Virtualization Technology News and Information
Article
RSS
ThreatX 2024 Predictions: How Cybersecurity Leaders Can Take a People-First Approach When Navigating the 2024 Threat Landscape

vmblog-predictions-2024 

Industry executives and experts share their predictions for 2024.  Read them in this 16th annual VMblog.com series exclusive.

How Cybersecurity Leaders Can Take a People-First Approach When Navigating the 2024 Threat Landscape

By Gene Fay, CEO of ThreatX

As we've seen this year, the cybersecurity landscape is constantly evolving - from attack rates and sophistication and organizational "readiness" to combat these threats, to the continued hype around generative AI and navigating global skills gaps. 2024 will be no different; leaders across all industries must proactively prepare to tackle similar challenges.

Among the most critical cybersecurity areas for enterprise leaders to pay attention to is ensuring their security teams are prepared to deal with increasing threats. A significant component will be recognizing the skills shortage and doing your part to provide mentorship and training to individuals interested in upskilling in their careers or entering the field.

Education is another critical piece of the puzzle, and leaders need to emphasize internal education around various threats, such as attacks on application programming interfaces (APIs) and phishing attacks. Ensuring that everyone across the organization has a strong understanding of these targeted threats will become even more critical, especially when considering the ways that AI is advancing attack success rates.

Cybersecurity leaders will need to embrace entry-level positions and in-house training

Despite popular belief, the cybersecurity industry is not facing a talent shortage, we are facing a skills shortage. Hiring teams all want a skilled practitioner to join the organization, but in reality, this type of person is expensive and rare. Yet, there is a surplus of people looking to enter the cybersecurity field.

Organizations are getting thousands of applications for open positions, especially entry-level positions. We're not seeing a shortage of people, there is a shortage of training and of a willingness to hire outside of the traditional skill set. In 2024, as the cybersecurity industry continues to face budgetary constraints, leaders will ultimately have to hire entry-level people inexpensively and give them the opportunity to learn. We'll see more corporations and HR departments partnering to make sure job descriptions truly mean entry level.  

The value of APIs is only going to increase, and attackers continue to take notice

APIs serve as the connection point for organizations to partner with other organizations, and the value that they provide is only going to increase in the year ahead. Organizations will continue to recognize how APIs make it extremely easy to interact with their technology and their partner's technology. Given this value, we'll also see attackers increase their attention on API-based attacks. The good news is there are a handful of companies and tools available in the market to protect APIs, and budgets to do so will surely increase in 2024.  

Organizational "readiness" will be the key trend in navigating AI-based cybercrime

Going into 2024, AI will continue to allow for more sophisticated and customized attacks. The reality is that education around recognizing AI-based threats like phishing is difficult; however, organizational "readiness" will be a key area of innovation.

While the education piece is one component - such as the ability to recognize more customized phishing emails that appear to come from a colleague, vendor, or partner - better endpoint protection is another factor. Companies can't afford to lose out on reliable tools to scan emails and links, but there's also a component of "trust equity," and all organizations should encourage "reward reporting" of suspicious events. Making security the priority of every individual in the organization will be key. 

While we can't know for sure what 2024 will bring to the cybersecurity landscape, one thing is for sure: preparing for the inevitable challenges is critical. As we round out 2023, leaders should be proactively planning to ensure they have the right talent and are providing the necessary education to bolster their teams' skills. Acquiring the right talent and prioritizing providing the necessary training and education opportunities will be essential when facing evolving threats head-on.

##

ABOUT THE AUTHOR

Gene Fay 

Gene has a lengthy track record as an executive at technology companies, including COO at White Ops, General Manager at Resilient Systems (acquired by IBM), and VP of Worldwide Sales and Global Alliances of Network Intelligence (acquired by EMC and integrated into RSA). Gene has extensive experience building high-impact teams at early-stage startups in storage, virtualization, and cybersecurity. He has specific expertise in go-to-market strategies, marketing, customer success, and channel development. Gene holds an MBA from Northeastern University, where he guest lectures on topics such as product management, marketing, and sales.

Published Wednesday, November 22, 2023 8:00 AM by David Marshall
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<November 2023>
SuMoTuWeThFrSa
2930311234
567891011
12131415161718
19202122232425
262728293012
3456789