Three security data predictions for 2024
How do companies protect their digital environments in a world where everything is growing more complex, quickly – data, customer expectations, cyber threats and more? It’s difficult: Adversaries are adopting and using AI and even generative AI-based technologies against enterprises. Nation-state cyber activity is morphing from attacks and ransomware to espionage and information theft.
In addition, new and updated regulations (think PCI-Data Security Standard 4.0, with which organizations will need to be in full compliance as of March 31, 2025), along with increased scrutiny from the SEC, put a strain on governance, risk and compliance teams to manage an organization’s security, risk and compliance posture.
At the end of the day, security teams’ jobs are to answer questions posed by regulators, auditors, the board, and the CISO, about risks, attacks, and compliance status. For example, does the organization have endpoint detection and response agents deployed on all endpoints and if there are gaps, where are they? Or, how long has a hacker been on a network, and what data did they take? Or, what is the origin of an attack? And so on and so forth. From GRC analysts to threat hunters, security groups often are scrambling to collect and make sense of siloed security data so they understand what they’re up against.
With these realities in mind, I’ve got three predictions for 2024 that I hope will inspire security data decision-makers in the right direction.
1. Big data insights won’t be just for data scientists anymore.
The ability to extract meaningful business insights from big data has largely been the domain of the highly specialized data scientist. But, as in cybersecurity, these experts are rather few and far between, and more and more teams are placing demands on this finite resource.
In the coming year, we’ll see changes that accelerate the ability of security teams to join and digest large amounts of data in more accessible ways. Data fabric platforms, data security posture management (DSPM), and data science and machine language (DSML) platforms are changing the game, unifying and simplifying access to enterprise security data.
The more user-friendly interfaces of these platforms give more people on more teams the ability to see and act on threats or other challenges to the business. The democratization of data comes none too soon, as advancements in AI are making it easier for bad actors to infiltrate. With more eyes watching and able to take protective action, enterprises have a real shot at staying ahead of threats.
2. Cybersecurity teams will make the jump into data lakes to wrangle siloed data sets and decrease security data storage costs.
It’s been the lament of cybersecurity teams for years: All those security tools are producing a ton of great data, but it’s difficult to combine that data quickly and easily to find and take action on threats.
Security information and event management (SIEM) solutions help, but they’re expensive and limited by storage and ease of access. In 2024, cloud-based data lakes will beckon, and security leaders will look from beyond their pond to see if they can obtain a little of that beach-front property being used by their colleagues on the IT, data, finance, HR or other teams.
Data lakes for security – or security data lakes – will go mainstream, providing a much better option for bringing together and storing all that siloed security data while enhancing scalability and accessibility for data sharing across teams. The result will be vastly improved cybersecurity through faster threat detection and mitigation, and better adherence to compliance mandates.
3. 2024 will be the year that governance, risk and compliance is profoundly transformed by continuous controls monitoring.
Governance, risk and compliance (GRC) teams are going to finally catch a break with the broader adoption and use of nascent continuous controls monitoring (CCM) technologies.
At the mercy of mostly manual processes and tools like Excel and PowerPoint to keep track of compliance gaps and issues, GRC teams—especially in large organizations—have been challenged to keep up to date with their organization’s security, risk and compliance posture.
GRC professionals will be the key drivers behind the rapid adoption and use of CCM, and they’ll be able to track and manage adherence to compliance in near real-time. Moreover, they’ll look to data fabrics and data lakes to power their CCM reports, as these technologies facilitate data lineage, which is helpful for consistency of reporting at audit time. As a result, we’ll hear about dramatic reductions in compliance fines and penalties being levied against large organizations, and we’ll start to see cyber insurance carriers mandate the use of CCM to obtain or renew insurance.
While 2024 may be the year of “regulatory risk” for many GRC and compliance teams, it will not be those among them who have embraced the use of a CCM solution.
Predictions are, of course, forecasts of things that may happen, but I do hope mine come to fruition! If they do, organizations should be better able to protect their digital environments and achieve year-round compliance.
Data fabric platforms, security data lakes and continuous controls monitoring can ease the burden on both security and GRC teams by giving them the deep, actionable insights they need to thwart bad actors and stay compliant.