Virtualization Technology News and Information
Article
RSS
Illumio 2024 Predictions: How New Technology and Legislation Will Impact The Threat Landscape

vmblog-predictions-2024 

Industry executives and experts share their predictions for 2024.  Read them in this 16th annual VMblog.com series exclusive.

How New Technology and Legislation Will Impact The Threat Landscape

By John Kindervag, Creator of Zero Trust and Chief Evangelist at Illumio

In 2023, cyberattacks remained rampant and aggressive, as we saw bad actors grow increasingly sophisticated and indiscriminate in their attacks. As we enter into 2024, whether we attribute an increase in attacks to AI, a renewed drive from attackers, or simply the fast-changing nature of the industry, it is more critical than ever for security teams to ensure they're preparing accordingly for the inevitable attacks and threats to come. If we take a look at cloud breaches in the past year alone, Illumio's 2023 Cloud Security Index revealed that cloud-based attacks cost organizations nearly $4.1 million. And bad actors aren't slowing down anytime soon. In the new year, security professionals have to stay vigilant as the threat landscape evolves and widens, becoming more costly and impactful in the process.

Looking ahead at the year to come, here are a few of the top trends that business and security leaders should expect to see and be prepared for in 2024.

Government agencies will provide guidance on bills of materials

A major concern that we will continue to see into next year is the strength of the supply chain. We can expect to see increased documentation and guidance from government agencies on software and hardware bill of materials (SBOM and HBOM), which will outline how organizations can determine if they have clean software and hardware in place. This will be prevalent for industries such as the chip manufacturing industry, as the U.S. remains concerned about adversaries injecting malicious capabilities into the technology stack. 

This new generation's understanding of today's technology will benefit future laws and regulations

As a new generation of legislators enters the government, we will see more legislation that is reflective of the current technology landscape. Right now, a significant challenge in technology and cyber legislation is that current regulators don't understand how the internet works, which makes it difficult to govern and enforce what happens in the digital world. This new generation will not only have a better understanding of how the internet, and its adjacent technology works, but they'll also be able to translate that knowledge into discerning which laws and regulations are meaningful. For example, we can look for this to first play out in the AI regulatory environment, where digital natives are more excited about the possible threats of this technology, while the older generation is more worried about the threats posed by this technology.

The SEC and other regulatory agencies will enforce stricter reporting requirements

Right now, most breaches and incidents go unreported. In 2024, we will need legislation to enforce better reporting of cybersecurity incidents and data breaches to record the necessary data points to help determine where the real problems lie. We have a lot of statistics about physical crime because when people are in trouble, they know to call the police. In the same way, we need to develop a way to incentivize people to report cybercrime so that we can collect data points to better inform our collective approach. Right now, we're just guessing, which is not effective. Coming into 2024, we will see the SEC, and other regulatory agencies, mandating more reporting requirements in the future.

Zero Trust will be implemented into organizations' security plans

The phase of simply talking about Zero Trust has ended. In 2024, we will see greater implementation, not just conceptual buy-in, of Zero Trust for several reasons - chief among them being how bad the attack landscape has progressed and how that is increasingly affecting the executive suite. Illumio's Cloud Security Index reveals that while over half of organizations believe that their cloud security is inadequate, 98% of organizations store their significant data in the cloud - making Zero Trust Segmentation imperative to defend threats. Zero Trust as a strategy doesn't change, of course, the solutions will always get better and better.

Security professionals will need to be vocal about risks and threats to CEOs

In 2024, people need to stop being complacent when it comes to cyber. Most still think that no one's going to attack them (only 25% of orgs think they'll be breached), but the reality is that everyone is a target. Despite some progress on the legislative front, the reality is that more people must be more willing to push back and set realistic expectations with business leadership, rather than blindly following orders. We need security leaders who have a direct line to the CEO and insight to communicate what they need to hear when it comes to risk and threats and not just what they want to hear. 

In 2024, cyber teams will be up against new and even more daunting challenges as the threat landscape continues to develop. It will be up to organizations' leadership to ensure their security teams are equipped with the knowledge and tools to come out on top.

##

ABOUT THE AUTHOR

John Kindervag, Creator of Zero Trust and Chief Evangelist at Illumio

John Kindervag 

John has over 25 years of experience working as both an industry analyst and practitioner. He is most known for creating the Zero Trust model of cybersecurity. John was most recently the senior vice president at MSSP ON2IT, focusing on cybersecurity strategy, and before that was the field CTO at Palo Alto Networks. Prior to his time at Palo Alto Networks, John was the Vice President and Principal Analyst for the security and risk team at Forrester Research, where he developed the Zero Trust model of cybersecurity.

Published Tuesday, January 02, 2024 7:30 AM by David Marshall
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<January 2024>
SuMoTuWeThFrSa
31123456
78910111213
14151617181920
21222324252627
28293031123
45678910