Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

Refocusing on Cybersecurity Essentials in 2024: A Critical Review

By supplementing traditional perimeter defense mechanisms with principles of data integrity, identity management, and risk-based prioritization, organizations can reduce their exposure to data breaches.

As we enter 2024, it is a good time to reflect on the cybersecurity landscape of the past year. The insights gained from the preceeding 12 months can guide us in charting a course to mitigate the risk of falling victim to data breaches in the upcoming year. In 2023, ransomware attacks, exemplified by incidents like LockBit 3.0, ESXiArgs, and industrial organization attacks, maintained their status as the top cyber threats, becoming the leading cause of cyber insurance claims. In addition, zero-day vulnerabilities in supply chains (e.g., MOVEit, Barracuda Email Security Gateway Appliances, Trend Micro Apex One, Cisco IOS XE) along with third-party cloud threats (e.g., Microsoft Cloud email breach), posed new challenges. Given the scale and sophistication of these attacks, organizations must reassess their cybersecurity strategies to curb their exposure to cyber threats in 2024.

According to Gartner, worldwide information security and risk management end user spending is projected to reach $212 billion in 2024, marking a 14% increase from the 2023 expenditure of $186 billion. However, the continuous rise in security incidents raises concerns about the effectiveness of these investments. A post-mortem analysis of data breaches in 2023 reveals that many of these significant breaches can be attributed to a longstanding failure to implement basic cybersecurity measures, such as multi-factor authentication, misuse of existing security tools for addressing known vulnerabilities, and a lack of security measures to protect sensitive data.

Rather than allocating security investments to fortify traditional perimeter defenses, which can be a losing battle, organizations need to refocus on the essentials of cybersecurity. By doing so, they can enhance their security posture and minimize exposure to data breaches. Concentrating on the following three areas will yield great return on security investments in 2024

Data Integrity

Data stands as the primary target for attackers, making its protection crucial in preventing network breaches. Unfortunately, data is often left unsecured, as evidenced by numerous instances of “data breach and unencrypted data” in a quick web search. To ensure data integrity, organizations should classify data into categories reflecting the business need to protect them, such as “public”, “internal use”, “confidential”, and “top secret”. While manual efforts often impede data classification, modern cyber risk management systems with dynamic grouping capabilities can automate the realignment of data classifications.

The classification will dictate which data should be encrypted, especially personal identifiable information (PII). Recent innovations in encryption technology have overcome previous performance and deployment obstacles. Organizations should prioritize developing well-documented encryption policies to protect sensitive data wherever it resides and however it is transmitted.

Identity Management

Access control is often the weak link in cybersecurity programs, requiring practitioners to balance data availability with measures preventing unauthorized usage. Hackers frequently target privileged users, as their accounts offer a gateway to the entire network. Therefore, strict enforcement of well-defined access control policies and continuous monitoring of access paths are vital for the success of data integrity initiatives.

Adopting a Zero Trust model, operationalizing the “never trust, always verify” principle, should be part of a modern identity management approach. In this model, there is no default trust for any entity, including users, devices, applications, and packets.

Advertisement. Scroll to continue reading.

Risk-Based Prioritization

Effective prioritization of vulnerabilities and incidents is crucial for staying ahead of attackers. While security monitoring generates significant data, its raw form remains only a means to an end. Information security decision-making should be based on prioritized, actionable insights derived from correlating internal security data with business criticality and external threat intelligence. Without a risk-based approach, organizations are in danger of allocating valuable IT resources to mitigate vulnerabilities that pose little or no threat to the business.

Conclusion

Achieving 100 percent protection in cybersecurity is unattainable. However, by supplementing traditional perimeter defense mechanisms with principles of data integrity, identity management, and risk-based prioritization, organizations can significantly reduce their exposure to data breaches in 2024.

Written By

Dr. Torsten George is an internationally recognized IT security expert, author, and speaker with nearly 30 years of experience in the global IT security community. He regularly provides commentary and publishes articles on data breaches, insider threats, compliance frameworks, and IT security best practices. He is also the co-author of the Zero Trust Privilege for Dummies book. Torsten has held executive level positions with Absolute Software, Centrify (now Delinea), RiskSense (acquired by Ivanti), RiskVision (acquired by Resolver, Inc.), ActivIdentity (acquired by HID® Global), Digital Link, and Everdream Corporation (acquired by Dell).

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...