys are stolen, the threat must be
mitigated. The same goes for data access: identifying suspicious access,
anomalous behavior, data exfiltration, and ransomware activities must be part
of any good data security solution for this technological evolution to continue
at its current pace.
More
AI = More data
AI isn't new, but it's now
more accessible than ever. A decade ago, only tech giants like Google could
harness its power, relying on data scientists. It later became easier to use AI
for a limited number of use cases by using open-source libraries and other
publicly available tools. These tools were convenient but demanded specific
expertise, which was still scarce. This reality changed with the introduction
of LLM and other sophisticated, and easy-to-use AI
technologies.
The
AI and LLM revolutions are poised to supercharge AI capabilities across all
industries. As these capabilities grow, organizations will be motivated to
store and use increasing amounts of data in a large variety of technologies,
across various environments, shared with a growing number of 3rd parties.
Security cannot be an obstructor here, and the C-suite will expect their
security leaders to enable this growth while securing data at scale.
A
growing number of tools
Organizations
are now collecting data in higher volumes and for multiple use cases driven by
different teams. From a technical perspective, each use case often demands
specific technologies; for instance, a graph-based database isn't suited for the same tasks as a file-based one. Needless to say, these tools also differ in the way in
which they are managed. The result is a growing array of data storage
technologies that need to now be protected by security personnel, forcing them
to learn and develop expertise in various controls and mechanisms that - if
used incorrectly - can lead to data exposure and risk.
Regulating
the data flood
From
a regulatory perspective, broader use cases mean more regions and countries to
navigate. As organizations branch out, they must meet a rising number of global
standards and regulations, ensuring data security and compliance across diverse
markets. While the safety and security of data should be top of mind for any
organization, the data of private citizens is also being protected by different
countries that create regulations to allow that protection.
Vendor
size doesn't matter
In
the past several years, DSPM has become a fundamental element in any security
stack for organizations wishing to manage and secure customer data across a
growing cloud (and multi-cloud) environment. As a result, established security
giants are joining the DSPM race to keep pace with nimble startups like Eureka
Security. These startups offer dedicated cloud-native solutions that have a
specific focus on contextualizing data, understanding data-specific control and
configurations, and analyzing data usage and flow. Smaller vendors, with their
agility, are poised to swiftly reduce risks, counter threats, and adapt to
evolving customer requirements.
In
2024, the Data Security landscape will keep growing and changing to counter new
threats and adapt to evolving regulations. To that end, the innovation and
agility of vendors such as Eureka Security, with the ability to provide
end-to-end data security from detection to remediation, will drive the sector
forward.
##
ABOUT
THE AUTHOR
Liat Hayun is the Co-founder and CEO of Eureka Security, a Cloud
Data Security Posture Management platform that enables security teams to
successfully navigate the ongoing and often chaotic expansion and growth of
cloud data. Prior to co-founding Eureka Security, Liat spent a decade leading
cybersecurity efforts in the Israeli Cyber Command and Palo Alto Networks. Her
IDF service merited the prestigious Israel Defense Prize. As VP of Product
Management at PANW, Liat led the production of Cortex XDR and PANW's Managed
Threat Hunting service. These roles have enabled Liat to pursue her greatest
interests and concerns in the cybersecurity threat landscape, as well work with
wonderfully talented people on their solutions. Passionate about working
closely with others, she is driven to identify meaningful operational security
gaps and develop exciting new technologies and strategies to help fellow
security leaders tackle them.