January 31, 2023
If you missed the first part of our series (What will be the top cybersecurity threats in 2023?) we highly recommend you go check it out here.
״First and foremost is the rise of zero trust policies. Due to the rapid erosion of network perimeters and the rise of compromised credentials as the entry point for intrusions, the adoption of zero trust architectures will continue to gain steam in 2023. Many CISOs have already embarked upon this journey by creating a zero-trust strategy and initiating its execution.
Second is the adoption of security capabilities delivered as a service. The implementation and maintenance of perpetually licensed on premises security solutions has run its course. CISOs need the rapid time to value provided by security capabilities delivered as a service and the market has answered that demand. These services will accelerate in 2023 and the market will be an important driver of value in cyber security markets.
The last trend worth being on the lookout for is the shortage of cybersecurity talent. This shortage will become even more acute in 2023. With more open positions than candidates, for CISOs who are not thinking creatively when it comes to sourcing and retaining cyber security professionals, 2023 will be another year of productivity-sapping talent churn.״
״Security teams will be much more data driven. In a way, data will perform the functions of the middle managers in security apparatuses--positions that are largely no longer existent.
This means there’s going to be higher demand for tools and platforms to help cyber security manage their data. So I think it's gonna be interesting from the standpoint of teams needing to understand and manage their data even more.
This goes not only for identifying threat patterns and specific risks, but also for figuring out how to allocate resources. CISOs understand they need metrics for figuring out which investments are necessary and will contribute to their efficacy and which ones won't. Data is going to play the key role in delivering that clarity and we’re going to see this trend accelerate even more in 2023.״
״We’re seeing an important shift in how security professionals view cyber threats as a phenomenon.
Cyber crime is now being monitored through the lens of a global service ecosystem that continues to aggrandize around the world. It's an amazing ecosystem that’s shown incredible resilience over the past number of years and it doesn't show any signs of attenuating in any regard. Ultimately, this will draw more talent into these criminal organizations and this is definitely something we need to keep an eye out for.
The second big trend we’re going to see over the next 12 months is standardization in cyber regulations. There’s a consensus now that companies can’t shrug their security responsibilities. Doing so hurts their customers and indeed the entire data sphere as a whole. We’re going to see more requirements applying to all companies so that everyone can abide by a determined baseline. This will, in turn, mean higher enforcement frequency by regulators in the form of fines. This will be especially true in the United States, a country that until now has been lagging behind in data regulation, but recently is experiencing a surge of state level laws.״
February 15, 2024
Combining traditional cyber risk methods with CRQ turns ambiguity into actionable data for CISOs, driving informed decision-making.
February 12, 2024
Risk Progression feature empowers CISOs and CRQ users to inspect and understand the changes in their cyber risk over time.