Three Cybersecurity Predictions to Help Boards Prepare for 2024

January 2, 2024

High-profile cyberattacks over the past few years have given us a first-hand look at how detrimental a security incident can be for any company — from financial loss and reputational damage to system downtime and a loss of customers. Consequently, security has evolved from being an IT risk — and the sole problem of IT and security teams — to a business risk that involves the entirety of an organization, including its board of directors.

 

Security needs to start from the top; from the boardroom to the mailroom. In fact, over the past 18 months there has been increased emphasis on elevating the role of all leadership in security and risk management, most notably from the U.S. Securities and Exchange Commission (SEC) and its recently adopted rules for publicly traded companies.

 

Greater involvement in cybersecurity from boards and other leadership will help companies build a security culture that is better prepared to defend against today’s threat actors. But to realize these benefits, boards have to go about their newfound oversight and responsibility in the right way. One of the first things you can do to make a positive impact going into 2024 is to prepare your organization for what’s to come. With this in mind, here are three predictions to be aware of:

 

  1. We’ll see the resurgence of historic attack methods.
    Though they’ve been around for decades, phishing and other social engineering attacks are still the biggest threats to companies. As organizations implement Zero Trust architectures and more effective security tools to shore up security gaps in their infrastructure, cybercriminals are increasingly targeting end users to bypass account credentials and multi-factor authentication to find their way in.

     

    On top of this, generative AI has made it fast, easy and cost-effective for cybercriminals to craft perfect native-language emails and text messages with context as well as create believable audio and video impersonations, making it harder than ever for recipients to distinguish between legitimate and fake material.

     

    Cybercriminals want maximum reward for minimal work, and generative AI-powered phishing and social engineering attacks provide them with this combination. Because of this, not only are attack volumes increasing, but success rates are as well — and this will continue in 2024.

     

    How to Prepare:
    The best way to prepare your organization to battle advanced phishing and other social engineering threats is to ensure leaders prioritize cybersecurity awareness, education and training. The most effective programs are conducted frequently (e.g., monthly) and consist of short, engaging content that keep employees’ attention while providing them with key takeaways on threat vectors, ways to spot them and best practices for responding if they suspect something is malicious.

     

    The threat landscape evolves rapidly, and so too must our defense strategies. Keeping security top of mind for employees can transform them from a weak link to a first line of defense in the cyber battle.
  2.  

  3. Ransomware will continue because companies continue to pay.
    Research reveals ransomware victims are on track to pay cybercriminals approximately $900 million by the end of the year. Ransomware groups have been very successful in compromising organizations and getting them to pay out handsomely for their efforts. The continued success and payouts are emboldening these groups, and the attacks will continue to increase in 2024.

     

    How to Prepare:
    The first step in preparing for a ransomware attack is shifting your — and company leaders’ — mindset to plan for when, not if, it happens. The worst thing your company can do is be caught off guard when ransomware takes down business systems. Prior to an attack occurring, a well-prepared company will know how many days they can be down without incurring a major business impact; they will have already addressed the tough questions — including “pay or don’t pay;” and they will have put processes and technology in place to remain resilient in the face of an attack.

     

    On this latter point, here are a few best practices to bring to company leaders:

     

    • Develop, document and practice an incident response (IR) plan that specifically deals with ransomware
    • Segment systems to isolate the damage inflicted during the attack, so that portions of the ecosystem are still available to operate the business
    • Implement dedicated backup and recovery systems that are not susceptible to attack
    • Conduct ongoing vulnerability management and patching programs
    • Understand normal traffic patterns and user behaviors, so you can quickly detect anomalies and suspicious activity
  4.  

  5. Supply chain attacks will escalate.
    Supply chain attacks such as Solar Winds and the MOVEit breach were big wins for attackers, especially as exploiting vulnerabilities outside of organizational control can pay dividends. In fact, aside from social engineering threats, supply chain attacks are one of the most prevalent avenues for bad actors to compromise organizations.

     

    High-profile attacks have raised public awareness around securing the supply chain, and vendors and regulatory bodies have responded in kind. For example, several vendors have increased their supply chain security capabilities this year, and adoption of tools to help manage the software supply chain will continue to increase. Additionally, the White House’s National Cybersecurity Strategy holds software developers accountable for vulnerabilities, which will help push further adoption of security tools focused on the software supply chain.

     

    How to Prepare:
    Supply chain risks are two-fold: A company could fall victim to a third-party breach because they’re using software from a vendor that has been attacked, or the company’s own software supply chain could be compromised.

     

    To prevent both incidents from happening, organizations need to combine supply chain security tools on the market with strong processes, including:

     

    • Gaining visibility into the corporate environment to understand which software, code, data, technologies and other assets are coming from third parties
    • Prioritizing their protection based on the level of risk they pose to the business
    • Assessing third-party suppliers and holding them to high security standards
    • Ensuring developers are using open-source, third-party code securely (open-source software supply chain attacks are skyrocketing)
    • Securing the software development process from beginning to end

 

 

Strengthening Security on a Budget

You may be wondering how you can help your company prepare for all these cyber threats at a time when many are struggling to obtain cybersecurity budget. Rather than hindering businesses, however, today’s economic climate gives companies a unique opportunity to focus on technology rationalization, and more companies will turn to this in 2024.

 

Technology rationalization focuses on rationalizing the security tools already in your technology stack to buy down systemic risk and build resilience. With security technology rationalization, organizations can improve visibility into the security stack, detect security gaps, identify tool redundancies and opportunities to integrate, ensure all tool capabilities are being used, save money over time and raise overall security hygiene.

 

Getting more involved in cybersecurity requires an understanding of the threat landscape, the most effective strategies for defending against these threats and figuring out how to do more with less.

 

*This article originally appeared on the NACD BoardTalk blog. Reprinted with permission.

Randy Lariar
Practice Director - Big Data & Analytics | Optiv
Randy leads Optiv’s Big Data and Analytics practice, a part of the Cyber Digital Transformation business unit. He helps large firms to build teams, lead programs, and solve problems at the intersection of technology, data, analytics, operations, and strategy.

Randy leads a cross-functional team of data engineers, data scientists, and cybersecurity professionals who advise and implement value-aligned solutions for large-scale and fast-moving data environments. His clients include top firms managing their cyber-related data as well as organizations seeking to unlock new insights and automations.

Optiv Security: Secure greatness.®

Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to nearly 6,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit www.optiv.com.