Industry executives and experts share their predictions for 2024. Read them in this 16th annual VMblog.com series exclusive.
Navigating The Shifting Cybersecurity Landscape
By
Eyal Mamo, VP of Engineering at CrowdStrike
Navigating the cybersecurity landscape demands
both foresight and adaptability. As threats intensify in 2024, organizations
will recognize the importance of API security, experience an uptick in M&A
activity, and begin to move away from CVSS scoring. The ability to adapt
quickly to threats, coupled with a forward-thinking approach, will be crucial
for security leaders and the bottom line in the coming year.
Read on for my predictions on how businesses
should navigate the shifting cybersecurity landscape:
The
Imperative for CISOs to Fortify API Security Posture
Looking back at 2023 data breaches, it's clear
that vulnerable APIs were the preferred attack vector for hackers - much as Gartner
predicted. Part of the reason why APIs are such an attractive entry
point for breaches like Twitter, Optus, and CircleCI is the fact that other
companies host third-party APIs: it means that a developer can't see the source
code, so they cannot possibly know how their data is used and stored and most
importantly, these assets are not within the traditional perimeter, meaning
that traditional security controls don't apply to them.
In 2024, CISOs and front-line security
professionals will start to truly recognize the importance of a mature API
security posture - featuring a complete inventory of APIs and the data they
transmit, followed by an automated test program and continuous monitoring. This
emphasis on API security will be a stark change from the past three to four
years, which focused more on infrastructure-based attacks.
Cloud
Emerges as the Next Battlefield for DSPM Dominance
The uptick in M&A activity within the
cyber sector in 2023 will continue into 2024 as major players in the space try
to put their stake in the DSPM game. The cloud is cybersecurity's new
battleground, with tool sprawl and solution siloes creating backdoors for
threat actors. Expect industry leaders to borrow the wisdom of tool
consolidation and seek acquisitions that will bolster their platforms and
achieve data visibility at scale.
Having just sold my company - ASPM vendor
Bionic - to CrowdStrike, I'm intimately aware of the necessity for cloud
security vendors to expand their proactive and reactive offerings for security
teams fending off sophisticated AI-powered attacks.
Moving
Beyond CVSS in Vulnerability Assessment
Since 2016, new vulnerabilities reported
each year have nearly tripled. With the number of discovered
vulnerabilities increasing at an exponential rate, organizations need to move
past CVSS for vulnerability prioritization in 2024 and toward context risk
scoring. While CVSS demonstrates how easily a package can be hacked, it fails
to provide more detail on how an organization uses an application, where it's
deployed, data connections, and exploitability. That context is crucial for
rapidly prioritizing and fixing critical threats before they impact the
business.
By moving toward context risk scoring in 2024,
businesses will be able to turn down the noise from irrelevant security alerts
and refocus professionals' attention on the 5-10% of alerts that are
exploitable and create business risk. This is especially important as the surge
in applications and shift to continuous delivery in the coming year will
introduce new attack surfaces and attack vectors at an unimaginable rate.
##
ABOUT THE AUTHOR
Eyal Mamo is VP of Engineering at
CrowdStrike. Prior to joining CrowdStrike, Eyal co-founded and served as CTO at
application security posture management (ASPM) company Bionic, which was
acquired by CrowdStrike in 2023. Prior, Eyal served as
entrepreneur-in-residence at YL Ventures, an American-Israeli venture capital
firm that specializes in seed stage cybersecurity investments. He also was VP
R&D for cyber deception startup Cymmetria, and served six years in the
Israeli Defense Force's Unit 8200, the country's largest and most renowned
intelligence corp that specializes in signal intelligence, cybersecurity and
code decryption.