Episode 17 - New Year, Same Challenges
There's lots of uncertainty everywhere - everything kind of sucks - can we give people hope? Are there some contrarian themes for 2024?
Notes:
Notable issues of 2023 that we saw:
MGM Breach – Set the continuation of Okta being abused
MOVEit Vulnerability – Software used by thousands leaving them vulnerable
https://www.theverge.com/23892245/moveit-cyberattacks-clop-ransomware-government-business
Top breaches of 2023 – most have passed audits, compliance != secure
https://www.electric.ai/blog/recent-big-company-data-breaches
Splunk CISO report: https://www.splunk.com/en_us/campaigns/ciso-report.html
All of these highlight a breakdown of their processes and feedback loops. Know you core 3-5 essential processes and perfect them before moving on to new capabilities
What others are saying for 2024
Ransomware will be more advanced
Container less malware and attacks
Rise in AI threats and defenses
BOLD Claim of 2024 –
What’s holding you back from achieving your vision of security is not what you don’t have:
lack of talent or resources
open projects
backlog of tasks
technology wish list
What’s holding you back is how you use what you have.
So what should you do?
Take what you have => get it to 100%
Create evidence that you know the way
Break the wretched loop you may be stuck in, stop, look around, pick a single impactful change and make it happen -> check out the podcast episodes 15 and 16 on building processes in cybersecurity
Let’s make 2024 the year we took back control of our battlefield and outcomes!