Top 12 Cybersecurity Topics in 2024 - Part 2 of 4
Here are the key topics Cyber & IT leaders are going to need to focus on in 2024 to ensure their organization is operating at it's full potential, and not susceptible to outages & hacks.
Let's dive into what you need to know & do for 2024.
Resilience - Cyber & IT!
Your organization needs to be cyber-resilient. This means having resilient systems to protecting your organization from attack and compartmentalizing when an attack occurs. The journey to zero trust should be universal by now and it should be on your radar. How deep, how fast, and how much is implemented is highly dependent upon available resources (budget, people, technology), but is a great north star. You should be using this to drive cyber resilience into your organization. This doesn't have to be an all or nothing. Zero trust is a journey.
IT systems also need to be resilient via failover systems. When an attack (cyber, geological, political or otherwise) does impact your organization, systems need to be ready to fail over and maintain business continuity. Backup systems don't have to be perfect and be able to take the full load of the production systems, but even a partial capability will prevent operations from ceasing or worse yet causing your organization to “go paper”. This is really where you as a leader need to get creative thinking about:
- What happens if I pull this plug
- What if this vendor disappears
- What if these people are unable to work
- What happens if I need to shutdown an entire data center and bring it back up again
It’s also one of my favorite Table Top Exercise / Wargame scenario builders to think of what might be improbable, but plausible to happen to an organization. If your company depends on IT, then it should ensure that IT is going to be capable to withstand some trauma of its own.
Cyber Maturity - As a Service
We are entering the days of maturity being broadly available (for purchase). Even if you lack the internal resources to handle cybersecurity, or in the rare cases cybersecurity isn’t your organization’s primary differentiator; not having answers, solutions or resources is no longer an impediment to being cybersecure. Yes, it can be challenging to identify existing necessary talent within a organization, especially if the business’ focus lies elsewhere. But with MSSP and MDR providers doing an increasingly better job at protection, detection and some recovery, now is the time to consider outsourcing this function to a specialist organization while maintaining an on-site presence to keep feet on the ground / hands on keyboards solutions to outsourced solutions as needed.
Finding, properly utilizing, and setting expectations of your MSSP/MDR is critical and may require a few months or several years to codify the right communication paths and goals. Anticipate a journey here as well.
Everything should be the Known-Known
Knowing everything within your realm of responsibility is key. The industry has done a lot to enable the discovery of shadow IT locally and in the cloud now that we are following the money; however, it’s still happening. Whether or not the CISO/CIO/CTO is aware is immaterial—should any part of your cloud instances or infrastructure be attacked or become compromised, the CISO/CIO/CTO is ultimately responsible. Leaders need to be on the lookout for technologies that lurk around your network and devices you may not know about.
Combine new oversight with improved integrations with vulnerability management systems and 2024 is the year to know everything you are responsible for. Patch, upgrade, protect or (plan to) deprecate things to ensure they aren’t the weakest link. Don’t forget cloud and SAAS solutions. If they are outputting logs, it is incumbent that you collect and analyze them. Unless regulations require it, don’t even start off with long term storage. You’ll find MORE than enough in the day to day logs to go track down of things that aren’t operating properly. You’ll also realize how understaffed you are.
Summary of Part 2
It's time that we really look at our infrastructure to know what is there, how to maintain it and what we are responsible to protect. If you can't get the internal resources to accomplish these tasks, it's time to outsource and ensure you aren't the weakest link and easiest to breach
If you missed part 1, no worries, it's right here!