EXECUTIVE SUMMARY:

The cyber security landscape is transforming at an exciting, yet sometimes unnerving pace. As the landscape becomes both broad and nuanced, modern CISOs must now sift through a staggering amount of information.

Separate the signal from the noise. Prepare for the year ahead with predictions from five of Check Point’s global CISOs.

An expert-informed preview of trends and threats enables you to proactively implement risk mitigation measures, helping you stay one step ahead of cyber criminals.

Get valuable insights. Prepare for the possibilities. Discover focused analyses that can assist you with planning, prioritizing and better protecting your organization than ever before.

Foundational discussion points

In 2024, the themes that will take the spotlight include board and C-level cyber security management, cyber security controls, ransomware, artificial intelligence and breach litigation. In the sections below, each one of our experts delves into a different theme:

Vivek Gullapalli: Global CISO, APAC, Check Point

Vivek Gullapalli, Global CISO, APAC, Check PointThe board will require higher levels of confidence in cyber security and business continuity

Boards and CEOs will demand confidence in cyber security. They’ll expect business continuity throughout and in the wake of a cyber attack.

Boards and C-level management will also want to ensure that cyber security investments deliver. Next year, as a cyber security leader, dig into the ROI on your initiatives and tools. Ensure that stakeholders truly see the value of your SOC and your work.

Beyond that, the digital world is highly interconnected; with the seemingly singular exception of cyber security, which remains locked in isolation. Bridging this gap will be critical to business success.

Marco Eggerling: Global CISO, EMEA, Check Point

Marco Eggerling_Field CISO EMEAOrganizations will give cyber security controls a much greater focus

Previously, organizations have taken a piece-meal approach to implementing cyber security controls, which is inefficient. The average SMB runs 20 different point solutions, while the average mid-sized enterprise manages 60 point solutions, and the average multi-national relies on 100 point solutions or more.

However, if organizations reduce the number of security controls, as through consolidation, they’re liable to see increased levels of cyber resilience. In 2024, it’s likely that organizations will pay more attention to security controls, as current systems are often unsustainable.

Ultimately, this will reduce complexity and enhance abilities to withstand any type of cyber threat.

Jonathan Fischbein: Global CISO, EMEA, Check Point

Jony Fischbein, Global CISO, Check PointRansomware will continue and become highly evasive

Ransomware attacks will increase. They will also continue to impact organizations of all sizes, extorting millions of dollars from victims. Most notably, the threats will become increasingly evasive.

While enterprises are adopting a lot of security tools, they’re often not enough, as oftentimes, they’re not interoperable.

Many security professionals erroneously believe that a ransomware attack won’t happen to their organization, and so they don’t take adequate action. What organizations really need are better prevention and detection tools.

It’s very important that organizations take a holistic approach to ransomware and develop a strategy for mitigation. And it’s not enough to just have solutions that ward off ransomware…

Pete Nicoletti: Global CISO, Americas, Check Point

Pete Nicoletti, Field CISO, Americas, Check PointAI-based tools will be used by cyber criminals to steal financial resources

Something that Check Point Research has just begun to point out is that criminals are using unregistered and unguarded AI tools and engines for nefarious purposes. Those tools aren’t subject to laws and regulations.

Cyber security professionals are liable to see what could be termed ‘ghost guns’ or ‘unserialized weapons’ used in the AI fight. Check Point’s ThreatCloud and other power-packed products help mitigate this issue, but in the future, more will need to be done to address it.

Deryck Mitchelson: Global CISO, EMEA, Check Point

Deryck Mitchelson Field CISO EMEAOrganizations will continue to see a surge in cyber attacks and data breaches, resulting in an explosion of class action lawsuits and litigation that could negatively affect CISOs

Litigation is becoming increasingly common. There’s no doubt about it. Many major enterprises have experienced breaches and paid out significant sums of money on the back of them.

The issue won’t solely affect larger organizations. Smaller organizations will be affected as well and will likely pay out millions in order to satisfy shareholders and individuals who have been breached.

This increase in data breach class actions is really concerning. There’s been a two-fold increase in them from 2022 to 2023.

Further, recent survey results show that 62% of CISOs are concerned about their personal liability when it comes to breaches. What’s driving this? The first item is the Uber case, where the Uber CISO was found guilty…

These predictions are intended to support organizations in enhancing their planning, prioritization and security protection in 2024. For the full suite of predictions, please click here.

Wishing everyone a safe and secure new year.