2024 Halfway Point Trends in Cybersecurity

Alan Sanchez, CISO EMEA at Fortinet, discusses insights and strategies on navigating the cyber security landscape in the current climate and how new technologies bring opportunities, but also higher risks.

The Trends

There are a few main trends I want to talk about, starting with how the threat landscape is evolving and becoming increasingly sophisticated. As a result, we are seeing cybercriminals turn their nefarious activities into lucrative businesses, increasingly scoping for the bigger and better ransomware with the potential for a profitable global attack. This is the industrialization of the threat landscape.

These threat businesses have several tactics; they can extract money illegally and directly through bad practices, leverage vulnerabilities and weaknesses within a global network to steal company info and data and sell it on the black market, or scam workers into sending them money through phishing attempts.

This leads nation-states to have, in addition to their cyberattack capabilities, civilian intelligence agencies focused on gaining access and collecting information, to target for example critical infrastructures such as energy, water, and utilities.

Also read: Top Cybersecurity Trends Impacting Businesses

A second trend is the problem of the complex and huge technology stacks businesses now have. Over time, we have created cybersecurity stacks which saw us plug in a new technology every time there was a challenge or a problem. This has resulted in a patchwork-like mosaic cybersecurity stacks which are practically impossible to manage with one view and don’t provide the best protection.

For example, in the past, you would buy an antivirus for intrinsic capabilities of the antivirus. Similarly, CISOs would buy solutions with features that meet their requirements – such as the VPN, the authentication, and SD-WAN – all these functions would have been collected and purchased separately and often not integrated to create end-to-end security. Today, this means organizations aren’t as protected as they should be.

Convergence in cybersecurity is bringing all the different technologies bought separately into one platform. It’s something companies must do to ensure they have a single security platform which allows for better visibility and the improved ability to detect, analyze, and respond to threats. With the next generation of security solutions being an interconnected fabric of intricate solutions which are talking to each other, convergence is critical for efficient risk aversion.

The third trend we will see is the evolving role of the CISO. New disciplines CISOs have never had to deal with before will soon be part of their job description, especially with the rise of innovative technologies. For instance, there are already skills which were non-existent five years ago which are now paramount, such as legal compliance. At first glance, while legal compliance can be seen as a challenge for security leaders, it is key as all new breaches or protection must be considered as part of a legal framework.

However, it’s more than just legal frameworks which need to be embraced by the CISO. A company’s network and IT systems take a lot of compute power, and must now be operated sustainably.

With data centers, network infrastructures, and application servers generating heat and having a negative impact of company’s carbon footprint, CISOs are going to be on the hook for improvements here.

With most RFPs around cybersecurity solutions including many non-technical questions about topics such as sustainability and diversity, CISOs are now responsible for a whole lot more than just technology. Despite this, it’s positive these topics are being scrutinized as they are truly important to the way we manage cybersecurity as a whole.

Take diversity and cybersecurity skills, for example. Our industry is responsible for training cybersecurity skills to create a better, more diverse cyber culture. We want to raise people who are not necessarily engineers and those who don’t have technical backgrounds, we want people who come from all walks of life, people of all genders and of all backgrounds.

These people will become the strongest link in the cybersecurity channel due to their diversity of thought and ability to bring new skills and thinking into the industry.

The Best Strategies to Stay Secure 

We have already talked through some of the best strategies and solutions to improved cybersecurity for all, such as convergence, having one single security platform, and staff training. And, with the CISO role evolving – something cybersecurity specialists are supportive of – these differing strategies are something they need to be aware of to keep their businesses secure.

Alongside this though, another thing businesses and CISOs need to consider is a cyber practice called sandboxing. It’s where you execute a suspicious code but in a very secure environment to test and analyze that code without impacting the application, system, or platform.

Sandboxing is vital to phantomization as this form of testing is effective when mounting a defense against zero-day threats. It also provides a greater level of protection, particularly when a malicious email slips by any filters put in place.

When looking at the threat of ransomware, we know it can materialize in different ways. As such it only takes a moment – the moment you click on the link, accept incoming traffic at the network level or let some code be executed for the encryption – to be compromised.

In the past, it was relatively easy to detect ransomware. Today, however, the number of micro-events composing a sophisticated attack scenario is much higher than it used to be. This is where AI tools can help.

Unlike humans and traditional security solutions, AI can run thousands or millions of elementary in a fraction of a second, making it much easier to prevent ransomware and other threats. The strength of AI is that you can process it very fast, remedy it in real-time, and intelligently protect your infrastructure.