2023 Predictions
By Anurag Gurtu, Chief Product Officer at Strike Ready
In 2022, the global average total breach cost surpassed $4.35M, and nearly two-thirds of organizations experienced more than one breach. As a result, CISOs are adopting various security strategies in 2023 that revolve around a human-centered approach to risk management. This theme will likely intersect with the trends below.
Role consolidation accelerates burnout.
Economic shifts and the global recession force companies to adapt, resulting in workforce reductions and restructuring. Moreover, with an ever-increasing threat landscape, cybersecurity teams, including security operations teams, are overwhelmed with work. Furthermore, resource consolidation leads to personnel wearing multiple hats, which contributes to accelerated burnout.
Voice assistance, mobile apps, and chat are modern norms
When millennials enter the workforce, they expect consistent forms of interaction that they are used to with consumer-centric apps. This need has translated into evolving product requirements such as making enterprise applications available on the mobile platform, supporting interaction with these applications using voice and text, and embedding capabilities such as virtual assistants. For the existing workforce, however, traditional access is still a necessity, including GUI and console access.
Rise of Generative AI
Investment firms are doubling down to invest in Generative AI. This AI includes technologies such as Deepfake detection, text-to-speech conversion across multiple languages, audio transcription, personalized support chatbots, and more. The ever-popular ChatGPT, Midjourney, and others have further accelerated this trend. However, it does not stop there. In an advanced form of Generative AI, users can interact with an AI bi-directionally. When applied to cybersecurity, an analyst asks a question about a threat; AI can answer this question and look for similar threats and help resolve them.
Closing thoughts
Empowering the millennial workforce in cybersecurity will be crucial to the success of CISOs in these challenging times. While security evolution coupled with technological advancement can help make cybersecurity very accessible, this creates a cautionary tale as these advancements will open a new class of ‘non-technical’ cyber attackers to take advantage of, e.g., the use of Generative AI to generate novel malware. Finally, the various governing bodies, such as the NIST AI Risk Management framework and the EU’s AI Act, will help shape the success of AI. Personally, I’m looking forward to relaying voice instructions to my mobile device to assess my organization’s security posture against an emerging threat and create a response to it without lifting a finger.
About the Author
Anurag Gurtu is Chief Product Officer of StrikeReady. He has over 18 years of cybersecurity experience in product management, marketing, go-to-market, professional services and software development. For the past seven years, Gurtu has been deeply involved in various domains of AI, such as Natural Language Understanding/Generation and Machine Learning (Supervised/Unsupervised), which has helped him distill reality from fallacy and the resulting confusion that exists in cybersecurity with real-world applicability of this technology. Gurtu was fortunate enough to have experienced three company acquisitions (by Splunk, Tripwire and Sun Microsystems) and an early-stage startup that went public (FireEye). Gurtu holds an M.S. degree in Computer Networks from the University of Southern California and numerous cybersecurity certifications, including CISSP, CCNP Security and more.
Anurag can be reached online at LinkedIn and at our company website http://www.strikeready.co.