Insights from the Cyber Security Tribe's Advisory Board
As the calendar turns towards 2024, it's imperative to scrutinize what will be considered potential threats to organizations' cybersecurity in the coming year. Understanding these threats is not merely an exercise in speculation; rather, it is an essential proactive measure to safeguard against the evolving risks that could compromise the integrity, privacy, and operations of businesses and institutions worldwide.
To gain insight into the biggest cybersecurity concerns for organizations in the coming year, we turned to Cyber Security Tribe's Advisory Board. Here, we present their valuable insights and concerns for 2024.
The Internal Threat: End-Users and Work from Home (WFH)
Herman Brown, CIO, Office of The District Attorney, San Francsico, brings attention to an often-overlooked aspect of cybersecurity: the internal threat posed by end-users. While much emphasis is placed on external threat actors, end-users with authorized access to data present a significant risk. Their varying levels of tech-savviness, permissions, and motivations can inadvertently or maliciously lead to breaches. The rise of WFH has further complicated matters, with organizations having to account for the security of employees' home networks, even when they are not directly managed.
“As the world focuses on the external threat actors, we should not forget about the internal threat, 'the end-user'. The 'end-user' has 'authorized' access to tons of data and not all 'end-users' are the same. Meaning that some are more tech savvy than others, they have different levels of permissions, and have different motivations for causing disruption. Not to say that the end-user or all end-users have malicious intent; most of the time it is unintentional due to attempts to circumvent stringent security protocols or lack of training.
With the abundancy of WFH (work from home) the organizations network has grown exponentially. I personally went from having 1 main office with 4 satellite offices to now 350 satellite offices, with every employee that is working from home, I must account for the security of their home network, even through we do not directly manage the end-users home network.”
Accountability and Modernization
Paul Carpenito, Head of Information Security, Loews Corporation, underscores the importance of accountability in cybersecurity. He suggests that information security and privacy leaders must be granted full authority for their roles, as new legislation seeks to accomplish. The traditional approach of treating cybersecurity as an IT or CFO function may no longer suffice. It's time for organizations to modernize their approach to cybersecurity, granting CISOs a seat at the table.
“With the adoption of new legislation around cyber, it is critical that Information Security and Privacy leaders are granted the full authority to be accountable for their role in the organizations they lead, which is what these regulations seek to accomplish, accountability. Cyber as a function as IT or the CFO’s office will not breed success. It is time organizations modernize their approach to cyber. We have been hearing for a while that CISO’s need a seat at the table, now, more than ever.”
Data Localization and Cross-Border Cybersecurity
Jamal Hartenstein, Cyber Data Privacy Lawyer, sheds light on the complexities of data localization and cybersecurity obligations across borders. Organizations transferring data across borders must comply with regulations, even if a breach occurs elsewhere. This poses legal, reputation, and operational risks that demand attention.
“Data localization and data residency’s cybersecurity obligations not being met while cross border data transfer has occurred (or is occurring), making organizations liable for regulations of countries with data localization requirements, particularly when there is a breach or unauthorized dissemination that involves cross-border transferred data that didn’t originate in the country where the breach occurred.
The US for example, does not have an 'adequacy determination' by the European Union. The cyber security measures in place for US organizations need to be documented in either binding corporate rules (BCRs) or standard contractual clauses (SCCs) (because no more Shrems jurisprudence) and the organization needs to be audited against such data transfer mechanisms to demonstrate their meeting there Cybersecurity obligations, technically administratively.
That concerns me from the perspectives of legal risk, reputation risk, operational risk and more.”
AI-Driven Security Operations Centers
Dr. Vivian Lyon, CIO, CISO, Plaza Dynamics, raises concerns about the readiness of AI-driven Security Operations Centers (SOCs) to detect cyber threats effectively. The risk lies in attackers exploiting machine learning algorithms more efficiently than SOCs can detect threats. Ensuring AI-driven SOCs are up to the task is crucial.
“My biggest concern in cyber security, as I look toward 2024, is that some AI-driven security operations centers (SOCs) may not be fully ready to detect cyber-attacks and uncover potential threats in real-time as effectively and efficiently as the attackers that exploit their machine learning (ML) algorithms.”
Cloud Security Holes
Kapil Bareja, Digital and Cyber Risk Governance Leader, directs our attention to cloud security. Misconfigured permissions, inadequate access controls, and vulnerabilities in cloud providers' infrastructure that can expose sensitive data. Insecure APIs serve as a potential entry point for attackers, making cloud security a top concern.
“I see Cloud Security holes concern going in 2024: Misconfigured permissions, inadequate access controls, and vulnerabilities in cloud providers' infrastructure can expose sensitive data to unauthorized parties.APIs serve as the key to unlocking the potential of cloud services, making their security paramount. When APIs are insecure, they become a vulnerable entry point for attackers to breach systems, manipulate data, and carry out malicious attacks.”
AI and Data Governance
Rizwan Jan acknowledges the positive potential of AI but warns about the risks of sensitive data exposure. AI tools, if not properly managed, can inadvertently reveal personal data and company trade secrets. Education and awareness surrounding data governance and protection are essential.
“As AI continues to rapidly mature, the potential positive impact it can make on people’s lives is limitless. With that said, the concern remains about sensitive (e.g., PHI, PII, CUI,) data elements being ingested by AI tools, which can expose personal data and company trade secrets (or intellectual property). We all know once this data is exposed there is little that can be done to rein it back in. Education and awareness needs to be a priority around data governance and protection.”
Staying Ahead of Technological Pace
Dustin Sachs, Senior Manager, Information Security Risk Management, World Fuel Services, closes the list with a concern for staying ahead of rapidly advancing technology. The experiences of 2023 showed that releasing technology into the mainstream without adequate security training or guidelines can lead to chaos. Staying ahead of the curve is essential to maintain cybersecurity.
“My biggest concern is staying ahead of the pace at which AI and other technology is being released into the mainstream. 2023 and ChatGPT showed us what happens when a technology is released to the masses with no security training or clear guidelines.”
Cybersecurity Talent Development
Additional board members raised the pressing need for cybersecurity talent development. As threats evolve, organizations must invest in developing skilled professionals to stay ahead of cyber adversaries.
Securing Third-Party Connections
Lastly we heard concern regarding third-party connections, including direct connections, SaaS integrations, and APIs. In an interconnected digital world, ensuring the security of these connections is paramount to prevent vulnerabilities from being exploited.
Takeaways
The concerns highlighted by the Cyber Security Tribe's Advisory Board paint a comprehensive picture of the cybersecurity challenges that organizations will face in 2024.
As we approach the new year, it is clear that a holistic approach is necessary, combining technological advancements, talent development, and a renewed focus on data governance. By addressing these concerns head-on, organizations can better prepare themselves to navigate the ever-evolving cyber threat landscape and protect their valuable assets from malicious actors.
