Four trends to top the CISO’s packed agenda

Sponsored Post Ever get nostalgic for the good old days of cybersecurity protection? When attacks were for the most part amateurish and infrequent, and perhaps more in the nature of an occasional nuisance rather than a daily existential threat?

Sadly, the era of the teenage miscreant creating malware in their bedroom is long gone. Today's CISO has to contend with the professionalisation of cybercrime, where enterprise-grade resources and tactics are put into attacks that can disable a business overnight. Crimeware-as-a-service platforms have commoditised market entry for the aspiring digital wrongdoer.

Potential catastrophe demands round the clock vigilance and the fullest possible preparedness. But where should the CISO be focussing for best effect? The good people at SANS, purveyors of cybersecurity training and certification, have identified four important trends that it believes merit the special attention of the busy security leader. The SANS CISO Primer delves into the following:

Generative AI: There's no doubt that AI is changing the world in profound ways. Generative AI in particular is both something that the CISO must embrace and also guard against as a tool in the hands of the bad guys. Ways must be found to deploy AI in defending the ever more complex perimeter of today's organisations, while repelling AI-driven attacks. The SANS CISO Primer examines best practices that the CISO should adopt to be as prepared as possible for an uncertain AI-dominated future.

Zero trust: This is not a new cyber subject for the CISO, but it has never been more relevant. Past zero trust implementations have sometimes limited an organisation's agility but done correctly it has the power to greatly reduce the time it takes to detect a network breach, as well as limit the ability of an attacker to progress laterally through an organisation's systems once inside the perimeter. This section of the primer looks at the changes needed in system architectures to make zero trust effective and offers advice on its implementation.

Cloud security: How come we are still talking about cloud security when moving workloads to cloud platforms has been going on for 15 years or so? Well, cloud-based data has never seemed so vulnerable and everyday security technologies and techniques don't seem enough to protect it. Specialised expertise is called for. SANS invites CISOs to embrace the power of cloud security training and offers several useful tips for adopting the best possible cloud security posture.

Cybersecurity complexity: Nobody ever said that good security came easy. But when did it get this complex? The CISO must deal with attackers who are scaling their ever more deadly capabilities to greater heights. They have at their disposal a rich array of tools and tactics. But this comes with its own challenges, not least the shortage of experienced professionals to make it work. SANS looks at best practices for reducing complexity and maximising security's effectiveness.

Don't miss out on this actionable guidance. Head here to The SANS CISO Primer for tips on helping organisations to boost their security postures and source the tools they need to align with 2024's top trends.

Sponsored by SANS.