December 7, 2023 at 03:52PM
In their podcast, Trend Micro’s Greg Young and William Malik reviewed 2023’s cybersecurity trends, revealing overestimations in AI threat predictions and blockchain utility in security. They discussed the prevalent issues of tool sprawl and skills shortage, noting organizations’ roles in employee cyber-awareness and calling for joint efforts in workforce development. AI advanced despite limited regulations, while cybersecurity consolidation emerged as an operational simplifier and potential trend for 2024.
Clear Takeaways from Meeting Notes: 2023 Review of Cybersecurity Trends
1. AI Misconceptions Corrected:
– AI was anticipated to enable cybercriminals to create sophisticated threats; this was not observed in 2023.
– Limitations of generative AI were noted; it does not truly create but synthesizes from existing data.
– AI still improved phishing attacks and other cyber-attacks but did not fulfill the most dire predictions.
2. Regulatory Discussions on AI:
– There was considerable discussion about AI regulation, but little substantive action.
– President Biden issued an Executive Order related to AI security and privacy, yet the industry primarily followed its own standards.
– Ongoing concerns about AI regulation lagging behind tech advancements into 2024.
3. Blockchain’s Limited Role:
– Blockchain’s application remained primarily in securing high-value transactions, not widespread cybersecurity usage.
– Its usage is financially justifiable mostly in digital currency security due to costs and energy demands.
4. Tool Sprawl Issues Persist:
– Organizations still struggle with tool sprawl (20 to 50 cybersecurity solutions), causing management difficulties and inefficiency.
– Awareness of the need for cybersecurity consolidation is growing, which could lead to reduced complexity and a more streamlined approach.
5. Rethinking the Human Factor:
– The notion of humans as the cybersecurity weak link is shifting; instead, a lack of proper cyber-awareness and training is to blame.
– Empowering and educating individuals is crucial, as is creating a safe space for reporting cybersecurity mistakes.
6. Cybersecurity Skills Gap:
– Companies still face challenges filling an estimated 3.5 million cybersecurity positions.
– Job listings often seek unrealistic qualifications, hindering the hiring process.
– Cross-training and specific role-focused hiring are advised, broadening the skills of the workforce.
7. Need for Collaborative Workforce Development:
– Industry, government, and academia must align better to address the skills gap effectively.
– Educational institutions require a closer connection to industry demands to better prepare students for the job market.
8. Implications for 2024:
– Continued focus on cybersecurity awareness training.
– Emphasis on cybersecurity consolidation to address skills gaps and operational improvements.
– Expectations that automation and generative AI will support consolidation efforts.
– Blockchain likely to remain confined to specialized roles such as cryptocurrency.
9. Further Resources for Cybersecurity Trends:
– Real Cybersecurity Podcast Episode 71 with Greg Young and William Malik for more insights.
– Trend Micro’s 2024 security predictions for a scalable approach to cybersecurity.
Authors:
– Greg Young, VP of Cybersecurity at Trend Micro
– William Malik, VP of Infrastructure Strategies at Trend Micro